Pikachu: Securing PoS Blockchains from Long-Range Attacks by Checkpointing into Bitcoin PoW using Taproot
Author: Sarah Azouvi, Marko Vukolić
Blockchain systems based on a reusable resource, such as proof-ofstake (PoS), provide weaker security guarantees than those based on proof-of-work. Specifically, they are vulnerable to long-range attacks, where an adversary can corrupt prior participants in order to rewrite the full history of the chain. To prevent this attack on a PoS chain, we propose a protocol that checkpoints the state of the PoS chain to a proof-of-work blockchain such as Bitcoin. Our checkpointing protocol hence does not rely on any central authority. Our work uses Schnorr signatures and leverages Bitcoin recent Taproot upgrade, allowing us to create a checkpointing transaction of constant size. We argue for the security of our protocol and present an open-source implementation that was tested on the Bitcoin testnet.
- Long-range attacks can undermine the safety and liveness guarantees of any blockchain network. They involve secretly “rewriting” large sequences of blocks in the blockchain to essentially change the set of transactions that network participants can consider final.
- Many solutions have been proposed in the past to address this attack vector. Chief amongst them is the concept of checkpointing whereby users all converge on a specific chain of events that cannot be changed.
- Pikachu is an interesting schema that enables blockchains to leverage the strong uptime and liveness guarantees of Bitcoin to checkpoint events happening in their blockchains and ultimately make long-range attacks substantially costlier.
Automated Market Making and Loss-Versus-Rebalancing
Authors: Jason Milionis, Ciamac C. Moallemi, Tim Roughgarden, Anthony Lee Zhang
We consider the market microstructure of automated market making and, specifically, constant function market makers (CFMMs), from the economic perspective of passive liquidity providers (LPs). In a frictionless, continuous-time Black-Scholes setting and in the absence of trading fees, we decompose the return of an LP into a instantaneous market risk component and a non-negative, non-decreasing, and predictable component which we call “loss-versus rebalancing” (LVR, pronounced “lever”). Market risk can be fully hedged, but once eliminated, LVR remains as a running cost that must be offset by trading fee income in order for liquidity provision to be profitable. We show how LVR can be interpreted in many ways: as the cost of pre-commitment, as the time value for giving up future optionality, as the compensator in a Doob-Meyer decomposition, as an adverse selection cost in the form the profits of arbitrageurs trading against the pool, and as an information cost because the pool does not have access to accurate market prices. LVR is distinct from the more commonly known metric of “impermanent loss” or “divergence loss”; this latter metric is more fundamentally described as “loss-versus-holding” and is not a true running cost. We express LVR simply and in closed-form: instantaneously, it is is the scaled product of the variance of prices and the marginal liquidity available in the pool, i.e., LVR the floating leg of a generalized variance swap. As such, LVR is easily calibrated to market data and specific CFMM structure. LVR provides tradeable insight in both the ex ante and ex post assessment of CFMM LP investment decisions, and can also inform the design of CFMM protocols.
- One of the main use-cases of DeFi is peer-to-peer trading via so-called Automated Market Makers (AMMs), a familiy of algorithms that enables parties to effectively price an exchange of assets.
- The most popular AMM construct is known as the Constant Function Market Maker (CFMM), which prices assets based on the quantity available in a market relative to a constant figure.
- While CFMMs like Uniswap have undoubtedly increased the popularity of DeFi, there are improvements to their constructs that would foster better price efficiency and attract more sophisticated Liquidity Providers (LPs).
- This paper decomposes the return of LPs and introduces a new metric that they can leverage in the CFMM setting called “loss-versus rebalancing” (LVR, pronounced “lever”).
- LVR provides interesting insights that LPs can use to better manage risk and it iterates upon previous risk metrics such as “impermanent loss”. Additionally, it can be used to enhance CFMM models and inform the creation of new CFMM designs.
