Understanding the Security Risks of Decentralized Exchanges by Uncovering Unfair Trades in the Wild

• URL: http://arxiv.org/abs/2401.11547v1
• Date: Sun, 21 Jan 2024 17:25:57 GMT
• Title: Understanding the Security Risks of Decentralized Exchanges by Uncovering Unfair Trades in the Wild
• Authors: Jiaqi Chen, Yibo Wang, Yuxuan Zhou, Wanning Ding, Yuzhe Tang, XiaoFeng Wang, Kai Li,
• Abstract summary: DEX, or decentralized exchange, is a prominent class of decentralized finance (DeFi) applications on blockchains. This paper presents the first large-scale empirical study that uncovers unfair trades on popular DEX services.
• Score: 28.63088626240589
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: DEX, or decentralized exchange, is a prominent class of decentralized finance (DeFi) applications on blockchains, attracting a total locked value worth tens of billions of USD today. This paper presents the first large-scale empirical study that uncovers unfair trades on popular DEX services on Ethereum and Binance Smart Chain (BSC). By joining and analyzing 60 million transactions, we find 671,400 unfair trades on all six measured DEXes, including Uniswap, Balancer, and Curve. Out of these unfair trades, we attribute 55,000 instances, with high confidence, to token thefts that cause a value loss of more than 3.88 million USD. Furthermore, the measurement study uncovers previously unknown causes of extractable value and real-world adaptive strategies to these causes. Finally, we propose countermeasures to redesign secure DEX protocols and to harden deployed services against the discovered security risks.

Related papers

• IT Strategic alignment in the decentralized finance (DeFi): CBDC and digital currencies [49.1574468325115]
  Decentralized finance (DeFi) is a disruptive-based financial infrastructure. This paper seeks to answer two main questions 1) What are the common IT elements in the DeFi? And 2) How the elements to the IT strategic alignment in DeFi?
  arXiv  Detail & Related papers  (2024-05-17T10:19:20Z)
• StateGuard: Detecting State Derailment Defects in Decentralized Exchange Smart Contract [4.891180928768215]
  We conduct the first systematic study on state derailment defects of DEXs. These defects could lead to incorrect, incomplete, or unauthorized changes to the system state during contract execution. We propose StateGuard, a deep learning-based framework to detect state derailment defects in DEX smart contracts.
  arXiv  Detail & Related papers  (2024-05-15T08:40:29Z)
• STAKESURE: Proof of Stake Mechanisms with Strong Cryptoeconomic Safety [6.787433978322371]
  As of July 15, 2023, Ethererum, which is a Proof-of-Stake (PoS) blockchain, has around 410 Billion USD in total assets on chain. As the amount staked is far less (11x less) than the value secured, the blockchain is insecure "over-leveraged" in a cryptoeconomic sense. We formalize a model for analyzing the cryptoeconomic safety of PoS blockchain, which separately analyzes the cost-of-corruption, the cost incurred by an attacker, and the profit-from-corruption.
  arXiv  Detail & Related papers  (2024-01-11T10:03:00Z)
• Vulnerability Scanners for Ethereum Smart Contracts: A Large-Scale Study [44.25093111430751]
  In 2023 alone, such vulnerabilities led to substantial financial losses exceeding a billion of US dollars. Various tools have been developed to detect and mitigate vulnerabilities in smart contracts. This study investigates the gap between the effectiveness of existing security scanners and the vulnerabilities that still persist in practice.
  arXiv  Detail & Related papers  (2023-12-27T11:26:26Z)
• Don't Let MEV Slip: The Costs of Swapping on the Uniswap Protocol [0.17999333451993949]
  We present the first empirical characterization of the costs of trading on a decentralized exchange (DEX) Using quoted prices from the Uniswap Labs interface, we evaluate the efficiency of trading on DEXs. Our results provide preliminary evidence that DEXs offer a compelling trust-less alternative to centralized exchanges for trading digital assets.
  arXiv  Detail & Related papers  (2023-09-24T14:22:15Z)
• Why Trick Me: The Honeypot Traps on Decentralized Exchanges [10.170796156017305]
  Honeypot traps are designed to steal traders' assets. We introduce honeypot traps on decentralized exchanges and provide a taxonomy for these traps according to the attack effect. We discover 8,443 abnormal pools, which shows that honeypot traps may exist widely in exchanges like Uniswap.
  arXiv  Detail & Related papers  (2023-09-23T23:43:41Z)
• Adaptive Liquidity Provision in Uniswap V3 with Deep Reinforcement Learning [19.916721360624997]
  Decentralized exchanges (DEXs) are a cornerstone of decentralized finance (DeFi) This paper introduces a deep reinforcement learning (DRL) solution designed to adaptively adjust price ranges. Our approach also neutralizes price-change risks by hedging the liquidity position through a rebalancing portfolio.
  arXiv  Detail & Related papers  (2023-09-18T20:10:28Z)
• Uniswap Liquidity Provision: An Online Learning Approach [49.145538162253594]
  Decentralized Exchanges (DEXs) are new types of marketplaces leveraging technology. One such DEX, Uniswap v3, allows liquidity providers to allocate funds more efficiently by specifying an active price interval for their funds. This introduces the problem of finding an optimal strategy for choosing price intervals. We formalize this problem as an online learning problem with non-stochastic rewards.
  arXiv  Detail & Related papers  (2023-02-01T17:21:40Z)
• A Game of NFTs: Characterizing NFT Wash Trading in the Ethereum Blockchain [53.8917088220974]
  The Non-Fungible Token (NFT) market experienced explosive growth in 2021, with a monthly trade volume reaching $6 billion in January 2022. Concerns have emerged about possible wash trading, a form of market manipulation in which one party repeatedly trades an NFT to inflate its volume artificially. We find that wash trading affects 5.66% of all NFT collections, with a total artificial volume of $3,406,110,774.
  arXiv  Detail & Related papers  (2022-12-02T15:03:35Z)
• ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning [80.85273827468063]
  Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable. We propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for smart contracts. We show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract.
  arXiv  Detail & Related papers  (2021-03-23T15:04:44Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.