Dismantling the bZx event: just another advance transaction

Written by: Linda Xie, co-founder of blockchain investment agency Scalar Capital, early product manager at Coinbase

Translation: Lu Jiangfei

Source: Chain News

Are they hackers? (Oracle hacker? DEX hacker?)

Are they attackers? (Lightning loan attacker? Smart contract attacker?)

Or is this arbitrage? (Arbitrage … bad DeFi design?)

The two "attacks" involving bZx that occurred on February 14-18, 2020, triggered some existential reflections. The focus is on whether the market makers and traders in the market have new design space. Although these attacks feel fresh, if we disassemble the different components of front-running, we will find that these attacks are just another flavor of forward-running.

Lianwen Note: Front running, translated as lead transaction, or preemptive transaction, Hong Kong translated as head-swapping transaction, generally refers to a trader who trades for his own account before executing a client's order, because he knows that the customer's order will change the market price. Or it is the behavior of traders to buy and sell stocks before the research report published by them is widely disseminated.

If in the fiat currency securities / derivatives market, everything is securities fraud … then in DeFi everything is ahead of time.

What is advance trading?

Advance transactions consist of three parts:

  1. One set (lower set) transaction
  2. A market manipulation transaction
  3. A profitable trade

Above: the first step is to set a trap; the second step is to manipulate the market; the third step is to make a profit.

Below, I will show how to apply this framework to understand the "market manipulation" problem in the fiat market, then dismantle the bZx predatory mode, and analyze what makes advance trading on the blockchain a type that has not appeared in the fiat market New attack mode. Not only that, I will also explain why DeFi contracts can adopt "priceless" design patterns to solve related problems.

Traditional market manipulation

Suppose you want to conduct some kind of insider trading on a certain stock, such as Tesla (stock code: TSLA), you might (naively) follow these steps:

  1. One set transaction
    • Buy some short-term TSLA puts.
  2. Market manipulation transaction
    • Find a way to borrow and sell TSLA stocks in the spot market, and it would be better if you could escape without paying back these TSLA stocks at the end of this transaction.
  3. A profitable trade
    • Sell ​​/ exercise your short-term TSLA put options.

Above: first step, buy TSLA put option; second step, sell (borrowed?) TSLA; third step, exercise put option.

This is a very naive insider trading operation, and a form of forward trading (your TSLA put options are trading ahead of time before TSLA stocks are sold off heavily). Those who stare at insider trading tend to monitor suspiciously large options trades to spot such setup trades. I am not a lawyer, but I think that most people who do this will be caught because it is very difficult to set up such traps without exposing personal identity and leaving no trace between transactions. In later chapters we will find out how this operational weakness becomes a strong point in DeFi.

This "three-step framework" is also applicable to more traditional lookahead transactions:

  1. A set transaction
    • Place some limit orders that sell TSLA (if you have some TSLA stocks, do so; if not, buy them first).
  2. A market-manipulated transaction
    • There are several ways to do this:
      • Convince someone to buy a large amount of TSLA stock. Maybe you are an investment banker or private wealth advisor and know someone who has enough cash to drive this market.
      • Order Flow to buy someone's TSLA. Maybe you know a broker who observes a lot of TSLA retail orders, and he is willing to route these orders to the exchange for you to trade.
  3. A profitable trade
    • Once your market manipulation transaction makes TSLA's buy order price rise and exceed the price of your limit order, you can push TSLA to sell higher prices and profit.

We will find below that in DeFi, these transactions do not always occur in a linear order.

Teardown of bZx-style plunder

Below we apply this framework to the first bZx attack, a more detailed report can be viewed here.

  1. A set transaction
    • Borrow ETH on Lightning Loan and use these ETH to borrow wBTC on Compound.
  2. A market-manipulated transaction
    • Open a 5x wBTC / ETH long position on bZx using partially borrowed ETH.
    • bZx will initiate a large number of wBTC / ETH purchases (routed to Uniswap) on KyberSwap to achieve leverage, which will cause wBTC / ETH prices to soar in illiquid markets.
  3. A profitable trade
    • Sell ​​wBTC on Uniswap for a higher price and get ETH.
    • If this market manipulation transaction is successful, you will not only get enough ETH to repay the first ETH loan, but also some excess profits.

Above: The first attack on bZx.

Step 1: Borrow ETH and borrow wBTC; Step 2: Open 5x wBTC / ETH long on bZx, which will trigger a large amount of wBTC / ETH buy on KyberSwap; Step 3: Sell wBTC, return ETH loan, and get Extra ETH profit.

Below, we apply this framework to the second bZx attack, and a detailed report on the attack can be viewed here.

  1. A set transaction
    • Borrow ETH at Lightning Loan and sell some ETH in exchange for sUSD.
  2. A market-manipulated transaction
    • Use another portion of the borrowed ETH to buy sUSD on KyberSwap (routed to Uniswap), which prompted sUSD / ETH prices to soar in illiquid markets.
  3. A profitable trade
    • At the higher price, use the sUSD obtained in the first step to borrow ETH on bZx.
    • If this market manipulation transaction is successful, you will not only get enough ETH to repay the previous loan, but also have some excess profits.

Above: bZx second attack.

Step 1: Borrow ETH and sell some ETH in exchange for sUDS; Step 2: Sell some ETH in KyberSwap in exchange for sUSD; Step 3: Borrow ETH in sUSD at bZx. This will not only repay the previous loan but also obtain additional ETH profits.

What makes DeFi different?

Why is the title of this article "Everything is ahead of time"? If we use the above framework to analyze other DeFi hacking / predation / manipulation events, we will see:

  1. Set trading and market manipulation trading cannot be stopped. As long as people can borrow assets on the chain and trade on a decentralized exchange (DEX), steps 1 and 2 will always happen.
  2. Profitable transactions should be recognized by miners. If it is found that the initiator of a transaction will get a given profit, the miner (executor) of this transaction can charge the transaction initiator for "miner extractable value", also known as "dry front transaction" (dry front -running).
  3. If the three steps are performed in order, the above statement is always true; if the advanced trader completes all three steps in one transaction on the blockchain, then the above statement is even more correct. Of course, at this time, miners can more easily identify profitable transactions.

Another important factor that makes DeFi different is Lightning Loan. However, in the framework mentioned in this article, Lightning Loans affects only one of three transactions: it makes market manipulation transactions more effective than ever. There are several options to reduce the impact of Lightning Loans:

  • Exchanges can solve the problem by building a deeper and more liquid market, but this is difficult and time-consuming (a game that is one foot tall and one foot tall).
  • DeFi projects (such as loan / loan agreements) can try to use more price feeds that are resistant to market manipulation, such as TWAPs, medianizers, etc. This will eventually turn into a "cat and mouse game" until the cost of performing market manipulation transactions is higher than the profit made from profit-taking transactions.
  • DeFi projects can choose not to use the on-chain price flow, and choose to operate in a "priceless" or "optimistic" way.

In my opinion, the last of these choices seems the most attractive. This requires redesigning the incentive structure in the DeFi protocol, but I very much want to participate in this conversation. You can view an example here, which details how to build a "priceless" version of BitMEX. You can also pay close attention to subsequent articles. I will try to redesign the "priceless" version of some well-known DeFi projects.

Source link: http://lildex.com/everything-is-front-running/