Frontrunner Jones and the Raiders of the Dark Forest: An Empirical Study of Frontrunning on the Ethereum Blockchain

TL;DR

This paper investigates frontrunning attacks on the Ethereum blockchain, revealing their prevalence, profitability, and types through large-scale analysis of transaction data, highlighting a significant security concern in decentralized finance.

Contribution

It introduces a methodology to measure different types of frontrunning attacks and provides the first large-scale empirical analysis of these attacks on Ethereum.

Findings

Nearly 200,000 attacks identified

Attackers profited approximately 18.41 million USD

Frontrunning is both common and highly profitable

Abstract

Ethereum prospered the inception of a plethora of smart contract applications, ranging from gambling games to decentralized finance. However, Ethereum is also considered a highly adversarial environment, where vulnerable smart contracts will eventually be exploited. Recently, Ethereum's pool of pending transaction has become a far more aggressive environment. In the hope of making some profit, attackers continuously monitor the transaction pool and try to frontrun their victims' transactions by either displacing or suppressing them, or strategically inserting their transactions. This paper aims to shed some light into what is known as a dark forest and uncover these predators' actions. We present a methodology to efficiently measure the three types of frontrunning: displacement, insertion, and suppression. We perform a large-scale analysis on more than 11M blocks and identify almost 200K attacks with an accumulated profit of 18.41M USD for the attackers, providing evidence that frontrunning is both, lucrative and a prevalent issue.