Research Pulse #70 06/20/22

  1. The Economics of Automated Market Makers
    Authors: Robin Fritsch, Samuel Kaser, and Roger Wattenhofer

This paper studies the question whether automated market maker protocols such as Uniswap can sustainably retain a portion of their trading fees for the protocol. We approach the problem by modelling how to optimally choose a pool’s take rate, i.e the fraction of fee revenue that remains with the protocol, in order to maximize the protocol’s revenue. The model suggest that if AMMs have a portion of loyal trade volume, they can sustainably set a non-zero take rate, even without losing liquidity to competitors with a zero take rate. Furthermore, we determine the optimal take rate depending on a number of model parameters including how much loyal trade volume pools have and how high the competitors’ take rates are.


  1. A Flash(bot) in the Pan: Measuring Maximal Extractable Value in Private Pools
    Authors: Ben Weintraub, Christof Ferreira Torres, Cristina Nita-Rotaru, and Radu State

The rise of Ethereum has lead to a flourishing decentralized marketplace that has, unfortunately, fallen victim to frontrunning and Maximal Extractable Value (MEV) activities, where savvy participants game transaction orderings within a block for profit. One popular solution to address such behavior is Flashbots, a private pool with infrastructure and design goals aimed at eliminating the negative externalities associated with MEV. While Flashbots has established laudable goals to address MEV behavior, no evidence has been provided to show that these goals are achieved in practice.
In this paper, we measure the popularity of Flashbots and evaluate if it is meeting its chartered goals. We find that (1) Flashbots miners account for over 99.9 % of the hashing power in the Ethereum network, (2) powerful miners are making more than 2× what they were making prior to using Flashbots, while non-miners’ slice of the pie has shrunk commensurately, (3) mining is just as centralized as it was prior to Flashbots with more than 90 % of Flashbots blocks coming from just two miners, and (4) while more than 80 % of MEV extraction in Ethereum is happening through Flashbots, 13.2 % is coming from other private pools.


  1. MoNet: A Fast Payment Channel Network for Scriptless Cryptocurrency Monero
    Authors: Zhimei Sui, Joseph K. Liu, Jiangshan Yu, and Xianrui Qin

We propose MoNet, the first bi-directional payment channel network with unlimited lifetime for Monero. It is fully compatible with Monero without requiring any modification of the current Monero blockchain. MoNet preserves transaction fungibility, i.e., transactions over MoNet and Monero are indistinguishable, and guarantees anonymity of Monero and MoNet users by avoiding any potential privacy leakage introduced by the new payment channel network. We also propose a new crypto primitive, named Verifiable Consecutive One-way Function (VCOF). It allows one to generate a sequence of statementwitness pairs in a consecutive and verifiable way, and these statement-witness pairs are one-way, namely it is easy to compute a statement-witness pair by knowing any of the pre-generated pairs, but hard in an opposite flow. By using VCOF, a signer can produce a series of consecutive adaptor signatures CAS. We further propose the generic construction of consecutive adaptor signature as an important building block of MoNet. We develop a proof-of-concept implementation for MoNet, and our evaluation shows that MoNet can reach the same transaction throughput as Lightning Network, the payment channel network for Bitcoin. Moreover, we provide a security analysis of MoNet under the Universal Composable (UC) security framework.


  1. A Taxonomy of Blockchain Oracles: The Truth Depends on the Question
    Authors: Michael Bartholic, Aron Laszka, Go Yamamoto, and Eric W. Burger

Blockchains benefit from guarantees of immutability and reliability due to their high redundancy and distributed nature. They show their value especially when operating between untrusted parties. Their functionality can be extended programmatically by smart contracts, but are limited by high costs of on-chain computation and only being able to truly trust data which is directly included on-chain. To attempt to bridge this limitation, blockchain oracles are introduced as a conceptual solution to act as a trusted source of information within the blockchain. The Oracle Problem emerges as we consider how one can introduce trusted information into a trust-free environment without compromising the validity of the blockchain. Many promising designs for oracle mechanisms have been proposed, but it is not readily apparent how one should assess the applicability of a given mechanism, nor the strengths and features between mechanisms. To be equipped to assess and categorize oracles, we must consider not just the possible answers, but the questions to which these oracles are trying to speak. Categorizing questions by their possible answering populations, we propose a framework for considering oracle questions and the context with which they are posed. We observe that there are limitations to what an oracle can hope to achieve, depending on the nature of the question, while noting the context in which a question exists can change what is viewed as true.


  1. Abstract interpretation of Michelson smart-contracts
    Authors: Guillaume Bau, Antoine Miné, Vincent Botbol, and Mehdi Bouaziz

Static analysis of smart-contracts is becoming more widespread on blockchain platforms. Analyzers rely on techniques like symbolic execution or model checking, but few of them can provide strong soundness properties and guarantee the analysis termination at the same time. As smart-contracts often manipulate economic assets, proving numerical properties beyond the absence of runtime errors is also desirable. Smart-contract execution models differ considerably from mainstream programming languages and vary from one blockchain to another, making state-of-the-art analyses hard to adapt. For instance, smart-contract calls may modify a persistent storage impacting subsequent calls. This makes it difficult for tools to infer invariants %and high-level security properties required to formally ensure the absence of exploitable vulnerabilities.
The Michelson smart-contract language, used in the Tezos blockchain, is strongly typed, stack-based, and has a strict execution model leaving few opportunities for implicit runtime errors. We present a work in progress static analyzer for Michelson based on Abstract Interpretation and implemented within MOPSA, a modular static analyzer. Our tool supports the Michelson semantic features, including inner calls to external contracts. It can prove the absence of runtime errors and infer invariants on the persistent storage over an unbounded number of calls. It is also being extended to prove high-level numerical and security properties.


  1. Assessing Security and Performance of Blockchain Systems and Consensus Protocols: Taxonomies, Methodologies and Benchmarking Procedures
    Author: Stefano De Angelis

Blockchain promises to improve systems security and trust by decentralising computer infrastructures. However, decentralisation also requires higher complexity that may lead to performance issues. With the rapid growth of blockchain adoption, such properties are paramount, and it becomes crucial to assess them in different application scenarios.
In this PhD thesis, we study performance and security of modern blockchain systems. We first refine the standard concepts of security and dependability, defining a set of properties for blockchain systems. We provide a taxonomy of platforms, consensus protocols, and smart contacts vulnerabilities, and we assess their security according to the proposed properties. We show that consensus strictly impacts system’s security. We also argue that it introduces trade-offs with performance that must be understood for building secure and efficient systems. So we design METHUS, a systematic methodology to assess blockchain consensus protocols applying qualitative and quantitative methods. Hence we evaluate two families of consensus protocols used in permissioned blockchains, and we show that a traditional Byzantine Fault Tolerant approach is preferable in this context. Extending the study to permissionless blockchains, we propose PETHARD, a framework to measure performance of consensus employed in two famous blockchains, namely Ethereum and Algorand. Despite promising results, PETHARD only simulates testing setups and cannot be used to evaluate realistic deployments. To this extent, we design PERSECUS which defines the standards for blockchain benchmarking. PERSECUS fosters efficient and precise measurements simulating various setups and real-world scenarios. We benchmark two blockchains, namely Parity and GoQuorum, evaluating their security, performance, and scalability properties. We illustrate that, besides consensus, other blockchain components, such as configuration of nodes parameters and transactions serialisation, strictly affect performance and security.
To conclude this thesis, we discuss the possibility of using elasticity, broadly adopted in Cloud Computing to automatise the provisioning of a system, to enhance performance and security in blockchain systems.