Secret Markets: Crypto Front Running Prevention for Automated Market Makers (AMMs)

Secret Network
October 8, 2020
Twitter
LinkedIn

Hello Secret Agents!

Today, we’re diving into a very specific and obvious problem faced by centralized and decentralized exchanges: front running.

Frontrunning has existed in traditional finance for decades and is an illegal attack vector that only insiders can exploit. However, due to the public nature of blockchains, frontrunning in crypto happens all the time.

Because users can see transactions and their corresponding gas prices before a block is mined, it’s easy for attackers to submit a transaction with a higher gas price, resulting in their own transactions being mined first.

Front Running & Automated Market Makers (AMMs)

For this post, we’re interested in examining the frontrunning problem in the context of Automated Market Makers (AMMs). This will help explain how Secret Markets (a Secret Uniswap built on Secret Network) will prevent and mitigate front running in crypto.

In 2019, I wrote about preventing front running with private smart contracts, specifically exploring how front running affects decentralized exchanges with open order books, such as 0x.

Preventing DEX Front-running with Enigma
At Enigma, our mission is to ensure adoption and usage of decentralized technologies. We are trying to achieve this mission by bringing privacy and the ability to use sensitive data to blockchains…

These days, almost all of the DeFi volume is on AMMs, where the problem of automated front running by bots is still very real. In fact, Hayden Adams, the creator of Uniswap, introduced the original smart contracts to Vitalik Buterin in this thread about improving the front-running resistance of constant-product market makers!

Improving front running resistance of x*y=k market makers
Two years ago I made a post where I suggested that we could run on-chain decentralized exchanges in a similar way to what Augur and Gnosis were proposing for on-chain market makers (eg. LMSR), and Martin Köppelmann from Gnosis suggested a simple approach for doing so, that I call the “x*y=k market m…

“Blockchains, and specifically smart contracts, have promised to create fair and transparent trading ecosystems. Unfortunately, we show that this promise has not been met. We document and quantify the widespread and rising deployment of arbitrage bots in blockchain systems, specifically in decentralized exchanges. Like high-frequency traders on Wall Street, these bots exploit inefficiencies in decentralized exchanges, paying high transaction fees and optimizing network latency to frontrun, i.e., anticipate and exploit, ordinary users’ trades.”

Flash Boys 2.0: Frontrunning, Transaction Reordering, and Consensus Instability in Decentralized Exchanges
Blockchains, and specifically smart contracts, have promised to create fairand transparent trading ecosystems. Unfortunately, we show that this promise has not been met. We document andquantify the widespread and rising deployment of arbitrage bots in blockchainsystems, specifically in decentra…

Why Frontrunning Happens on AMMs

Front-running attacks on AMM platforms like Uniswap are fairly easy to grasp if you’re familiar with blockchain technology and smart contracts. It’s not really surprising that Bancor experienced a front-running attack soon after going live. Uniswap is no different. However, it’s indirectly providing liquidity for many tokens within Ethereum DeFi.

“While automated market makers have been studied in both theory and practice, “constant function market makers” (CFMMs) have applied a deterministic pricing rule in the context of digital asset exchange, redefined the process of liquidity provisioning for market making, and effectively democratized access to global pools of capital.” – Dmitriy Berenzon

Constant Function Market Makers: DeFi’s “Zero to One” Innovation
In many markets, there may not be enough organic liquidity to support active trade. Market makers are agents that alleviate this problem by facilitating trade that would otherwise not occur in those…

Uniswap Liquidity Mechanism

Uniswap is powered by a constant product formula and implemented in a system of non-upgradeable smart contracts on Ethereum. It removes the need for trusted intermediaries by prioritizing decentralization, censorship resistance, and security.

How Uniswap works | Uniswap
Uniswap is an automated liquidity protocol powered by a constant product formula

Pairs act as automated market makers that are ready to accept one token for the other as long as the “constant product” formula is preserved. This formula, most simply expressed as x * y = k, states that trades must not change the product (k) of a pair’s reserve balances (x and y). Because k remains unchanged from the reference frame of a trade, it’s often referred to as the invariant.

  • When the supply of the underlying token reserve decreases as Alice is buying, the price of the token being purchased increases
  • When the supply of the underlying token reserve increases as Alice is selling, the price of the token being sold decreases

“Because Ethereum transactions occur in an adversarial environment, smart contracts that do not perform safety checks can be exploited for profit. If a smart contract assumes that the current price on Uniswap is a ‘fair’ price without performing safety checks, it is vulnerable to manipulation. For example, a bad actor could easily insert transactions before and after the swap (a ‘sandwich’ attack) causing the smart contract to trade at a much worse price, profit from this at the trader’s expense, and then return the contracts to their original state.”

