Free and Easy Weekly Review | Fcoin Thunderstorm Apocalypse: DEX and CEX finally have a battle, solving these problems will be the key

Write in front:

"The only lesson that humans have learned from history is that they have not learned anything from history." ——Hegel, German philosopher

MtGox in early 2014, Bitfinex in August 2016, and Fcoin on February 17, 2020 …

These once-centralized exchanges have broken records of losses of more than 10,000 BTC. Some of them have disappeared from the circle, and some have lost their previous status.

We often say, "Not your keys, not your coins", but there are still only a few users who are really willing to master the private key, and more people like to deposit their coins on the exchange.

On the one hand, there are reasons for the inconvenience of private key management, on the other hand, because users have a great demand for transactions, and blockchain-based decentralized exchanges (DEX) are also facing various This kind of problem, which makes CEX who are not blockchains, has become the backbone of the entire cryptocurrency ecosystem.

Take FCoin, which has just officially announced a thunderstorm of 7000-13000 BTC. Although Zhang Jian's lengthy explanation explains the reason for the deficit, the fact is that he cannot take out coins to withdraw money from users.

The so-called centralized exchange (CEX) is a platform responsible for aggregating liquidity, hosting client assets and executing transactions. Each transaction on the platform is reflected as a change in the database of the exchange. Users deposit their own funds into The address of the exchange is actually handing over its funds to the exchange and trusting that it will not happen (including being hacked, running away, misappropriating assets, etc.).

Users' transactions are conducted on the basis of IOUs, and they will not receive the actual delivery of funds until they explicitly withdraw funds from the exchange.

Of course, the advantages of CEX are that the transaction speed is fast, and the transaction fees charged are relatively small, because they are processed centrally and do not involve on-chain transactions on the blockchain. In addition, excellent CEX can also provide a lot of liquidity, fiat currency channels, powerful trading functions, etc. The combination of these factors has made traders stuck on these platforms.

However, improper management or bad intentions will cause the tragedy of CEX losing coins, and the following are examples of centralized exchanges that have lost customers more than 10,000 BTC:


(Picture from: Free and Easy)

Can DEX replace CEX?

To answer this question, this week's academic content, we will talk about the topic of DEX.

In the hardcore technical article selection section, we will also see the content of the V God's Timeliness Detector (TD) proposal, distributed key technology use cases, and Bitcoin Core development contributor guides.

In addition, in the past week, Ethereum has also ushered in many technological advances.

Sealing a business transaction with a handshake (Picture from:

I. The rise of DEX and the problems that need to be solved

So-called decentralized exchanges (DEX), they are decentralized applications (dApps) built on public chain platforms (such as Ethereum), and they use smart contracts to facilitate transactions.

According to incomplete statistics , the number of DEX applications on the market has exceeded 250, and the DEX agreement has exceeded 30. The biggest advantage of DEX over CEX is that the user's assets are stored in their own wallet, which greatly Improved security.

Due to the severe scalability limitations of layer 1 of the blockchain, few DEXs are implemented entirely in a decentralized manner. Most DEXs choose to use a hybrid approach to put non-critical operations off the chain. The key operations are handled on-chain.

The problems that DEX generally face and are easy to understand are as follows:

