This is the second article in a three-part series exploring vulnerabilities that place DeFi projects at risk. Click here to read DeFi Security Part 1.

Decentralized Finance (DeFi) projects are a common target of attacks due to the massive value that they hold.  DeFi tokens have a total market cap of over $50 billion, and DeFi hacks have had price tags in the millions.  If an attacker can get away with their ill-gotten gains, then hacking DeFi projects can be very lucrative.

In the previous article in this DeFi Security series, we discussed data security vulnerabilities and their impacts on DeFi projects.  In this article, we’ll explore consensus algorithm security for DeFi.

Adding Blocks to the Ledger

Many attacks against blockchain consensus and the digital ledger take advantage of how transactions are added to the ledger.  Instead of a first-come-first-served approach, most blockchains implement a “pay for priority” approach.

When creating a transaction on the blockchain, a user can send a fee along with that transaction.  These fees go to the producer of the block that ultimately contains that transaction, so block producers have an incentive to prioritize transactions that contain higher transaction fees.

As a result, a blockchain transaction created later may be processed and added to the ledger earlier than another transaction.  Also, the incentive structure around transaction fees can create perverse incentives for block producers.

Abusing Transaction Ordering For Profit

Blockchains’ fee-based transaction ordering provides a means for determining how transactions should be ordered in blocks when transactions may have unreliable timestamps.  However, this design also creates the potential for abuse.  Two of the ways in which blockchain users and nodes can pose a threat to blockchain consensus and ledger immutability are front-running and causing forks to extract maximal extractable value (MEV) from the block creation process.

Front-running

Front-running attacks take advantage of the fact that transaction data is public long before it is added to the ledger.  Blockchain transactions are publicly broadcast via the peer-to-peer network and added to nodes’ mempools for later inclusion in blocks.

Frontrunners, which are often automated bots, scan these unconfirmed transactions for ones that provide an opportunity for profit.  For example, foreknowledge of an upcoming trade could allow a frontrunner to perform a sandwich attack in which they perform a trade before and after the pending trade for a guaranteed profit.

Frontrunning bots are common, and their preying upon other blockchain users makes them unpopular.  Find out about a frontrunning bot getting its comeuppance in the story of the 0xbad bot hack.

Maximal Extractable Value (MEV) and Forking

Blockchain users pay block producers transaction fees to include transactions in their next blocks.  This incentive structure is designed to provide a fair way of ordering tokens within blocks and to allow users to pay to have their transactions prioritized.

In theory, block producers should include the most valuable unconfirmed transactions when they are building new blocks.  In practice, some block producers may take things a step further.

Blockchain immutability is based on the assumption that it is infeasible for someone to build a competing version of the blockchain faster than the rest of the network.  On a mature blockchain, attempting to replace more than a couple of blocks requires more computational power, stake, etc. than is feasible for a node or pool to acquire.

However, rewriting a single block is possible and potentially profitable for some nodes.  If a previously created block contains transactions with high fees, it might be worthwhile for a node to fork the blockchain.  By collecting all of the recent, high-value transactions into a block that they’ve created, the node or pool can make a substantial profit.  If their version of the blockchain wins in the end, then they keep the profits.

This practice hurts the blockchain and its users because it undermines the immutability of the blockchain’s digital ledger.  If DeFi transactions can be reordered by block producers, it erodes trust in the platform and makes it more difficult for traders to profit from their transactions.

Protecting Against Consensus Exploits

Frontrunning and MEV forks exploit the design of the blockchain, but it is possible to take steps to manage the risk that they pose.  DeFi smart contracts can limit the impacts of frontrunning by minimizing transaction order dependence when possible.  Blockchains can protect against MEV forks by penalizing block producers who create frequent forks and reorgs.

Constructing blockchain systems and smart contracts to avoid these types of perverse incentives is difficult and requires careful design.  For help in protecting your DeFi projects against attack, reach out to Halborn’s Web3 security experts at halborn@protonmail.com.

DeFi Security Part 2: Consensus Vulnerabilities
Rob Behnke
10.17.2022