Basically, given the public nature of many blockchains, attackers can see large buy / sell orders that will change the price significantly. Using this knowledge, Bob can insert transactions in front of Alice’s. In other words: actors who can influence the order in which transactions are included in a block can affect the economic outcome of trades. This poses an obvious challenge to the blockchain industry and cryptocurrency markets. Arbitrage frontrunning bots of this nature cost exchanges and their users millions of dollars (if not more)!

Privacy is necessary for the universe of decentralized finance to grow from billions to trillions of dollars in total value.

Crypto Front Running on Uniswap

According to this recent audit of Uniswap, two strategies for exploitation can be used by anyone who can see unconfirmed transactions and submit their own transactions with carefully chosen gas prices. The Uniswap router includes some features that provide some degree of protection against the first strategy, but no such mitigations exist for the second.

1. Moving the Market Against the Trader

In this variant, an actor inserts trades before and after a target trade before the transaction is confirmed, manipulating the Pair’s price in a way that will result in a profit for the attacker, and a worse price for the trader.

2. Sandwiching Large Trades With Mint and Burn

In this second variant, the attacker watches for large trades, and sandwiches these trades with calls to mint and burn with a very large position relative to the initial size of the pool. By doing so, the attacker is able to extract a sizable proportion of the LP fees for that trade without exposing themselves to the price risk inherent to providing liquidity on Uniswap. Neither the core protocol nor the periphery contracts have guards against this attack…

Mitigations for such attacks include batched offers, commit-reveal bids, and maximum slippage options. However, these mitigations fail to completely address the issue.

“To mitigate frontrunning, Uniswap allows traders to specify a maximum price when placing an order. Therefore, if a miner front runs an order, the user cannot be forced into accepting the worse price. Although they might miss the trade, they won’t suffer from a costlier price. Combined with expiring orders to prevent miners from withholding signed transactions and processing them at a more advantageous price, it’s clear that Uniswap has a very user-first mindset.” — Cooper Turley, formerly of DeFi Rate

How Can Secret Network Help?

Secret Network enables privacy-preserving, “secret” smart contracts with encrypted inputs, outputs, and state. Nobody, including the nodes running and validating the computations, can see any private data processed within secure enclaves. The pool of incoming or unprocessed transactions is a secret.

Upgrade Complete: Secret Contracts are LIVE on Mainnet!
The secret is out! Privacy-preserving smart contracts are now LIVE on Secret Network. Learn about this launch, our exciting initial apps, our new strategic partnership with Hashed, and what comes next as “programmable privacy” comes to public blockchains.

In other words, we have an encrypted mempool. This prevents malicious actors like frontrunning bots from gaining an unfair advantage over honest users by watching the mempool. Therefore, Secret Network is in a great position to create a fairer DeFi ecosystem!

Front-Running Resistant DeFi on Secret Network

As we’ve alluded to earlier, the Secret Network community is developing several building blocks that will create a private and front-running resistant decentralized finance (DeFi) product for the blockchain ecosystem. These building blocks include:

  • The Secret Token standard: ERC-20 like smart contract based token issuance. Secret contracts are encrypted, turning Secret Tokens into privacy tokens
  • The Secret Ethereum Bridge: Lock assets on Ethereum and mint wrapped privacy tokens (ETH ←→ secretETH) on Secret Network
  • A Secret Market AMM built with secret contracts that provides front-running resistance and anonymity to ETH DeFi users

SCRT 2020: Our Secret Vision for Universal Finance
Learn about some of the critical applications being built on Secret Network – and how you can get involved. Help us drive adoption of decentralized finance with security, privacy, and fairness!

When these building blocks are functional, Ethereum and ERC-20 token holders will be able to do the following:

  1. Deposit ETH or ERC-20 tokens and mint corresponding Secret Tokens
  2. Send tokens to other Secret Network participants (transactional privacy),
  3. Swap tokens privately with no need to worry about front running (computational privacy)
  4. Withdraw ETH or ERC-20 tokens and burn secretETH or Secret ERC-20s

The more actions each user takes with secretETH or other Secret Tokens on Secret Network, the more privacy they will get at a lower cost. This creates privacy network effects, meaning programmable privacy is also composable privacy!

Secret Tokens: Programmable Privacy for DeFi
How Secret Network can create network effects for privacy, providing the missing piece for DeFi mass adoption.

So what now? Well, all of these ideas gain power as liquidity on Secret Network increases. We’ve been watching the development of the overall DeFi ecosystem closely and we have some interesting ideas for bringing more activity and more users to Secret Network… so stay tuned. 🤫

To Infinities and Beyond 🛸🛸🛸

To discuss Secret Network and Secret Apps, visit our community channels:
Website | Forum | Twitter | Discord | Telegram