  1. Poor user experience : Like most dApps, user experience is still one of the biggest challenges faced by DEX, because users need to conduct transactions through a wallet, which involves the management of private keys, and there are also issues such as on-chain settlement delays;
  2. Smart contracts may have vulnerabilities : Many dApps and smart contracts are written through Solidity. Some people think that Solidity has design flaws and lacks verification tools. Therefore, developers may make errors when deploying smart contracts, and malicious attackers can Use these vulnerabilities to harm users' funds;
  3. Cross-chain issues : At present, DEX based on Ethereum only provides ERC-20 or ERC-721 token transactions, and does not involve the exchange of cross-chain funds. Some cross-chain technologies can solve this problem, however, this will usher in more challenges;
  4. DDoS and DNS attacks : In theory, one of the main advantages of running dApps based on blockchain technology is zero downtime. However, the existence of centralized components will prevent dApps from achieving this goal. The more centralized the DEX, the higher the risk of DDoS and DNS attacks. EtherDelta in 2017 is an example of a DNS server attack;
  5. Regulatory issues : When the first DEX appeared, it was thought that one of the benefits of DEX was that it could resist censorship and did not require KYC. However, this has actually brought regulatory issues, for example, the SEC accused Zachary Coburn, former CEO of Etherdelta, in November 2018 of violating the securities exchange law and operating an unregistered stock exchange;
  6. On-chain settlement and cancellation issues : The delay and cost of the Ethereum blockchain poses challenges for using DEX for on-chain settlement and on-chain cancellation;
  7. The problem of insufficient liquidity : DEX liquidity is currently generally insufficient. Traders are attracted by the platform that provides liquidity, but the platform requires traders to gather to provide liquidity. This is a chicken-and-egg problem. Of course, this is related to the fact that the current DEX is still in its infancy, and if DEX solves the challenges outlined above, liquidity may increase;

Well, the above are the common problems that DEX people face, and they are easier to understand. (Refer to DEX research report from circle)

But is this just the problem? Of course not. In fact, there are other challenges. This is what this article will focus on. Here are recommended researchers from Cornell Tech, UIUC University, CMU University, and ETH Zurich (Philip Daian Et al.), " Flash Boys 2.0: Pre-Trading, Deal Reordering, and Consensus Instability in DEX. "

Link to the original paper:

In this work, researchers explain how DEX design flaws threaten potential blockchain security, and they also study a community of arbitrage robots that take advantage of DEX flaws.

Studies have found that these robots exhibit many market behaviors similar to those revealed by Michael Lewis, such as pre-trading, aggressive delay optimization, etc., which are common on Wall Street.

The main concerns of this research are:

  1. Pure income opportunities : represents a specific sub-category of a wide range of DEX arbitrage activities. These are atomic blockchain transactions issued through smart contracts, and they can profit unconditionally in each transaction;
  2. Priority gas auction (PGA) : As pure income opportunities provide unconditional income, arbitrage robots often compete with each other through auction transaction fees (gas). The research has formalized the robot's PGA behavior and observed a cooperative equilibrium;
  3. Miner extractable value (MEV) : The research introduces the concept of MEV, that is, the value that a miner can directly extract from a smart contract as a profit. A special source of MEV is sorting optimization (OO) fees, which are generated by miners controlling the ordering of transactions in a specific epoch period. Priority gas auctions (PGA) and pure revenue opportunities are one source of sorting optimization (OO) fees Studies have shown that MEV will cause vulnerabilities in the consensus layer of the system;
  4. Cost-based fork attacks : Research shows that sort optimization (OO) fees may motivate miners to launch fork attacks;
  5. Time Thief Attack : Research shows that high MEVs will trigger new attacks in which miners rewrite the history of the blockchain and steal funds allocated by smart contracts in the past. This type of attack is called a Time Thief Attack, and Researchers through experiments believe that the MEV of pure income profits and PGA robot fees is sufficient to pose a threat of time theft to today's Ethereum;

1.1 Examples of risk-free arbitrage using DEX

In this section, we will dive into specific examples of advance trading, arbitrage, and high-frequency automated trading at DEX. This specific example will provide the background for our next discussion. The study will model this market and discuss its impact on the security of the underlying smart contract system.

The first thing we need to know is that price difference, a source of potential profit, seems to be inherent in environments such as smart contract trading.

Today, transactions processed by the blockchain are processed in discrete batches (in the form of blocks). Furthermore, transactions are inherently interdependent, so they are continuous: Order failures depend on past order attempts, and in some cases On exchanges, prices depend directly on order history. When multiple exchanges are running on the same system, when transactions within a block are executed sequentially, price differences may occur between exchanges.

Because the transaction processing based on atomic batch processing, and the transaction itself can be initiated by smart contracts, people can build robots that trade across exchanges through proxy contracts.

