SoK: Transparent Dishonesty: Front-Running Attacks on Blockchain

We consider front-running to be a course of action where an entity benefits from prior access to privileged market information about upcoming transactions and trades. Front-running has been an issue in financial instrument markets since the 1970s. With the advent of the blockchain technology, front-running has resurfaced in new forms we explore here, instigated by blockchains decentralized and transparent nature. In this paper, we draw from a scattered body of knowledge and instances of front-running across the top 25 most active decentral applications (DApps) deployed on Ethereum blockchain. Additionally, we carry out a detailed analysis of this http URL initial coin offering (ICO) and show evidence of abnormal miners behavior indicative of front-running token purchases. Finally, we map the proposed solutions to front-running into useful categories.

[1]  Foreign Commerce Report of the Special Study of the Options Markets to the Securities and Exchange Commission , 1979 .

[2]  J. Markham 'Front-Running' - Insider Trading Under the Commodity Exchange Act , 1988 .

[3]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[4]  R. Radner,et al.  The Sealed-Bid Mechanism: An Experimental Study* , 1989 .

[5]  Donald Beaver,et al.  Cryptographic Protocols Provably Secure Against Dynamic Adversaries , 1992, EUROCRYPT.

[6]  Kevin Barraclough,et al.  I and i , 2001, BMJ : British Medical Journal.

[7]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[8]  Ingrid M. Werner,et al.  Diving Into Dark Pools , 2011, Financial Management.

[9]  W. Marsden I and J , 2012 .

[10]  Ghassan O. Karame,et al.  Double-spending fast payments in bitcoin , 2012, CCS.

[11]  Haoxiang Zhu Do Dark Pools Harm Price Discovery? , 2013 .

[12]  Matthew Green,et al.  Zerocoin: Anonymous Distributed E-Cash from Bitcoin , 2013, 2013 IEEE Symposium on Security and Privacy.

[13]  Christian Decker,et al.  Have a snack, pay with Bitcoins , 2013, IEEE P2P 2013 Proceedings.

[14]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[15]  M. K. Bhasin Do Dark Pools Harm Price Discovery , 2014 .

[16]  Joshua A. Kroll,et al.  On Decentralizing Prediction Markets and Order Books , 2014 .

[17]  Joshua A. Kroll,et al.  Why buy when you can rent ? Bribery attacks on Bitcoin consensus , 2015 .

[18]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[19]  Arvind Narayanan,et al.  An Empirical Study of Namecoin and Lessons for Decentralized Namespace Design , 2015, WEIS.

[20]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[21]  Shen Noether,et al.  Ring SIgnature Confidential Transactions for Monero , 2015, IACR Cryptol. ePrint Arch..

[22]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[23]  A. Park,et al.  Market Design with Blockchain Technology , 2016 .

[24]  Joseph Bonneau,et al.  Why Buy When You Can Rent? - Bribery Attacks on Bitcoin-Style Consensus , 2016, Financial Cryptography Workshops.

[25]  Feng Hao,et al.  A Smart Contract for Boardroom Voting with Maximum Voter Privacy , 2017, IACR Cryptol. ePrint Arch..

[26]  Cécile Pierrot,et al.  Malleability of the blockchain’s entropy , 2016, Cryptography and Communications.

[27]  Ari Juels,et al.  Enter the Hydra: Towards Principled Bug Bounties and Exploit-Resistant Smart Contracts , 2018, IACR Cryptol. ePrint Arch..

[28]  R. Sarpong,et al.  Bio-inspired synthesis of xishacorenes A, B, and C, and a new congener from fuscol† †Electronic supplementary information (ESI) available. See DOI: 10.1039/c9sc02572c , 2019, Chemical science.

[29]  Ethan Heilman,et al.  Low-Resource Eclipse Attacks on Ethereum's Peer-to-Peer Network , 2020, IACR Cryptol. ePrint Arch..

[30]  Sarah Meiklejohn,et al.  Smart contracts for bribing miners , 2018, IACR Cryptol. ePrint Arch..

[31]  Dan Boneh,et al.  Bulletproofs: Short Proofs for Confidential Transactions and More , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[32]  Tom Walther An Optimization Model for Multi-Asset Batch Auctions with Uniform Clearing Prices , 2018, OR.

[33]  Jeremy Clark,et al.  Ghazal: Toward Truly Authoritative Web Certificates Using Ethereum , 2018, Financial Cryptography Workshops.

[34]  Yi Zhou,et al.  Erays: Reverse Engineering Ethereum's Opaque Smart Contracts , 2018, USENIX Security Symposium.

[35]  Ross P. Buckley,et al.  The ICO Gold Rush: It's a Scam, It's a Bubble, It's a Super Challenge for Regulators , 2018 .

[36]  Fan Zhang,et al.  Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contracts , 2018, 2019 IEEE European Symposium on Security and Privacy (EuroS&P).