Abstract
Blockchain oracles are introduced to mitigate the gap between blockchain-based applications and real-world information. To solve the centralization problem of current oracle systems, many decentralized protocols have been designed. In this paper, we define the basic model for decentralized oracles that rely on unencrypted transactions for verification and adjustment tasks. Furthermore, we introduce Arbitrage attack against such decentralized oracles carried out by rational miners and mining pools. We analyze the attack based on game-theoretic methods. Moreover, we briefly discuss the price of anarchy to demonstrate the characteristic of attackers’ cooperation union under different circumstances.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zheng, Z., et al.: An overview on smart contracts: challenges, advances and platforms. Futur. Gener. Comput. Syst. 105, 475–491 (2020)
Finance, C.: Compound finance (2021). https://compound.finance/
bZx network: bzx network (2021). https://bzx.network/
Zhou, L., Qin, K., Torres, C.F., Le, D.V., Gervais, A.: High-frequency trading on decentralized on-chain exchanges. arXiv preprint arXiv:2009.14021 (2020)
Apostolaki, M., Zohar, A., Vanbever, L.: Hijacking bitcoin: routing attacks on cryptocurrencies. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 375–392. IEEE (2017)
Shi, H., Wang, S., Hu, Q., Cheng, X., Zhang, J., Yu, J.: Fee-free pooled mining for countering pool-hopping attack in blockchain. IEEE Trans. Depend. Secur. Comput. 18, 1580–1590 (2020)
Antonopoulos, A.M.: Mastering Bitcoin (2019)
Zhang, F., Cecchetti, E., Croman, K., Juels, A., Shi, E.: Town crier: an authenticated data feed for smart contracts. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 270–282 (2016)
Yamashita, K., Nomura, Y., Zhou, E., Pi, B., Jun, S.: Potential risks of hyperledger fabric smart contracts. In: 2019 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE), IEEE, pp. 1–10 (2019)
Al-Breiki, H., Rehman, M.H.U., Salah, K., Svetinovic, S.: Trustworthy blockchain oracles: review, comparison, and open research challenges. IEEE Access 8, pp. 85 675–85 685 (2020)
Xu, X., et al.: The blockchain as a software connector. In: 2016 13th Working IEEE/IFIP Conference on Software Architecture (WICSA). pp. 182–191. IEEE (2016)
Moudoud, H., Cherkaoui, S., Khoukh, L.: An IoT blockchain architecture using oracles and smart contracts: the use-case of a food supply chain. In: 2019 IEEE 30th Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), pp. 1–6. IEEE (2019)
Cloud, G.: Building hybrid blockchain/cloud applications with ethereum and google cloud (2021). https://cloud.google.com/blog/products/data-analytics/building-hybrid-blockchain-cloud-applications-with-ethereum-and-google-cloud
Adler, J., Berryhill, R., Veneris, Z. Poulos, A., Veira, N., Kastania, A.: Astraea: a decentralized blockchain oracle. In: 2018 IEEE International Conference on Internet of Things (IThings) and IEEE Green Computing and Communications (GreenCom) and IEEE cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1145–1152, IEEE (2018)
Peterson, J., Krug, J., Zoltu, M., Williams, A.K., Alexander, S.: Augur: a decentralized oracle and prediction market platform. arXiv preprint arXiv:1501.01042 (2015)
de Pedro, A.S., Levi, D., Cuende, L.I.: WitNet: a decentralized oracle network protocol. arXiv preprint arXiv:1711.09756 (2017)
Wang, S., et al.: Decentralized autonomous organizations: concept, model, and applications. IEEE Trans. Comput. Soc. Syst. 6(5), 870–878 (2019)
NEST Protoco: The NEST protocol (2021). https://nestprotocol.org/
Curve finance (2021). https://curve.fi/
Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_28
Zhou, L., Qin, K., Ferreira Torres, C., Gervais, A., et al.: High-frequency trading on decentralized on-chain exchanges. In: IEEE Symposium on Security and Privacy, pp. 23–27 May 2021
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash systemBitcoin: a peer-to-peer electronic cash system. Decent. Bus. Rev. 21260 (2008)
Wang, D., et al.: Towards a first step to understand flash loan and its applications in DEFI ecosystem. In: Proceedings of the Ninth International Workshop on Security in Blockchain and Cloud Computing, pp. 23–28 (2011)
Liao, K., Katz, J.: Incentivizing blockchain forks via whale transactions. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 264–279. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_17
McCorry, P., Hicks, A., Meiklejohn, S.: Smart contracts for bribing miners. In: Zohar, A., et al. (eds.) FC 2018. LNCS, vol. 10958, pp. 3–18. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-662-58820-8_1
Daian, P., et al.: Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 910–927. IEEE (2020)
Eskandari, S., Moosavi, S., Clark, J.: SoK: transparent dishonesty: front-running attacks on blockchain. In: Bracciali, A., Clark, J., Pintore, F., Rønne, P.B., Sala, M. (eds.) FC 2019. LNCS, vol. 11599, pp. 170–189. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-43725-1_13
Chohan, U.W.: Counter-Hegemonic Finance: The Gamestop Short Squeeze. SSRN (2021)
provable: Provable documentation (2021). https://docs.provable.xyz
Eskandari, S., Clark, J., Sundaresan, V., Adham, M.: On the feasibility of decentralized derivatives markets. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 553–567. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_35
Anand, A., Pathak, J.: WallStreetBets against wall street: the role of reddit in the GameStop short squeeze. IIM Bangalore Research Paper, no. 644 (2021)
Wu, H., Vora, P.L., Zagórski, F.: PrivApollo-secret ballot E2E–V Internet voting. In: Financial Cryptography Workshops, pp. 299–313 (2019)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Appendices
Proofs
Theorem 1
There can be only one winner for the Arbitrage attack no matter success or not.