These agent contracts can execute a batch of orders in a single transaction, and if any transaction in the batch fails, the previous transaction is restored by raising an exception. This means that arbitrageurs have the opportunity to form a single transaction and are an all-or-nothing failure model.

An example of such a transaction is to buy the asset at the price of x and then immediately sell it at the price of x0> x; if executed atomically, these transactions together generate guaranteed income in the underlying asset. For example, one agent smart contract can execute a transaction to buy an X-type token for 2ETH, while the other is sold for 3 ETH. If both orders are on a DEX's account book, then executing the smart contract for both orders will ensure that the arbitrageur gets 1 ETH in revenue.

In traditional cross-exchange arbitrage, arbitrage trading is considered to be probabilistic, because it is likely that one transaction will succeed and another transaction will fail.

This makes arbitrage based on smart contracts easier to observe, analyze, and study than traditional cross-exchange arbitrage in many ways, because the intention of the robot is usually clear in the order request.


Figure 1: Example of pure income opportunities observed in Ethereum transactions: 0xc889bd13594f75e4dd824f04f0c2ad03896cb7ec6518df02455e9560367bb9c4. This transaction occurred on November 15, 2018, and used the TokenStore DEX (design similar to Etherdelta). The same color edge represents a transaction Generated, as an example of a pure income opportunity, it generates net profit on both the FREE and ETH assets.


Figure 2: Prior gas auction (PGA) case for pure income opportunity example, showing the gas bids of two robots over time, the first two and last two bids of each robot are detailed in the table , And two confirmed bids (middle);

In order to calculate the profit of the transaction, we subtract the cost from the revenue. In this case, the cost is the gas cost paid by the arbitrageur.

The transaction 0xc889… b9c4 paid the gas price of 134.02 Gwei (1 Gwei = 10 ^ (− 9) ETH), this transaction uses 113, 265 gas, so the total cost of this transaction is 113265 · 134.02 Gwei = 0.01518 ETH ( At the time of the transaction (approximately $ 5.13), and the associated profit was about 0.77 ETH, or $ 267.

1, 2 Priority gas auctions and reordering issues

Ethereum transactions are routed by client node software in the point-to-point gossip multicast protocol, which means that all transaction information is available to all participants in this network, but for participants in a vantage point in the gossip topology In terms of it, they can use it earlier. In addition, nodes can simulate the outcome of each transaction given the current or expected system state. Therefore, once an arbitrage transaction is submitted, the transaction sequence involved in it will be disclosed by the peer nodes of the network.

As a result, a natural question arises: how is the priority between arbitrageurs determined ? Because every pure profit opportunity comes with some calculable profit p, and it spreads globally, so the competitive game between arbitrage robots will naturally become a question of who can execute first and who can win, a systematic mechanism It is stipulated that all subsequent transactions in the game will fail . How this particular game proceeds depends on the point-to-point relay network mechanism of the underlying blockchain, as well as the underlying mining pool strategy and order design.

In the example mentioned above, the two robots competed with each other, and the winner paid a fee. This transaction was packaged by the mining pool "MiningPoolHub" at block height 6709727, and the miners were motivated to fail the package bid. Transactions, because these transactions pay for trying to execute. Please note that although the winning bid used 113,265 gas in execution, the failed transaction paid 33,547 gas units, which is much smaller. From a game theory perspective, each auction represents a variant of a full-price auction, in which case the loser will be forced to pay a certain percentage of the price to the miner instead of paying the entire auction.

1, 3 arbitrage popularity measurement

Due to the lack of related tools, researchers have forked Ethereum Go client to record unconfirmed transactions in mempool. The measurement experiments collected network data (over 300G) from April-18 to January-19, and the results show that in the early stage of blockchain robot arbitrage, the robot program usually makes more than 1,000 transactions per day with a daily income of 10 -100 ETH. Later, as the market matured and profit distribution became more stable and consistent, the daily arbitrage of the robot became 1–10 ETH.


