Front-running

Front-running occurs when a searcher or bot observes a pending transaction in the mempool (the pool of unconfirmed transactions) and submits their own transaction with a higher gas fee to ensure it is mined first. This allows them to profit from the predictable price impact of the original transaction.

• Example: Seeing a large buy order for a token, a bot buys it first, causing the price to rise, and then sells it back to the original buyer at a profit.

Front-running manifests in several specific forms on blockchains:

• Sandwich Attacks: The most common type, where an attacker places one transaction before and one after a victim's large trade, "sandwiching" it to extract value from slippage.
• Time-Bandit Attacks: Miners/validators reorder blocks to include their own profitable transactions, exploiting MEV (Maximal Extractable Value).
• Displacement Attacks: Replacing a victim's transaction with a nearly identical one that pays a higher fee, causing the original to fail.

Front-running primarily targets DeFi protocols where transactions have clear, on-chain economic effects.

Common Targets:

• DEX Trades on Uniswap, SushiSwap (via sandwich attacks)
• Liquidations on lending platforms like Aave
• NFT Minting for rare items

Impact: Increases transaction costs (gas wars), causes failed transactions, and results in worse execution prices (slippage) for regular users.

The ecosystem employs several technical countermeasures:

• Private Transaction Relays: Services like Flashbots Protect send transactions directly to miners, bypassing the public mempool.
• Commit-Reveal Schemes: Users submit a cryptographic commitment first, revealing the transaction details later, hiding intent.
• Fair Sequencing Services: Protocols that enforce first-come-first-serve transaction ordering.
• Slippage Tolerance: Users can set maximum acceptable slippage, though aggressive bots can exploit this.

Maximal Extractable Value (MEV) is the broader concept encompassing all value that can be extracted from block production beyond standard block rewards and gas fees. Front-running is a primary source of MEV.

• Searchers: Bots that identify and compete for MEV opportunities.
• Builders: Entities that construct blocks, often incorporating searcher bundles.
• MEV-Boost: A protocol that allows Ethereum validators to outsource block building to a competitive marketplace, centralizing much of this activity.

Front-running became a systemic issue with the rise of Automated Market Makers (AMMs) like Uniswap, where trade execution is fully predictable. The scale is significant:

• Billions of dollars in value have been extracted via MEV, with front-running being a major component.
• It represents a fundamental protocol-level design challenge, not just an application bug, driving research into more secure blockchain architectures.

A sandwich attack is the most common form of front-running on Automated Market Makers (AMMs). An attacker places one transaction before and one after a victim's large trade to profit from the price slippage.

• Mechanism: The attacker front-runs the victim's buy order with their own buy, driving the price up. The victim's order executes at the inflated price. The attacker then sells immediately after (back-running), profiting from the price difference.
• Impact: The victim receives worse execution, paying more for tokens or receiving less when selling.

A time-bandit attack is a sophisticated, long-range form of front-running where a miner or validator reorganizes the blockchain (reorg) to insert or reorder transactions from a past block.

• Mechanism: The attacker, upon seeing a highly profitable transaction (e.g., a large NFT mint) confirmed in a recent block, uses their mining/staking power to create a longer chain that excludes that block and includes their own transaction instead.
• Prerequisite: Requires significant hash power or stake, making it a threat primarily from large mining pools or validator cartels on networks with weak finality.

A displacement attack occurs when an attacker submits a transaction with a higher gas fee to get their transaction included in a block instead of a victim's pending transaction, causing the victim's transaction to fail or be delayed.

• Goal: Not to profit directly from price movement, but to censor or disable a specific operation. Common targets include governance votes, arbitrage opportunities, or liquidation calls in lending protocols.
• Method: The attacker often uses identical transaction parameters (nonce, data) but with a much higher maxPriorityFee to ensure priority inclusion, "kicking out" the original.

Back-running is the practice of submitting a transaction immediately after a known pending transaction to capitalize on its state-changing effects.

• Common Use Cases:
  • Liquidations: Submitting a liquidation call immediately after a position becomes undercollateralized.
  • Arbitrage: Exploiting price discrepancies created by a large trade across different DEXs.
  • Oracle Updates: Acting on new price data from an oracle update before other users.
• Key Difference: While front-running anticipates an action, back-running reacts to its confirmed effects. It is often considered less malicious but can still create network congestion.

Generalized front-running bots are automated programs that monitor the public mempool for any profitable transaction opportunity and attempt to submit a higher-gas copycat transaction to execute first.

• Operation: These bots use complex heuristics and simulation to identify transactions that will move market prices or create arbitrage. They then broadcast a nearly identical transaction with a higher gas price.
• Ecosystem Impact: They create a toxic environment for users, increasing gas costs and creating a priority gas auction (PGA) where bots compete, driving fees up for everyone. They are a primary reason for the development of private transaction relays and Flashbots-style blocks.

Several protocol-level and user-level strategies exist to counter front-running.

• Commit-Reveal Schemes: Users submit a hashed commitment first, then reveal the transaction details later, hiding intent from the mempool.
• Fair Sequencing Services / MEV Auctions: Protocols like Flashbots and CowSwap use private mempools or batch auctions to order transactions fairly, often based on time of receipt rather than gas price.
• Submarine Sends: Sending transactions directly to miners/validators via private channels to avoid public mempool exposure.
• Gas Optimization: Using techniques like setting appropriate gas limits and using gas tokens can reduce attractiveness to bots, though this is less effective against determined attackers.

