Commitment Against Front Running Attacks
Andrea Canidio, Vincent Danos
TL;DR
This paper analyzes front-running on Ethereum through a game-theoretic model that separates attacks from legitimate competition. It proposes a smart-contract–level commit-reveal protocol, inspired by submarine commitments and ENS-style schemes, in which users first commit a masked message and later reveal it, forcing attackers to guess without knowing the victim’s choice. The main result is that the protocol can eliminate the most severe front-running while preserving honest competition, albeit at the cost of an extra message and a one-block delay, and it becomes more effective when attacker guessing is hard. The authors extend the framework to scenarios with hiding commitments, multiple attackers, and partial implementations, and discuss practical considerations such as mempool timings and composability, along with limitations and directions for future work.
Abstract
We provide a game-theoretic analysis of the problem of front-running attacks. We use it to distinguish attacks from legitimate competition among honest users for having their transactions included earlier in the block. We also use it to introduce an intuitive notion of the severity of front-running attacks. We then study a simple commit-reveal protocol and discuss its properties. This protocol has costs because it requires two messages and imposes a delay. However, we show that it prevents the most severe front-running attacks while preserving legitimate competition between users, guaranteeing that the earliest transaction in a block belongs to the honest user who values it the most. When the protocol does not fully eliminate attacks, it nonetheless benefits honest users because it reduces competition among attackers (and overall expenditure by attackers).