Figure 3: Observed lower limit size of the net income market ETH, the black line shows the 14-day moving average of the market size, and the orange dotted line represents the cumulative value of the market size. The scatter plot coloring / shading indicates the number of daily net income transactions.


Figure 4: DEX robots based on cumulative net income since April 2018

In recent years, the number of pure-earning transactions has continued to increase, thus showing a trend in the DEX market towards small retail transactions and more efficient market design, which reduces the average opportunity size, but provides more frequent opportunities for a more efficient robotics market .


Figure 5: The profit of a pure-income robot (revenue minus estimated cost). The study observed that of the 138948 observed pure-income transactions, the median profit was approximately 65% ​​of the size of the pure-income opportunity.

A unique feature of Ethereum over other market designs is the openness of its transaction data. For example, the arbitrageur address in Figure 5 is known and can link different transactions through a single participant.

This usually allows users to see which arbitrage robots are conducting arbitrage transactions against them, and then comment on the public review page of the blockchain browser. For example, the top robots in Figure 5 often seem to profit from errant DEX users. A user named "Getcoin Hub Inc." commented:

"This is obviously a wrong transaction. Is it possible that you can send it back with conscience?"

Another user, Benjamin Huffman, pleaded:

"I'm a parent and I have to work hard on what I hate to earn a living, please forgive me."


There are many similar comments. Although it is impossible to verify the authenticity of these pseudonym comments, their existence does point out the possibility of improper operation by users and the impact of the current DEX design on user protection.

Now we turn our focus to cooperative strategies. In theory, the Priority Gas Auction (PGA) will have a cooperative Nash equilibrium game. Since the bid cannot be reduced, with each continuous bid submitted by the robot, the maximum profitability of the opportunity will be reduce. Therefore, it is natural to assume that whenever possible, robots will unite and then distribute profits instead of reducing profits by bidding on the chain.

From the current point of view, the possibility of such perfect cooperation is low. Although off-chain collaboration may make sense, especially in a repetitive game, it has some disadvantages, including a lack of anonymity.

1.4 Miner extractable value (MEV) and blockchain security issues

The PGA and DEX arbitrage mentioned above do not seem to immediately endanger or affect the security of the underlying blockchain.

They may just be an effective mechanism for passing market information between network participants. Unfortunately, however, research suggests that the existence of DEX does cause security risks to its underlying blockchain system (ie, at the consensus layer).

In other words, application layer security poses a threat to consensus layer security .

In a stable blockchain, block rewards encourage honest miner behavior. However, if the sort optimization (OO) cost exceeds the block reward, it will instead stimulate a fork attack.

In order to obtain sorting optimization (OO) fees, miners can reorder the user's transactions and may insert their own transactions into them to directly obtain the maximum profit. At the same time, arbitrage transactions are realized, and all "failed" arbitrage robots can pay PGA fees.

This sort of optimization (OO) cost can be called miner extractable value (MEV). In a system with a high MEV, optimizing MEV to extract profits can subsidize two different forms of fork attacks. The first is an attack method called an undercutting attack , which uses a significant MEV to fork a block, while the second attack is called a time-bandit attack .

The existence of a time-bandit attack means that DEX and many other contracts are an inherent threat to the stability of the POW chain, and the bigger they are, the greater the threat.


Figure 6: The blocks with the highest net income OO expenses on Ethereum. As shown in the figure, the OO expenses in these blocks are significantly higher than the block rewards and transaction fees, usually more than an order of magnitude.

For descriptions of these two attacks, interested readers can read the original paper, and this article does not introduce more.

1, 5 research conclusions

This research reveals how a large robotic economy can benefit from the opportunities offered by DEX's trading orders. The researchers also simulated the behavior of robots competing with each other to obtain the transaction priority provided by miners in the priority gas auction. as shown by data. In many specific cases, the revenue that robots receive from pure income arbitrage far exceeds the Ethereum block rewards and transaction fees.

Finally, researchers believe that the existence of miner extractable value (MEV), especially the order optimization (OO) fee, will threaten the stability of the blockchain consensus. If such fees are high enough, they will constitute an economic vulnerability This is an issue that needs attention in Ethereum or similar public chain applications.

