Table of Contents
Fetching ...

FIRST: FrontrunnIng Resilient Smart ConTracts

Emrah Sariboz, Gaurav Panwar, Roopa Vishwanathan, Satyajayant Misra

TL;DR

Frontrunning in DeFi exploits public mempools on permissionless chains, motivating FIRST, a decentralized, application-layer framework that uses Verifiable Delay Functions ($VDF$) and aggregate signatures to enforce per-user delays without changing blockchain consensus.FIRST leverages a federated set of verifiers to compute and verify a $VDF$ result, which is then aggregated and validated on-chain before a transaction is executed, ensuring that adversarial transactions cannot overtake the victim transaction with high probability.The authors formalize security in the Universal Composability framework and provide empirical evaluation on Ethereum and Binance Smart Chain data, showing effective reduction in frontrunning risk and detailing the on-chain costs of aggregate verification.Through extensive data-driven tuning (epoch length, delay parameters) and off-chain verification, FIRST offers a practical, scalable defense against MEV-like attacks while maintaining compatibility with existing DeFi dApps and relayers.The work demonstrates a viable path toward robust, application-layer protection against frontrunning with formal security guarantees and real-world feasibility, highlighting potential for broader adoption and further optimizations.

Abstract

Owing to the meteoric rise in the usage of cryptocurrencies, there has been a widespread adaptation of traditional financial applications such as lending, borrowing, margin trading, and more, to the cryptocurrency realm. In some cases, the inherently transparent and unregulated nature of cryptocurrencies leads to attacks on users of these applications. One such attack is frontrunning, where a malicious entity leverages the knowledge of currently unprocessed financial transactions submitted by users and attempts to get its own transaction(s) executed ahead of the unprocessed ones. The consequences of this can be financial loss, inaccurate transactions, and even exposure to more attacks. We propose FIRST, a framework that prevents frontrunning attacks, and is built using cryptographic protocols including verifiable delay functions and aggregate signatures. In our design, we have a federated setup for generating the public parameters of the VDF, thus removing the need for a single trusted setup. We formally analyze FIRST, prove its security using the Universal Composability framework and experimentally demonstrate the effectiveness of FIRST.

FIRST: FrontrunnIng Resilient Smart ConTracts

TL;DR

Frontrunning in DeFi exploits public mempools on permissionless chains, motivating FIRST, a decentralized, application-layer framework that uses Verifiable Delay Functions ($VDF$) and aggregate signatures to enforce per-user delays without changing blockchain consensus.FIRST leverages a federated set of verifiers to compute and verify a $VDF$ result, which is then aggregated and validated on-chain before a transaction is executed, ensuring that adversarial transactions cannot overtake the victim transaction with high probability.The authors formalize security in the Universal Composability framework and provide empirical evaluation on Ethereum and Binance Smart Chain data, showing effective reduction in frontrunning risk and detailing the on-chain costs of aggregate verification.Through extensive data-driven tuning (epoch length, delay parameters) and off-chain verification, FIRST offers a practical, scalable defense against MEV-like attacks while maintaining compatibility with existing DeFi dApps and relayers.The work demonstrates a viable path toward robust, application-layer protection against frontrunning with formal security guarantees and real-world feasibility, highlighting potential for broader adoption and further optimizations.

Abstract

Owing to the meteoric rise in the usage of cryptocurrencies, there has been a widespread adaptation of traditional financial applications such as lending, borrowing, margin trading, and more, to the cryptocurrency realm. In some cases, the inherently transparent and unregulated nature of cryptocurrencies leads to attacks on users of these applications. One such attack is frontrunning, where a malicious entity leverages the knowledge of currently unprocessed financial transactions submitted by users and attempts to get its own transaction(s) executed ahead of the unprocessed ones. The consequences of this can be financial loss, inaccurate transactions, and even exposure to more attacks. We propose FIRST, a framework that prevents frontrunning attacks, and is built using cryptographic protocols including verifiable delay functions and aggregate signatures. In our design, we have a federated setup for generating the public parameters of the VDF, thus removing the need for a single trusted setup. We formally analyze FIRST, prove its security using the Universal Composability framework and experimentally demonstrate the effectiveness of FIRST.
Paper Structure (27 sections, 1 theorem, 2 equations, 8 figures, 1 table, 7 algorithms)

This paper contains 27 sections, 1 theorem, 2 equations, 8 figures, 1 table, 7 algorithms.

Key Result

Theorem 5.1

Let $\mathcal{F}_{\text{FIRST}}$ be an ideal functionality for FIRST. Let $\mathcal{A}$ be a probabilistic polynomial-time (PPT) adversary for FIRST, and let $\mathcal{S}$ be an ideal-world PPT simulator for $\mathcal{F}_{\text{FIRST}}$. FIRST UC-realizes $\mathcal{F}_{\text{FIRST}}$ for any PPT dis

Figures (8)

  • Figure 1: Steps involved in a frontrunning attack.
  • Figure 2: Overview of FIRST.
  • Figure 3: Ideal functionality for blockchain.
  • Figure 4: Ideal functionality for transaction processing and VDF construction.
  • Figure 5: Comparison of VDF computation times across multiple devices.
  • ...and 3 more figures

Theorems & Definitions (3)

  • Theorem 5.1
  • Definition A.1
  • Definition A.2