G3Ms: Generalized Mean Market Makers
Author: Daniel Z. Zanger
In the Decentralized Finance (DeFi) setting, we present a new parametrized family of Constant Function Market Makers (CFMMs) which we call the Generalized Mean Market Makers (G3Ms), based on the generalized means. The G3Ms are intermediate between the Arithmetic Mean and Geometric Mean CFMM models, which G3Ms incorporate as special cases. We also present an extension of the G3Ms, based on the so-called Generalized f-Means, called Generalized f-Mean Market Makers (Gf3Ms). We show in addition that the G3Ms possess certain properties preferable to those exhibited by either the Arithmetic Mean CFMM or the Geometric Mean CFMM alone.
- As mentioned previously, CFMMs are used to price asset exchanges in a decentralized setting. Most CFMMs use either Arithmetic or Geometric means to price the assets in a swap.
- This paper proposes a new pricing approach that uses Generalized f-Means instead of Arithmetic or Geometric means which, depending on the nature of the market, may offer interesting benefits.
- The author does a great job evaluating the performance of Generalized f-Means when considering different slippage parameters and trade sizes.
Perpetual Contract NFT as Collateral for DeFi Composability
Author: HYOUNGSUNG KIM, HYUN-SIK KIM, AND YONG-SUK PARK.
Ethereum and its standardized token interface have formed decentralized finance (DeFi), an open financial system based on blockchain smart contracts. The DeFi ecosystem has become richer with the introduction of DeFi composability projects, such as Lido finance and Curve finance. DeFi composability denotes the concatenation of DeFi services in which each DeFi service locks assets as collateral and gives another asset as liquidity of locked assets to providers. Providers use the tokens given for other concatenated DeFi services, such as lending, decentralized exchanges (DEXs), and derivatives. The DeFi ecosystem uses ERC20 tokens which can represent the value of an asset. ERC-721 non-fungible tokens (NFTs) are not widely adopted in DeFi, since they represent rights to an asset and are not considered appropriate for valuation. In this paper, we propose a new concept, perpetual contract NFT, which exploits perpetual future contracts in the cryptocurrency derivatives market. Unlike futures contracts in a traditional derivatives market, in the cryptocurrency derivatives market, most futures contracts are perpetual. In addition, the value of futures contract is backed by collateral. Therefore, if we mint the rights to perpetual contracts as NFT, we can use the perpetual contract NFT as collateral for DeFi composability. To validate our proposal and its profitability, we experiment with the position NFT of Uniswap v3. Through validation, we show that our concept works in real-world scenarios.
- Non-fungible Tokens (NFTs) have seen a substantial surge in interest and investments. Most of these tokens are implemented using the ERC-721 token standard.
- While ERC-721s have attained considerable market share as a token type, they are rarely used in Decentralized Finance (DeFi) as collateral given how difficult it can be to accurately price them.
- This paper proposes the creation of a new type of NFT financial product that borrows key concepts from perpetual derivatives, or perps, to enable more active price discovery of NFTs.
FairBlock: Preventing Blockchain Front-running with Minimal Overheads
Author: Peyman Momeni, Sergey Gorbunov, and Bohan Zhang.
While blockchain systems are quickly gaining popularity, front-running remains a major obstacle to fair exchange. In this paper, we show how to apply identity-based encryption (IBE) to prevent frontrunning with minimal bandwidth overheads. In our approach, to decrypt a block of N transactions, the number of messages sent across the network only grows linearly with the size of decrypting committees, S. That is, to decrypt a set of N transactions sequenced at a specific block, a committee only needs to exchange S decryption shares (independent of N). In comparison, previous solutions are based on threshold decryption schemes, where each transaction in a block must be decrypted separately by the committee, resulting in bandwidth overhead of N × S. Along the way, we present a model for fair block processing and build a prototype implementation. We show that on a sample of 1000 messages with 1000 validators our system saves 42.53 MB of bandwidth which is 99.6% less compared with the standard threshold decryption paradigm.
- Front-running is a popular strategy employed by arbitrageurs operating in DeFi markets. However, it does create negative externalities that network participants must deal with, especially when transacting larger amounts.
- This paper proposes a new transaction broadcasting schema that leverages identity-based encryption (IBE) to prevent frontrunning.
- Unlike previous attempts at obfuscating transaction broadcasting workflows, this approach does not entail a large bandwidth overhead, which hurts network efficiency.