Free and easy comment: Compared with the asset custody risk of centralized exchanges, the security guarantee provided by DEX is worth trying, but this will inevitably introduce some new problems. With the development of technology (such as ZK Rollup & Optimistic Rollup) ), Some problems have been gradually solved, while others are actively seeking solutions. Although it is still not realistic to talk about DEX replacing CEX, one day, CEX They will be abandoned.

Second, hard core technical articles of the week

2.1 Detailed Explanation of the 1 V God: Solving the 51% Attack Problem of Blockchain by Timely Detector (TD)

In this article, Ethereum co-founder Vitalik Buterin proposed a construct called the Timeliness Detector (TD) to try to solve the problem of 51% attacks on the blockchain.

In the event of a 51% attack, this allows at least a portion of the online clients to agree on (i) whether a "bad enough" 51% attack has occurred and determine (ii) what is the "correct" chain, and it is even possible (Iii) Determine which verifiers are responsible for the attack. This reduces the ability of a 51% attack to cause chaos, speeds up recovery time, and potentially increases the cost of a successful attack.

Article link:

Free and easy comments: 51% attack problem is the Achilles heel of each blockchain system, and the new solution proposed by God V is essentially to increase the difficulty of 51% attacks and mitigate the attacks Impact, rather than completely address the issue, but it is still worth studying.

How to achieve effective supervision through distributed key technology ?

Original author: Kao Cheng real (China Computer Society Professional Committee of Block Chaining)

Asymmetric cryptography has always played a key role in information systems, and has become the basis for building many core functions of information systems.

This article introduces some applications of distributed key systems.

Article link:

How to become a Bitcoin Core contributor? The most complete Bitcoin developer guide is here

The original author is Bitcoin Core developer Amiti Uttarwar. According to her own experience, she shared in the article cheats for contributing to Bitcoin, which contains a lot of learning materials, and is full of dry goods. It is very useful for people in need helpful. PS This is an excellent younger sister ~

Article link:

Third, the development of Ethereum technology

This week's Bitcoin R & D summary is absent. We leave the focus to Ethereum.

Ethereum 1.X updates :

  1. Nethermind v1.6.3 client performs Beam synchronization test on Goerli test network ;
  2. Turbo-geth client uses B + -tree and Bolt (replaces leveldb) to reduce disk space by 70%, which can reduce the size of Ethereum archive nodes to less than 1 TB ;
  3. Experiment on semi-stateless initial synchronization using Turbo-geth client ;
  4. The release of the EVM-LLVM alpha version allows LLVM tools to be compiled into EVM;
  5. Propose a scheme to trick a frontrunner into a transaction relayer ;

Ethereum 2.0 update content :

  1. PrysmaticLabs client update and optimization , more user-friendly;
  2. Lighthouse can run 100,000 verification programs on 12 cheap (dual-core, 4GB memory) AWS instances ;
  3. How LMD Ghost fork selection and Casper FFG work together to meet security and activity requirements;
  4. Optimization of ETH2.0 execution environment writing tools;
  5. Research on time attack and security model ;

Layer2 development update:

  1. Offchain Labs' Arbitrum rollup runs on the testnet and supports the Solidity compiler;
  2. OVM alpha release ;
  3. Matic encourages test network to go online ;
  4. CelerNetwork released a multi-hop status channel , open-sourced the status channel node, and launched a testnet for its guardian Wang Tower network;
  5. State channel reduces gas cost by about 75% ;

Governance and DAO R & D updates:

  1. MetaCartel Ventures DAO launched on the Ethereum mainnet ;
  2. SignalDAO uses telegram robots to implement DAO automatic voting experiments ;
  3. Sunny Aggarwal proposes a DAOized Uniswap pool ;
  4. EIP2515: Replace difficulty bomb with difficulty freeze scheme ;

For more information on the development of Ethereum in a week, interested readers can see here:

That's it for this issue, see you next week ~