We can’t allow failures of the past to come creeping back into the DeFi future — let’s stop the flash bots dead in their tracks.
Decentralized finance (DeFi) has the opportunity to democratize access to financial markets that have typically only been open to the rich and powerful. But, DeFi will only survive and continue to grow if we take steps to ensure things are safe, private and fair for both retail and institutional investors. When faced with predatory market behaviors such as miner extractable value (MEV) and front-running attacks it opens up old wounds to a “Flash Boys” era of traditional finance.
DeFi can and should do better by not allowing the failures of the past to come creeping back into the future. Fortunately, by implementing cryptographic mechanisms that integrate transactional privacy into public blockchains, information can be proven with things such as an order book without being revealed. This seemingly magical mathematical tactic not only shields transactions from the aforementioned behavior but also allows for auditability, all while still preserving the privacy of individual or institutional accounts. This approach will foster a more accessible DeFi industry and provide a more equitable and liquid market for all.
The boys are back in town
The phrase Flash Boys entered the lexicon after Michael Lewis wrote a very influential book detailing the phenomenon. When we transitioned from the open-outcry trading floor of old Wall Street into a fully electronic trading world, traders immediately started working out new ways to game the system. In short, the earliest tech-savvy brokers used the ultra-fast processing power of modern computer systems to monitor and facilitate high-frequency trades undercutting, or front-running, legitimate incoming trades posted by slower systems. The crypto DeFi equivalent of the Flash Boys is Flash Bots.
Related: Bitcoin’s last security challenge: Simplicity
In crypto, these specialized arbitrage bots will usurp human traders on exchanges by algorithmically predicting their moves and squeezing in their trades before a person can modify their position. These bots also often get priority in the upcoming block validation by paying higher fees that are calculated against the return on the trade. These bots will know in a fraction of a second what trades to make to optimize their profit.
Another phenomenon that enables scenarios like front-running is miner extractable value. MEV is just a fancy new way to describe how miners can extract value by deliberately prioritizing or ordering transactions to their benefit. When the miners are working against the best interests of the blockchain, their ability to use MEV undermines one of the key value propositions of decentralization and that is censorship resistance.
This malicious behavior incentivizes bad actors to come up with and implement numerous predatory actions that can undermine the security of an entire network. Further, most consensus mechanisms fail to punish MEV attacks which, in turn, gives miners the freedom to exploit them.
Related: Is the rise of derivatives trading a risk to retail crypto investors?
On a blockchain native decentralized exchange (DEX), when you combine the presence of Flash Bots together with MEV, the threat and resulting costs for the average human user compounds. If there is ever going to be mainstream adoption of crypto and DeFi, then the market environment needs to become less hostile to retail consumers. Working on cryptographic methods to protect against these types of malicious behaviors is something the industry needs to prioritize.
Rage against the machine
Fortunately, Flash Bot front-running and MEV attacks can be minimized on blockchains and their native DEXs with privacy-centric designs that utilize zero-knowledge proofs (ZKP) to mask transactions without compromising network security. ZKP technology is quickly becoming scalable enough to support such use cases as blind bidding, where the trade transaction is submitted, proven and verified on a DEX without revealing details such as trade size and time. This mechanism prevents a Flash Bot from being able to look up the trade on an order book and instantly front-run it with a better bid or ask.
A similar mechanism can be implemented to prevent MEV as well, but instead, the transaction is submitted, proven and verified on a blockchain without having to reveal its details to miners. This is the magic of ZKP that can be used to allow protocol rules to be implemented that see what (and how) transactions take place through cryptographic proofs. All of this is without revealing more information than is needed to verify the transaction under any existing protocol rules that said transactions must meet.
The ability to share (and prove) information without showing it through the use of ZKP can unlock more mainstream adoption by policing crypto markets from bad actors and safely paving the way for more users. This approach will help the DeFi market grow to unprecedented levels through more safety, security and fairness, without compromising the decentralized nature of the industry.
This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.
Warren Paul Anderson is vice president of product at Discreet Labs, which is developing Findora, a public blockchain with programmable privacy. Previously, Warren led product at Ripple for four and a half years, working on the XRP Ledger, Interledger and PayString protocols, the RippleX platform and RippleNet’s On-Demand Liquidity enterprise product. Prior to Ripple, in 2014 Warren co-founded Hedgy, one of the first DeFi platforms for derivatives using programmable escrowed smart contracts on the Bitcoin blockchain. Warren has two bachelor’s degrees from Northwestern University and did graduate studies at Harvard University.