Proof
In the case of failure, since there can be only one block containing adjustment transaction \(t_a\), therefore this block’s publisher should be the only winner with normal profit A.
In the case of success, each rational mining pool can publish a smart contract in the blockchain including all the transaction it would like to make after the oracle’s output is manipulated. This smart contract has enough time to become valid during the oracle’s verification period. After the output has been changed, the mining pool can propose a newly mined block containing arbitrage transactions set \(t_{arb}\) and exploit all arbitrage opportunities. \(\square \)
Theorem 2
For a rational mining pool j, its strategy for block i should be the Nash equilibrium strategy for game i.
Proof
The Nash equilibrium strategy at game i for mining pool j should satisfy
where \({T_i}^*\) represents the equilibrium strategy and \(\overline{{T_i}^*}\) represents other strategies. Thus a rational mining pool will choose the equilibrium strategy while making decision for block i. \(\square \)
Theorem 3
The Nash equilibrium strategy for block \(s+1\) is
Proof
According to the attack model, all the rational mining pools will try to mine their own block containing the arbitrage transactions set \(t_{arb}\), so the utility function for a mining pool j can be easily denoted as:
Where \(P_j\) is the hashrate ratio of mining pool j. Therefore, all the rational mining pools will choose to add the transaction to the block. \(\square \)
Proposition 1
When \(\frac{B}{A}>\frac{1}{P_n}>...>\frac{1}{P_1}\), for a random mining pool j, \({Tj_s}^*=N\), \({T_s}^*=(\underset{n}{\underbrace{N,N,...,N}})\) and \(U_j({Tj_s}^*)=P_jB\).
Proof
For all rational mining pools that participated in the attack, the profit ratio \(\frac{B}{A}\) is larger than the reciprocal of any mining pool’s hashrate. As a result, according to the utility function of two different actions, every mining pool’s Nash equilibrium strategy will be N, which will guarantee the attack will succeed and game \(s+1\) will be conducted, therefore the utility will be \(P_jB\) for a random mining pool j. \(\square \)
Proposition 2
When \(\frac{B}{A}<\frac{1}{P_1}<...<\frac{1}{P_n}\), for a random mining pool j, \({Tj_s}^*=Y\), \(T_s^*=(\underset{n}{\underbrace{Y,Y,...,Y}})\) and \(U_j({Tj_s}^*)=P_jA\).
Proof
For all rational mining pools that participated in the attack, the profit ratio \(\frac{B}{A}\) is less than the reciprocal of any mining pool’s hashrate. Similarly, according to the utility function of two different actions, every mining pool’s Nash equilibrium strategy will be Y, which will guarantee the attack will fail and game \(s+1\) will be not conducted, therefore the utility will be \(P_jA\) for a random mining pool j. \(\square \)
Proposition 3
When \(\frac{1}{P_1}<\frac{B}{A}<\frac{1}{P_n}\), w.l.o.g. \( \frac{1}{P_1}<...<\frac{1}{P_R}<\frac{B}{A}<\frac{1}{P_{R+1}}<...<\frac{1}{P_n}. \) Then for a random mining pool j, Nash equilibrium strategy should be
and the utility function should be:
Proof
According to the utility function, mining pools whose hashrate ratio’s reciprocal is higher than \(\frac{B}{A}\) will choose Y and N for the rest of the mining pools, and the utility can be easily obtained based on their Nash equilibrium strategies.
\(\square \)
Proposition 4
When \(\frac{B}{A}>\frac{1}{P_n}>...>\frac{1}{P_1}\), for a random mining pool j, \(U_j({Tj_s}^*)=P_jB>A holds\). By mathematical induction, the Nash equilibrium strategy for game i should be \({T_i}^*=(\underset{n}{\underbrace{N,N,...,N}})\).
Proof
According to Theorem 1, for a random mining pool j, \(U_j({Tj_s}^*)=P_jB>A\) holds. Therefore, for game \(s-1\), the Nash equilibrium strategy and corresponding utility can be easily obtained:
Then by mathematical induction, rational mining pools’ Nash equilibrium strategy for every game should be \((\underset{n}{\underbrace{N,N,...,N}})\). \(\square \)
Proposition 5
When \(\frac{B}{A}<\frac{1}{P_1}<...<\frac{1}{P_n}\), for a random mining pool j, \(U_j({Tj_s}^*)=P_jB<A\) holds. By mathematical induction, the Nash equilibrium strategy for game i should be \({T_i}^*=(\underset{n}{\underbrace{Y,Y,...,Y}})\).
