Critical analysis of Flashbots¶
This article is about the Flashbots project (see that post on ethresear.ch for background).
The stated goal of flashbots is to better understand MEV, and make MEV extraction more transparent and accessible.
The long term goal is also to prevent miners fiddling in secret with blocks, and even prevent PoW consensus instability due to miners being incentivized to perform short term reorgs to extract more MEV. These are important concerns and not enough attention has been paid to it.
However, I want to raise awareness about some issues that I’m worried about that I think weren’t publicized enough.
Immediate effects of MEV-Geth¶
With the mev-geth project, the goal is to allow anybody to submit a “bundle” of signed transactions that will be executed in order.
This is to allow extracting MEV from the so-called backrunning/tailgating opportunities, where you try to be as close as possible after your target transaction, in the same block.
This is happening all the time in mainnet as we speak. However, it’s currently a latency war between bots, as they can only try to insert transactions at the right places, with no guarantee.
I want to shine light on two very real things that I think will become mainstream if Flashbots takes off:
Uniswap sandwiching: all users get the worst possible price¶
Sandwiching attacks are a well known attack vector on Uniswap. The idea is to prepend the target transaction with a trade moving the uniswap price to the worst possible value the target transaction will accept, and then put another transaction just after, that will correct the price back, and extract all the slippage the target transaction paid for.
In practice, without Flashbots it’s a very risky thing to do because other bots can slip between your target and your second transaction, and you risk losing money. Only malicious miners could do that risk-free, and I don’t know about any real-world instances of that.
Now, with Flashbots, sandwiching will become accessible to anybody, as you can build a bundle of transactions that will pay the miner only if the whole sandwiching attack worked.
I believe that if Flashbots becomes mainstream, all the interesting uniswap trades will be sandwiched by bots, making sure to extract the most possible MEV, but in effect guaranteeing legitimate users always get the worst possible price they accept.
While this has always been a real risk, and it’s a fundamental flaw in Uniswap, Flashbots makes it trivial to do. And it’s something that will hurt legitimate users.
Goodbye to replace-by-fee¶
Another risk I want to mention is the fact that currently, you can reasonably assume that if you have a pending transaction you can always cancel it by overriding it with another transaction that has a higher gas price.
Say that you sent a transaction to a DEX to execute an order, at a very bad price for you (and you didn’t notice).
Currently, you can override it with another transaction as soon as you notice it, if it wasn’t mined.
There will be a bunch of bot transactions that wanted to try to slip after your transaction to extract a profit, but they cannot make your transaction be mined quickly. Only miners could, and I don’t know about this ever happening.
However, with Flashbots, your transaction will be noticed by bots, and they will mine it very quickly. You won’t have time to cancel it.
And even if you did cancel it, your old transaction is still valid! So it can still be included in a block even though you replaced it. Bots can simply ignore your latest replacement and keep the most juicy transaction for them.
Complexity and transparency¶
Another point I want to make is that Flashbots is supposed to shine light on MEV and make the network more transparent. While true, it’s also adding a whole new layer of complex mechanisms, which makes everything even more muddy.
In practice, if aggressive tactics extracting MEV while hurting end users become mainstream, we can anticipate dapps colluding with miners to send transactions privately to some “dark transaction pool” instead of being broadcasted to the public mempool, so users won’t be hurt by bots (1inch.exchange already developed such a feature).
That seems like an inevitable consequence. This supplemental complexity layer would grow in reaction and everything will be much more contrived and opaque, especially regarding miner operations where everything will happen in backroom deals instead of publicly on the mempool.
Conclusion¶
I feel like this has the potential to make the whole network a lot more adversarial to the user, and much more opaque to the developer.
While this was always technically possible, these attacks mostly remained in the theoretical realm, and I’m curious if it would actually ever become a practical threat, given that big mining pools depend on their reputation, and it will harm them to do things that are clearly hurting end users.
Here, Flashbots builds the tooling that makes it trivial to do, and this has immediate implications for the end user. I feel like this was not discussed enough.
To conclude, while I totally agree on the risks identified by Flashbots, I think more attention should be paid on the new risks the proposed solutions create.