Nate Hindman

@natehindman

Balancing Openness & Safety in DeFi: Mitigating Front Running on Bancor

April 1st 2019

Open financial networks on the Ethereum blockchain must deal with the risk of exposing users to an array of abusive practices. While decentralized finance or “DeFi” instruments offer huge advantages over legacy financial systems, namely by eliminating rent-seeking intermediaries and bringing new levels of transparency to token markets, network designers should seek to strike a balance between openness and user safety. After all, if DeFi solutions become rife with abuse and are only safe for the most advanced users, they will undermine the very openness that DeFi projects seek to promote.

One such attempt to exploit the design of DeFi architectures is the abusive practice known as front running, which occurs when malicious actors steal money from users by stepping in front of pending transactions. The term front running originated in the stock market, when trades were executed on paper and carried by hand between trading desks. A broker would receive an order from a client to buy a certain stock, but place a buy order in front of the trade for themselves, benefiting from the eventual price rise and effectively stealing money from the client.

On certain Ethereum-based networks, a front runner can monitor for incoming transactions that will increase the price of an asset and step in front of a transaction by paying a slightly higher gas fee, resulting in miners selecting their transaction first. The original pending transaction and the user who submitted it are manipulated by the front runner who profits from the price increase and then dumps the asset, while the user receives less of the asset than expected.

When the Bancor Protocol launched in 2017, it introduced a new level of transparency into token conversions. Historically, crypto token conversions have been processed inside the vaults of exchanges or via off-chain order matching — between buyers and sellers — which often leads to opaque pricing and unexpected costs (e.g., “slippage”) for users.

With Bancor Protocol, conversions occur fully on-chain — from pricing through settlement — via automated market maker smart contracts. Since users convert directly against smart contracts, without order books or counterparties, users are able to pre-calculate the amount of tokens they’ll receive with greater accuracy, while every movement of tokens in the network is publicly recorded and auditable on the blockchain.

However, this level of visibility and predictability can be a double-edged sword as it can also be used by malicious actors to front run conversions.

Bancor mitigates front running by building hard-coded values into transactions at the protocol level and setting a maximum gas price which dynamically adjusts for each transaction on the network. This ensures that transactions submitted to the network are executed in the correct and valid order, neutralizing the threat of front running.

To determine maximum gas price, Bancor developed a heuristic which calculates the optimal gas price within the average time it takes to execute a transaction on the Ethereum blockchain (between 45s and 1m and 15s). The heuristic is designed to avoid anomalies such as Ethereum network congestion and spam which could lead to inflated gas prices.

There are certainly trade-offs to this approach. While some DeFi protocols are able to keep Ethereum gas prices lower because they do not implement a max gas price, they expose users to front running abuse, which increases as a network’s volume grows and returns become more attractive for sophisticated front-running traders or bots. While these protocols tout their ability to maintain lower gas prices, ultimately, users may end up incurring even higher costs if their conversions are front run by malicious actors. Moreover, the conversion volume from front running may lead product operators to delay front running protection, so as to maintain network volume, despite it being partially the result of manipulation.

Over the long term, de-prioritizing user safety will create environments which are not suitable for everyday users, undermining the very openness of open finance. DeFi simply won’t succeed if users have to master gas strategies to avoid abuse. As DeFi projects look towards new innovations that target everyday human users, basic protections against manipulation will be key to driving healthy interest and long-term growth. Network operators should seek to introduce elements that make manipulative behavior unprofitable or prevent it altogether, while imposing the least collective costs on users. As with decentralization, products and services can strive for how to best achieve the benefits of openness, rather than making it the aim in and of itself.

About The Bancor Protocol

Bancor is an on-chain liquidity protocol revolutionizing the way people create and share value by ensuring constant convertibility between tokens. Conversions via Bancor are executed against on-chain liquidity pools using automated market makers to price and process transactions without order books or counterparties, enabling faster, cheaper and more predictable conversions across 9700+ ERC20 and EOS token pairs, including non-custodial conversions between blockchains.

How to get involved with Bancor

More by Nate Hindman

More Related Stories