BRC20 Snipping Attack

• URL: http://arxiv.org/abs/2501.11942v1
• Date: Tue, 21 Jan 2025 07:38:08 GMT
• Title: BRC20 Snipping Attack
• Authors: Minfeng Qi, Qin Wang, Ningran Li, Shiping Chen, Tianqing Zhu,
• Abstract summary: We introduce and implement BRC20 sniping attack. Our attack manipulates the BRC20 token transfers in open markets and disrupts the fairness among bidding participants.
• Score: 8.870539952629356
• License:
• Abstract: In this paper, we introduce and implement BRC20 sniping attack. Our attack manipulates the BRC20 token transfers in open markets and disrupts the fairness among bidding participants. The long-standing principle of ``highest bidder wins'' is rendered ineffective. Typically, open BRC20 token markets rely on Partially Signed Bitcoin Transactions (PSBT) to broadcast selling intents and wait for buying auctions. Our attack targets the BRC20 buying process (i.e., transfer) by injecting a front-running transaction to complete the full signature of the PSBT. At its core, the attack exploits the mempool's fee-based transaction selection mechanism to snipe the victim transaction, replicate metadata, and front-run the legesmate transaction. This attack applies to platforms using PSBT for BRC20 token transfers, including popular Bitcoin exchanges and marketplaces (e.g., Magic Eden, Unisat, Gate.io, OKX). We implemented and tested the attack on a Bitcoin testnet (regtest), validating its effectiveness through multiple experimental rounds. Results show that the attacker consistently replaces legitimate transactions by submitting higher-fee PSBTs. We have also made responsible disclosures to the mentioned exchanges.

Related papers

• BRC20 Pinning Attack [9.2705406817139]
  BRC20 tokens are a type of non-fungible asset on the Bitcoin network. We present the first in-depth analysis of the BRC20 transfer mechanism and identify a critical attack vector.
  arXiv  Detail & Related papers  (2024-10-15T05:33:16Z)
• The Writing is on the Wall: Analyzing the Boom of Inscriptions and its Impact on EVM-compatible Blockchains [8.744676168760394]
  We present a data-driven analysis of the transaction surge in late 2023 and early 2024, attributed to inscriptions. We show that, on certain days, inscriptions accounted nearly 90% on Arbitrum and ZKsync Era. We also show that ZKsync and Arbitrum saw lower median gas fees during these surges.
  arXiv  Detail & Related papers  (2024-05-24T07:21:53Z)
• FRAD: Front-Running Attacks Detection on Ethereum using Ternary Classification Model [3.929929061618338]
  Front-running attacks, a unique form of security threat, pose significant challenges to the integrity of blockchain transactions. In these attack scenarios, malicious actors monitor other users' transaction activities, then strategically submit their own transactions with higher fees. We introduce a novel detection method named FRAD (Front-Running Attacks Detection on using Ternary Classification Model) Our experimental validation reveals that the Multilayer Perceptron (MLP) classifier offers the best performance in detecting front-running attacks, achieving an impressive accuracy rate of 84.59% and F1-score of 84.60%.
  arXiv  Detail & Related papers  (2023-11-24T14:42:29Z)
• BRC-20: Hope or Hype [2.3909240294391236]
  BRC-20 (short for Bitcoin Request for Comment 20) token mania was a key storyline in the middle of 2023. We pioneer the exploration of this concept, covering its intricate mechanisms, features, and state-of-the-art applications.
  arXiv  Detail & Related papers  (2023-08-31T02:59:52Z)
• Identifying key players in dark web marketplaces [58.720142291102135]
  This paper aims to identify the key players in Bitcoin transaction networks linked to dark markets. We show that a large fraction of the traded volume is concentrated in a small group of elite market participants. Our findings suggest that understanding the behavior of key players in dark web marketplaces is critical to effectively disrupting illegal activities.
  arXiv  Detail & Related papers  (2023-06-15T20:30:43Z)
• Blockchain Large Language Models [65.7726590159576]
  This paper presents a dynamic, real-time approach to detecting anomalous blockchain transactions. The proposed tool, BlockGPT, generates tracing representations of blockchain activity and trains from scratch a large language model to act as a real-time Intrusion Detection System.
  arXiv  Detail & Related papers  (2023-04-25T11:56:18Z)
• Bitcoin-Enhanced Proof-of-Stake Security: Possibilities and Impossibilities [45.90740335615872]
  Bitcoin is the most secure blockchain in the world, supported by the immense hash power of its Proof-of-Work miners. Proof-of-Stake chains are energy-efficient, have fast finality but face several security issues. We show that these security issues are inherent in any PoS chain without an external trusted source. We propose a new protocol, Babylon, where an off-the-shelf PoS protocol checkpoints onto Bitcoin to resolve these issues.
  arXiv  Detail & Related papers  (2022-07-18T06:01:25Z)
• Token Spammers, Rug Pulls, and SniperBots: An Analysis of the Ecosystem of Tokens in Ethereum and in the Binance Smart Chain (BNB) [50.888293380932616]
  We study the ecosystem of the tokens and liquidity pools. We find that about 60% of tokens are active for less than one day. We estimate that 1-day rug pulls generated $240 million in profits.
  arXiv  Detail & Related papers  (2022-06-16T14:20:19Z)
• Pump and Dumps in the Bitcoin Era: Real Time Detection of Cryptocurrency Market Manipulations [50.521292491613224]
  We perform an in-depth analysis of pump and dump schemes organized by communities over the Internet. We observe how these communities are organized and how they carry out the fraud. We introduce an approach to detect the fraud in real time that outperforms the current state of the art.
  arXiv  Detail & Related papers  (2020-05-04T21:36:18Z)
• Headless Horseman: Adversarial Attacks on Transfer Learning Models [69.13927986055553]
  We present a family of transferable adversarial attacks against such classifiers. We first demonstrate successful transfer attacks against a victim network using textitonly its feature extractor. This motivates the introduction of a label-blind adversarial attack. Our attack lowers the accuracy of a ResNet18 trained on CIFAR10 by over 40%.
  arXiv  Detail & Related papers  (2020-04-20T01:07:45Z)
• BatPay: a gas efficient protocol for the recurrent micropayment of ERC20 tokens [0.35132824436572674]
  BatPay is a proxy scaling solution for the transfer of ERC20 tokens. It is suitable for micropayments in one-to-many and few-to-many scenarios.
  arXiv  Detail & Related papers  (2020-02-06T15:43:52Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.