Anticipating a sell-out initial coin offering (ICO), a crypto-enthusiast is patiently waiting to send a purchase over the blockchain when the ICO begins.
As soon as it does, he broadcasts the transaction over the network, but it doesnât go through. He tries again. And again. Still nothing.
On Reddit, other users are furious. They lament. Why werenât their transactions being picked up? Project corruption? Bigger whales?
New research suggests the biggest threat to a fair token sale may be miners.
Tasked with organizing the transactions that go into each block, miners, it seems, have found themselves in a powerful position in regards to ICOs â one that could be quite lucrative for them at the expense of users.
The practice is called âfrontrunning,â and itâs alleged to occur when mining pools detect large volumes of transactions being used for the purchase of new tokens. Rather than treat the transactions as any other, they instead cut the line.
And in ICOs where demand is high, transaction ordering can mean the difference between a successful bid at retail prices, and being stuck with a higher price tag later. Thatâs because if the token sells out while thereâs still demand, the miners can then resell the tokens on a secondary market at a premium.
Itâs an ingenious hack, but a tough one to pull off.
Everything has to be just right, the ICO canât sell out in one block, and it canât have too long a time frame for buys, either, like tokens that havenât garnered much interest and so donât sell out at all. The sweet spot: selling out in 20 to 30 blocks.
And thatâs not all. Not only does the mining pool have to reorganize transactions so its own are in the next block to be found, it would also have to win the block race to verify that block. Because if they didnât, the mining pool that verified the block would be able to see the reorganization and call fraud.
Itâs risky. But yet, thereâs evidence, or at least, speculation that itâs happened.
In June this year, it was alleged that China-based F2Pool created addresses to purchase tokens from the Status ICO, and that those addresses were the only ones mined in a block published by the pool.
Widespread or not, the idea that some ICOs not be fair has nonetheless sparked the interest of researchers, and Cornellâs Initiative for Cryptocurrencies and Contracts (IC3) has come up with a possible solution.
In a blog post released today, the noted blockchain research outfit will outline what itâs calling âsubmarine sendsâ â a potential solution to ICO frontrunning.
While technically dense, Phil Daian, an IC3 researcher who co-authored the paper with Lorenz Breidenbach, Ari Juels and Florian Tramer, explained the process more colloquially: submarine sends obfuscate transactions so they appear like any regular ethereum transaction going to a brand-new address.
Because miners arenât able to see the amount being sent, what contract is being used and what the recipient address is, theyâll order the transaction in the block and lock it in. And only then will the specifics of the transaction be made public.
Daian told CoinDesk:
âLetâs say youâre on an exchange, and want to put in a market order of a half a bitcoin for the purchase of ether, and some miner puts in their transaction in front of you. They buy ether at a lower price, and then you buy ether at a higher price, and then the miner sells right away and makes a profit.â
And this is exasperated in ICOs that have caps on the amount of tokens being sold, since, after the ICO has closed, âtokens start trading right away at a higher price, driven up by scarcity,â according to Daian.
He pointed to the 0x ICO, saying that although it doesnât seem like frontrunning was a problem there, the sought-after tokens sold for about five times their initial price on secondary markets after the ICO ended.
Daian, like many others in the community, donât have much sympathy for miners, who already make thousands per successful block. But like most things in the cryptocurrency world, itâs hard to prove abuse.
âThereâs some small scale examples where [miner frontrunning] looks pretty probable. But itâs always hard to prove anything in a system without real identity,â Daian said.
Rick Dudley â an IT consultant and CEO of Vulcanize Inc., which provides consultancy and security audits for decentralized applications â seconded Daianâs comment with the caveat that it depends how flagrant the miners are when trying to take advantage of their position.
For instance, he described how in some ICO sales, frontrunning is possible to detect by observing the âmempoolâ (the area where transactions sit unconfirmed waiting to be put in blocks). Here, Dudley said, heâs observed situations in which transactions that were supposed to go into the next block were skipped over for transactions that seemed to suddenly appear out of thin air.
While the mining pool has plausible deniability (it could be that there was a bug in the system), if this transaction skipping continues to happen, Dudley said itâs an obvious warning sign of frontrunning.
During the F2Pool instance, itâs speculated that the mining pool developed software, not to reorder transactions, but to reject transactions that were not on their âwhitelist,â and to only pick up transactions from specific addresses (ones it had created).
According to Daian, users were able to look inside those blocks and see that trend, especially since most of the blocks F2Pool mined were nearly empty.
Software that works off a whitelist, Daian continued, is much easier to build than the software necessary to reorder transactions.
âThereâs a large amount of technical knowledge youâd need to have to do this. And most miners are not also programmers,â he said.
It would take both time and money to create something like this, and because volume is still relatively small, the reward isnât big enough for most miners to saddle the burden, he said.
Daian added:
âIf you wanted to quantify the problem, I wouldnât say itâs a high percentage of ICOs that are being affected.â
But if miner frontrunning hasnât become a huge problem just yet, many suspect it could become one.
âThereâs not enough volume going through the network to warrant a solution, but itâs a legitimate threat,â said Dudley.
But whether itâs a pressing issue affecting lots of users might not be at the heart of why this attack is important.
Indeed, the ability for miners (and other actors with other attacks) to game the system could signal immaturity in a market many have touted as a way to disrupt the venture capital industry. And thereâs interest in finding solutions before the market matures.
Paper co-author Breidenbach seconded that sentiment, saying: âAs volume increases, the important point is that this will happen in the future.â
The IC3 group has already written code aimed to tackle frontrunning, though itâs still experimental and not yet ready to be released to the public.
As for why the the researchers decided to outline their solution now, Breidenbach said:
âFrom a research perspective, we see this issue and want to propose solutions before it becomes a big problem.â
Submarine image via Shutterstock
