Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

BACKRUNNER: Mitigating Smart Contract Attacks in the Real World

Chaofan Shou, Yuanyu Ke, Yupeng Yang, Qi Su, Or Dadosh, Assaf Eli, David Benchimol, Doudou Lu, Daniel Tong, Dex Chen, Zoey Tan, Jacob Chia, Koushik Sen, Wenke Lee

TL;DR

The paper shows that real-world frontrunning defenses against smart-contract exploits fail due to private transactions and intense bot competition. It introduces BACKRUNNER, a framework that combines preemptive hijack (counter-exploits deployed before attacks) and attack backrunning (reusing attack transactions to protect similar targets) and leverages exploit synthesis via program repair, rule rewrites, and hybrid fuzzing. Through past-attacks backtesting and real-world deployments, BACKRUNNER rescues substantial funds (over $11.2M in two months; $410M in 2023) and demonstrates the practical viability of proactive defense in DeFi. The work provides detailed methodology, performance assessments, and discussion of limitations and ethical considerations, highlighting significant potential to reduce losses from smart contract attacks in real-world networks.

Abstract

Billions of dollars have been lost due to vulnerabilities in smart contracts. To counteract this, researchers have proposed attack frontrunning protections designed to preempt malicious transactions by inserting "whitehat" transactions ahead of them to protect the assets. In this paper, we demonstrate that existing frontrunning protections have become ineffective in real-world scenarios. Specifically, we collected 158 recent real-world attack transactions and discovered that 141 of them can bypass state-of-the-art frontrunning protections. We systematically analyze these attacks and show how inherent limitations of existing frontrunning techniques hinder them from protecting valuable assets in the real world. We then propose a new approach involving 1) preemptive hijack, and 2) attack backrunning, which circumvent the existing limitations and can help protect assets before and after an attack. Our approach adapts the exploit used in the attack to the same or similar contracts before and after the attack to safeguard the assets. We conceptualize adapting exploits as a program repair problem and apply established techniques to implement our approach into a full-fledged framework, BACKRUNNER. Running on previous attacks in 2023, BACKRUNNER can successfully rescue more than \$410M. In the real world, it has helped rescue over \$11.2M worth of assets in 28 separate incidents within two months.

BACKRUNNER: Mitigating Smart Contract Attacks in the Real World

TL;DR

The paper shows that real-world frontrunning defenses against smart-contract exploits fail due to private transactions and intense bot competition. It introduces BACKRUNNER, a framework that combines preemptive hijack (counter-exploits deployed before attacks) and attack backrunning (reusing attack transactions to protect similar targets) and leverages exploit synthesis via program repair, rule rewrites, and hybrid fuzzing. Through past-attacks backtesting and real-world deployments, BACKRUNNER rescues substantial funds (over 410M in 2023) and demonstrates the practical viability of proactive defense in DeFi. The work provides detailed methodology, performance assessments, and discussion of limitations and ethical considerations, highlighting significant potential to reduce losses from smart contract attacks in real-world networks.

Abstract

Billions of dollars have been lost due to vulnerabilities in smart contracts. To counteract this, researchers have proposed attack frontrunning protections designed to preempt malicious transactions by inserting "whitehat" transactions ahead of them to protect the assets. In this paper, we demonstrate that existing frontrunning protections have become ineffective in real-world scenarios. Specifically, we collected 158 recent real-world attack transactions and discovered that 141 of them can bypass state-of-the-art frontrunning protections. We systematically analyze these attacks and show how inherent limitations of existing frontrunning techniques hinder them from protecting valuable assets in the real world. We then propose a new approach involving 1) preemptive hijack, and 2) attack backrunning, which circumvent the existing limitations and can help protect assets before and after an attack. Our approach adapts the exploit used in the attack to the same or similar contracts before and after the attack to safeguard the assets. We conceptualize adapting exploits as a program repair problem and apply established techniques to implement our approach into a full-fledged framework, BACKRUNNER. Running on previous attacks in 2023, BACKRUNNER can successfully rescue more than \11.2M worth of assets in 28 separate incidents within two months.
Paper Structure (30 sections, 1 equation, 9 figures, 1 table, 2 algorithms)

This paper contains 30 sections, 1 equation, 9 figures, 1 table, 2 algorithms.

Table of Contents

  1. Introduction
  2. Background
  3. Smart Contracts
  4. Blockchain Mempool
  5. MEV and Frontrunning
  6. Smart Contract Firewall
  7. Program Repair
  8. Motivation
  9. Attack Frontrunning
  10. Exploit Synthesis
  11. Methodology
  12. Threat Model
  13. Overview of BackRunner
  14. Generating Exploits for preemptive hijack
  15. Generating Exploits for attack backrunning
  16. ...and 15 more sections

Figures (9)

  • Figure 1: Time span of an attack
  • Figure 2: Funds loss in 2023 - 2024.
  • Figure 3: Successful attack transactions in 2023 - 2024.
  • Figure 4: Block bidding process of frontrunning the $3000 honeypot attack.
  • Figure 5: The time difference between when the exploit is deployed and the attack is triggered.
  • ...and 4 more figures