Proof
According to Theorem 2, for a random mining pool j, \(U_j({Tj_s}^*)=P_jA<A\) holds. Therefore, for game \(s-1\), the Nash equilibrium strategy and corresponding utility can be easily obtained:
Then by mathematical induction, rational mining pools’ Nash equilibrium strategy for every game should be \((\underset{n}{\underbrace{Y,Y,...,Y}})\). \(\square \)
Theorem 4
For a random mining pool j, if its Nash equilibrium strategy for block \(i+1\) is Y, then the Nash equilibrium strategy for block i is also Y.
Proof
Assuming that mining pool j’s Nash equilibrium strategy for block \(i+1\) is Y, then
Therefore
The Theorem is therefore proved. \(\square \)
Corollary 1
For a mining pool j, it is impossible that the Nash equilibrium strategy for game i is N and Y for game \(i+1\).
Proof
According to Theorem 4, a mining pool’s Nash equilibrium strategy for game i can only be Y, if its Nash equilibrium strategy for game \(i+1\) is Y. \(\square \)
Corollary 2
\(P_{Ni}(j)^*\) will not decrease with i increase to s.
Proof
According to Corollary , once a mining pool’s Nash equilibrium strategy is N for a game, then its Nash equilibrium strategy will not change to Y in later games. Instead, it is possible for mining pools with Y as Nash equilibrium strategy to change in later games. Therefore, the total hashrate of mining pools with Nash equilibrium strategy N will not decrease with the process of the whole attack. \(\square \)
Theorem 5
For a mining pool j, if its Nash equilibrium strategy for game \(i+1\) is N and Y for i. Then for any mining pool h with \(P_h < P_j\), there should be \({Th_i}^*=Y\).
Proof
We can prove the theorem with contradiction. Assuming that there is a mining pool h with \(P_h < P_j\), and its Nash equilibrium strategy for game i is N.
According to Theorem 4, mining pool h’s Nash equilibrium strategy for game \(i+1\) should be N, therefore \(U_h({Th_{i+1}}^*)=P_hb\prod _{k=i+1}^{s}(P_Nk(h)+P_h)\) should be greater than A
However, for mining pool j
since the Nash equilibrium strategy changes to Y. Notice that
because \(P_h < P_j\). Then a contradiction happens. \(\square \)
Corollary 3
With block number i increases, mining pools with more hashrate will change their strategy from Y to N more sooner than mining pools with less hashrate.
Proof
According to Theorem 5, if a mining pool j’s Nash equilibrium strategy is N for game \(i+1\) and Y for i, then in game i the Nash equilibrium strategy for all the mining pools with less hashrate will also be Y, which will not change for the game before i according to Theorem 4. Consequently, with block number i increase, mining pool j’s Nash equilibrium strategy will change from Y to N before the mining pools with less hashrate. \(\square \)
Corollary 4
There won’t be a Nash equilibrium strategy \({T_i}^*\) for game i where \({Th_i}^*=N, {Tj_i}^*=Y (P_h<P_j)\).
Proof
Corollary 3 shows that with block number i increases, mining pools with higher hashrate will change its strategy from Y to N sooner, besides it is not possible to change from N to Y. Conclusively, there won’t be a Nash equilibrium strategy \({T_i}^*\) for game i where \({Th_i}^*=N, {Tj_i}^*=Y (P_h<P_j)\). \(\square \)
Corollary 5
When \(\frac{B}{A}>\frac{1}{P_n}>...>\frac{1}{P_1}\), the price of anarchy is \(PoA =1\).
Proof
According to Proposition 4, all rational mining pools will choose N during the whole s blocks period, then
\(\square \)
Corollary 6
When \(\frac{B}{A}<\frac{1}{P_1}<...<\frac{1}{P_n}\), the price of anarchy is \(PoA =\frac{A}{B}\).
Proof
According to Proposition 5, all rational mining pools will choose Y during the whole s blocks period, then
\(\square \)
Corollary 7
When \(\frac{1}{P_1}<\frac{B}{A}<\frac{1}{P_n}\), the price of anarchy is
Proof
When \(\frac{1}{P_1}<\frac{B}{A}<\frac{1}{P_n}\), since there will always be mining pools that decide to publish the adjustment contract \(t_a\) during the s blocks and gain profit A, the only situation to obtain profit B is when mining pools whose Nash equilibrium strategy is N successfully mine the block \(\square \)
Algorithm
Rights and permissions
Copyright information
© 2022 International Financial Cryptography Association
About this paper
Cite this paper
Wang, Y., Li, J., Su, Z., Wang, Y. (2022). Arbitrage Attack: Miners of the World, Unite!. In: Eyal, I., Garay, J. (eds) Financial Cryptography and Data Security. FC 2022. Lecture Notes in Computer Science, vol 13411. Springer, Cham. https://doi.org/10.1007/978-3-031-18283-9_23
Download citation
DOI: https://doi.org/10.1007/978-3-031-18283-9_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-18282-2
Online ISBN: 978-3-031-18283-9
eBook Packages: Computer ScienceComputer Science (R0)