Frontrunning Protection

A two-phase transaction process that hides critical information until it can no longer be frontrun. Users first submit a commitment (a hash of their intent) to the mempool. In a later block, they reveal the actual transaction details. This prevents bots from seeing and copying profitable trades before they are executed.

• Process: Commit (hash) → Wait (1+ blocks) → Reveal (actual data).
• Use Case: Common in decentralized exchanges and NFT minting to ensure fair access.

A class of protocols that cryptographically guarantee a fair, canonical order for transactions, often using a Threshold Encryption scheme. Transactions are encrypted when submitted, then decrypted and ordered by a decentralized network of sequencers after a deadline. This prevents any single entity, including validators, from manipulating the order for Maximum Extractable Value (MEV).

• Key Feature: Decouples transaction reception from ordering.
• Example: Chainlink's Fair Sequencing Service.

Techniques to bypass the public mempool entirely, denying frontrunners visibility. Submarine sends involve sending transactions directly to trusted block builders or validators. Private mempools (or "dark pools") are relay networks that keep transactions confidential until they are included in a block.

• Benefit: Eliminates the public broadcast phase where frontrunning occurs.
• Tools: Services like Flashbots Protect RPC and Taichi Network.

An execution strategy that breaks a large trade into many small orders over a period of time. This minimizes price impact and reduces the profitability of frontrunning attempts, as each individual order is less attractive to sandwich.

• Mechanism: Large order → Split into N chunks → Execute over T seconds/minutes.
• Effect: Dramatically reduces slippage and the economic incentive for MEV bots.

A user and a block builder enter into a cryptographic agreement guaranteeing a transaction's inclusion and position before it is sent. This is often enabled by MEV-Boost relays in Proof-of-Stake Ethereum. The builder commits to a specific outcome, providing users with a signed promise that their transaction will not be frontrun or sandwiched.

• Core Concept: Economic commitment from the block producer.
• Ecosystem: Part of the proposer-builder separation (PBS) framework.

Advanced cryptographic primitives that obscure the link between transaction input and output. Mixers (like coinjoin) pool many users' funds to break traceability. Oblivious Transfer allows a user to retrieve a specific piece of data from a server without the server learning which piece was retrieved, which can be applied to hiding trade intent.

• Goal: Achieve transaction unlinkability and anonymity.
• Trade-off: Can increase complexity and gas costs.

A two-phase transaction process that hides user intent until after a block is confirmed, preventing bots from reacting to pending transactions. Users first submit a commitment (a hash of their action and a secret). After a delay, they submit a reveal transaction with the original data. This decouples signal from execution, making frontrunning the initial commitment impossible. Commonly used in fair auctions and voting.

A class of protocols where a decentralized set of sequencers orders transactions fairly before they are added to a block. Instead of pure Maximum Extractable Value (MEV) competition, FSS uses algorithms (e.g., first-come-first-served, randomized ordering) to establish a canonical, manipulation-resistant order. Projects like Flashbots SUAVE aim to provide this as a network-level primitive.

Encrypts transaction contents in the mempool so that only a decentralized committee of validators can decrypt them after a block is proposed. This prevents searchers and generalized frontrunners from viewing the details of pending transactions. The decryption key is split among validators, requiring a threshold to reconstruct it, ensuring no single entity can decrypt early. Used by protocols like Shutter Network.

Mechanisms that allow users to bypass the public mempool entirely. Submarine sends (e.g., Taichi Network) route transactions through a private relay network directly to trusted block builders. Private transaction pools (e.g., Flashbots Protect, BloxRoute) offer a confidential channel to validators, shielding transactions from public view until inclusion in a block. This is a practical, widely-used defense for high-value DeFi operations.

While not direct protection, PBS is a structural change that influences frontrunning economics. It separates the roles of block proposer (validator) and block builder. Builders compete to create the most profitable block bundles (including MEV) for proposers. This centralizes frontrunning competition among sophisticated builders but can enable more sophisticated fair ordering protocols to be implemented at the builder level.

These are cryptographic techniques that hide transaction details until they are finalized on-chain to prevent frontrunning. A commit-reveal scheme involves two transactions: first, a commitment (e.g., a hash of the intended action) is published; later, the actual data is revealed and matched to the commitment. A submarine send is a specific type where a transaction is initially sent with a locked state, only becoming executable after a delay or condition. Both add complexity and require users to submit multiple transactions, increasing gas costs and latency.

These are protocol-level or network-level solutions that modify transaction ordering. A Fair Sequencing Service (FSS) uses a decentralized sequencer or a consensus mechanism like Threshold Encryption to order transactions fairly before they are published to the base layer. An MEV Auction (MEVA) explicitly auctions off the right to reorder transactions in a block, channeling extracted value back to users or the protocol. Both approaches rely on trusted or incentivized operators and can introduce centralization risks or require significant protocol changes.

These solutions prevent visibility into pending transactions. Users submit transactions to a private mempool or relayer (e.g., Flashbots Protect) instead of the public peer-to-peer network. The transactions are often encrypted until they are included in a block, hiding their intent from searchers. Key limitations include reliance on the integrity of the relayer operator, potential for censorship, and the creation of a two-tiered system where users outside the private channel are at a disadvantage.

Simple on-chain rules can deter predictable frontrunning. Time-based rules, like enforcing a minimum time delay between order placement and execution, reduce the window for manipulation. Randomization techniques, such as adding a random component to execution price or settlement time, make profitable frontrunning strategies statistically uncertain. These methods can degrade user experience through slower execution and may not fully prevent sophisticated attacks that adapt to the new rules.

All frontrunning protection methods have fundamental trade-offs that limit their effectiveness.

• Decentralization vs. Efficiency: Strong guarantees often require trusted components (sequencers, relayers).
• Latency & Cost: Cryptographic schemes (commit-reveal) and private channels add transaction steps and fees.
• Composability Breakage: Hiding transaction intent can break atomic composability, preventing complex multi-step DeFi interactions.
• Adversarial Adaptation: Searchers continuously develop new strategies to exploit any remaining predictability or system weakness.