Researchers ‘Trap’ Frontrunning Bots Spying On Ethereum Transactions

Source: Adobe/Marco Uliana

It is critical to understand malicious software known as frontrunning bots that spy on other people’s crypto transactions in order to make hefty profits at others’ expense, according to mobile wallet maker ZenGo. Only then, developers could build more secure systems.

One popular example of frontrunning involves exchange bids.

“Say someone is about to buy a huge amount of ETH on Uniswap, enough to drive the price of ETH up. One way to benefit from this scenario is to put a transaction to buy ETH just before this huge amount of ETH is purchased, while the price remains lower. Then, right after the price spikes, sell the ETH for a profit,” the researchers said in their latest report. “In addition to this arbitrage example, frontrunning many other transactions can also be valuable, including liquidations, buying rare NFTs, or simple user mistakes.”

To study the bots’ behavior, ZenGo’s researchers “trapped” them with small amounts of locked crypto. They then evaluated how efficient the predators were at capturing the bait, and what was the likeliness of a transaction to get hunted down. This also provided the company’s team with an opportunity to test different ways to evade the bots.

The first trap to be seized by a frontrunning bot, worth ETH 0.035 (USD 21), was preyed upon within three minutes. Another bounty of ETH 0.055 was frontrunned by a different bot in a matter of seconds. Finally, a ETH 0.05 trap was set, but the researchers were able to extract the funds successfully.

“The combination of an Owned proxy that only enabled the owner to forward transactions prevented both frontrunners from successfully parsing the data and taking the profit for themselves,” according to the report. “Perhaps the requirement to only allow the call to be executed by the contract owner or the fact the funds were sent to a different target than the calling contract helped avoid a frontrunning attempt.”

However, they admitted that most likely, there are far more sophisticated bots that were simply not interested in taking a risk for such a small profit.

The “scary reality right now is that if there is some call to a contract yielding a profit that anyone can call, even if it is very obscure, it’s highly likely some frontrunning bot will try and take it first,” they concluded.
___
Learn more:
Researchers Found a Way to Catch Altcoin Pumpers and Dumpers Early
This is How Crypto Market Data Providers “Deflate” Fake Trading Volumes
How to Tell Whether Crypto Exchange is Lying to You
New Crypto Market AI Prediction System Wants To Automate Crypto Trades
The Answer to Forecasting Bitcoin May Lie in Artificial Intelligence