In a classic sandwich attack, a bot observes a large pending swap on a DEX like Uniswap. The bot executes two transactions:

• Buys the same asset first, driving the price up.
• Sells the asset after the victim's trade executes, profiting from the inflated price. This extracted an estimated $1.2 billion from users in 2023 alone, with single attacks often exceeding $1 million in profit for the bot operator.

During a popular NFT mint, bots monitor the mempool for mint transactions. To secure a rare asset, a bot will:

• Copy the victim's transaction data.
• Pay a much higher gas fee (priority fee).
• Submit its own transaction to be mined first. This denies the original user the NFT and allows the bot to immediately resell it on a secondary market at a markup, a practice that plagued early Ethereum NFT launches.

Front-running is the act of placing a transaction with prior knowledge of a future transaction that will affect the market price, allowing the front-runner to profit from the resulting price movement. On blockchains, this is possible because transactions are visible in the mempool before they are confirmed, creating a race condition. A malicious actor (often a bot) sees a profitable pending transaction, such as a large DEX trade, and submits their own transaction with a higher gas fee to ensure miners or validators process it first.

Front-running manifests in several specific scenarios:

• DEX Arbitrage: Bots snipe profitable arbitrage opportunities identified in pending trades.
• NFT Minting: Bots detect a mint transaction and submit their own to acquire rare NFTs before the original user.
• Liquidations: In lending protocols, bots can front-run public liquidation calls to capture the liquidation bonus.
• Governance & Airdrops: Sniping transactions to meet snapshot criteria or delegate voting power at the last moment. The economic impact is a direct extraction of value from regular users, increasing their costs and creating a toxic trading environment.

A commit-reveal scheme is a cryptographic technique that hides transaction intent during initial submission. The process has two phases:

1. Commit: A user submits a transaction containing only a cryptographic hash (commitment) of their actual action and a secret.
2. Reveal: In a later transaction, the user reveals the secret and the full action details. This prevents front-runners from understanding the transaction's economic value during the vulnerable period in the mempool. It is commonly used in fair auctions and voting mechanisms, but adds complexity and latency for users.

These are direct responses to the public mempool vulnerability.

• Submarine Sends: Transactions are sent directly to miners (e.g., via a private RPC) or through a private transaction network, bypassing the public mempool entirely.
• Flashbots Auction: A dominant solution on Ethereum, Flashbots creates a separate, private channel (mev-geth) where searchers (front-runners/arbitrageurs) can submit transaction bundles directly to miners. This allows for MEV extraction to be negotiated off-chain, reducing network spam and gas auctions, but centralizing the process.

These are protocol-level solutions aimed at redefining transaction ordering fairness.

• Fair Sequencing Services (FSS): Use cryptographic techniques like threshold encryption to encrypt transaction content. Validators collectively decrypt and order transactions only after they have been sequenced, making front-running based on content impossible. This is a core research area for rollups and new L1s.
• Inclusion Lists: Proposals like Ethereum's PBS (Proposer-Builder Separation) with inclusion lists can force block builders to include certain transactions, reducing exclusionary front-running.

While systemic solutions are developed, users can employ tactics to reduce risk:

• Slippage Tolerance: Setting a low, precise slippage tolerance (e.g., 0.5%) on DEX trades prevents bots from sandwiching trades if the price moves unfavorably.
• Private RPCs: Using RPC services that offer private transaction routing to validators.
• Gas Strategies: Submitting transactions with competitively high max priority fees (tip) to reduce the incentive for displacement, though this fuels gas auctions.
• Timing: Transacting during periods of low network congestion reduces the window of exposure in the mempool.

The process by which pending transactions in the mempool (transaction pool) are selected and sequenced into a block. This is the stage where front-running occurs.

• Key Actors: Users, searchers (bots), block builders, and validators/proposers.
• Vulnerability: Public mempools expose transaction details, allowing searchers to copy and outbid them.

A sophisticated form of MEV extraction where validators or sophisticated actors attempt to reorganize the blockchain (reorg) to capture value from already-included transactions. This is a more extreme form of reordering than simple front-running within a single block.

• Risk: Undermines blockchain finality and consensus security.
• Defense: Protocols like Ethereum's proposer-builder separation aim to reduce this risk.

A class of protocols and mechanisms designed to produce fair transaction ordering, often using cryptographic techniques like commit-reveal schemes or threshold encryption to prevent front-running.

• Goal: Achieve order fairness, where transactions are ordered based on objective criteria (e.g., time received) rather than fee price.
• Example: SUAVE (Single Unified Auction for Value Expression) is a decentralized block builder and encrypted mempool.

A specific, automated front-running strategy targeting DEX trades. A malicious actor (searcher) places one transaction before and one after a victim's large trade to profit from the resulting price movement.

• Process: 1) Front-run to buy the asset, 2) Let victim's trade execute (moving price), 3) Back-run to sell at the higher price.
• Result: The victim receives worse execution (slippage), and the attacker pockets the difference.