Infrastructure-layer Attacks

The infrastructure-layer attacks include vulnerabilities in the BC design. They might directly target the BC, its nodes, and consensus mechanisms on which DeFi protocols operate (BC Attack) or exploit design faults in processing the transaction (MEV Attack).

Blockchain Attacks

The 51% attack allows tampering with the ledger data by controlling over half of the network hash rate. Other examples include block timestamp manipulation. DeFi service customers and arbitrageurs are partially affected during the BC attacks, as they are only restricted from using the DeFi Protocols. LPs lose all tokens locked on the victim BC. Similarly, issuers of stablecoins and liquids staking tokens lose the collateral. The governance users are fully affected, as their DeFi protocol is based on the victim BC. The BC attacks might be mitigated by using DeFi protocols only from the established BCs with vast networks of nodes and staked assets.

Collapse of Terra Blockchain

The Terra blockchain be- longed for the ten largest blockchains with a market capitalization of over $30bn. Its collapse was caused by the vulnerability in the economical design of its algorithmic stablecoin UST, and led to the fall of the DeFi protocols operating on Terra. In infrastructure layer attacks, such as the attack on Terra, all DeFi stakeholders - service customers, liquidity providers (LPs), arbitrageurs, and governance users - are fully exposed, as the attack ultimately leads to the loss of value of the victim blockchain with all deployed smart contracts and tokens.

MEV Attacks

MEV attacks (Miner Extractable Value attacks) refer to miners or validators benefiting from their access to information about an upcoming transaction. The traditional financial market has been encountering similar cases since the 1970s. The blockchain, by design, allows validators to decide on the order of transactions in the block. In MEV attacks, transactions are re-ordered for the benefit of validators at the expense of the initiator of the victim transaction. Flash loans additionally increase the arbitrage revenue of the attackers. Some liquid staking protocols incorporate revenue from MEV attacks in the rewards tokens. Depending on the re-ordering strategy, the MEV attacks can be classified as follows:

• Front-running attack - the validator inserts the transaction before the victim transaction; if the victim transaction does not settle, the attack is fatal. This form of MEV attack targets, for instance, the arbitrage transaction. The validator makes a risk-free profit by copying and front-running the arbitrage transaction. The original transaction is not executed, as the arbitrage conditions no longer exist.

• Back-running attack - the validator’s transaction is executed after the target transaction. For instance, in MEV arbitrage, the validator executes the transaction that equals the prices between CEX and AMM-DEX.

• Sandwich attack combines front- and back-running, as depicted in algorithms.

• Just In Time Liquidity (JIT) attack occurs only at CLMM, such as Uniswap (v3), and refers to providing liquidity only for the price range of the target transaction. Once the transaction is executed, the liquidity is withdrawn from the pool, as presented in the algorithm.

DeFi protocols cannot prevent MEV attacks, as they are initiated in the blockchain infrastructure layer. Multiple approaches to mitigate transaction-ordering attacks have emerged, but all provide unsatisfactory results. Considering swap fees, slippage tolerance, and gas fees, MEV attacks are only profitable if the size of the victim transaction ex- ceeds a certain threshold. Privacy-preserving blockchains with TEE, e.g., Integritee or Secret Network, prevent transaction reordering from the infrastructure layer.

MEV Attacks affect mostly traders (service customers) and arbitrageurs at CLOB and AMM DEXs. Traders pay the higher swap costs and arbitrageurs cannot execute their transaction. In JIT attacks, the traders profit from the attack, paying lower slippage costs. LPs are the victims of the attack, as their rewards from the swap fees are shared with the MEV attacker. Less than 1% of liquidity at Uniswap (v3) is provided by JIT