publications
pre-prints
2024
- Deanonymizing Ethereum Validators: The P2P Network Has a Privacy IssueLioba Heimbach, Yann Vonlanthen, Juan Villacis, and 2 more authors2024Awarded a bug bounty by the Ethereum Foundation.
Many blockchain networks aim to preserve the anonymity of validators in the peer-to-peer (P2P) network, ensuring that no adversary can link a validator’s identifier to the IP address of a peer due to associated privacy and security concerns.
This work demonstrates that the Ethereum P2P network does not offer this anonymity. We present a methodology that enables any node in the network to identify validators hosted on connected peers and empirically verify the feasibility of our proposed method. Using data collected from four nodes over three days, we located more than 15% of Ethereum validators in the P2P network. The insights gained from our deanonymization technique provide valuable information on the distribution of validators across peers, their geographic locations, and hosting organizations. We further discuss the implications and risks associated with the lack of anonymity in the P2P network and propose methods to help validators protect their privacy.
The Ethereum Foundation awarded us a bug bounty, acknowledging the impact of our results.@misc{Heimbach2024deanonymizing, author = {Heimbach, Lioba and Vonlanthen, Yann and Villacis, Juan and Kiffer, Lucianna and Wattenhofer, Roger}, title = {Deanonymizing Ethereum Validators: The P2P Network Has a Privacy Issue}, year = {2024}, } - On the Lifecycle of a Lightning Network Payment ChannelFlorian Grötschla, Lioba Heimbach, Severin Richner, and 1 more author2024Non-archival: Workshop on Scalability & Interoperability of Blockchains (SIB) @ AFT 24, October 2024
The Bitcoin Lightning Network, launched in 2018, serves as a layer 2 scaling solution for Bitcoin. The Lightning Network allows users to establish channels between each other and subsequently exchange off-chain payments. Together, these channels form a network that facilitates payments between parties even if they do not have a channel in common. The Lightning Network has gained popularity over the past five years as it offers an attractive alternative to on-chain transactions by substantially reducing transaction costs and processing times. Nevertheless, due to the privacy-centric design of the Lightning Network, little is understood about its inner workings. In this work, we conduct a measurement study of the Lightning Network to shed light on the lifecycle of channels. By combining Lightning gossip messages with on-chain Bitcoin data, we investigate the lifecycle of a channel from its opening through its lifetime to its closing. In particular, our analysis offers unique insights into the utilization patterns of the Lightning Network. Even more so, through decoding the channel closing transactions, we obtain the first dataset of Lightning Network payments, observe the imbalance of channels during the closing, and investigate whether both parties are involved in the closing, or one closes the channel unilaterally. For instance, we find nearly 60% of cooperatively closed channels are resurrected, i.e., their outputs were used to fund another channel.
@misc{grotschla2024lifecycle, author = {Grötschla, Florian and Heimbach, Lioba and Richner, Severin and Wattenhofer.r, Roger}, title = {On the Lifecycle of a Lightning Network Payment Channel}, year = {2024}, } - The Potential of Self-Regulation for Front-Running Prevention on Decentralized ExchangesLioba Heimbach, Eric Schertenleib, and Roger Wattenhofer2024Non-archival: 22nd Workshop on the Economics of Information Security (WEIS’23), July 2023 (best talk award)
Non-archival: 4th Workshop on Decentralized Finance (DeFi), March 2024The transaction ordering dependency of the smart contracts building decentralized exchanges (DEXes) allow for predatory trading strategies. In particular, front-running attacks present a constant risk for traders on DEXes. Whereas legal regulation outlaws most front-running practices in traditional finance, such measures are ineffective in preventing front-running on DEXes due to the absence of a central authority. While novel market designs hindering front-running may emerge, it remains unclear whether the market’s participants, in particular liquidity providers, would be willing to adopt these new designs. A misalignment of the participant’s private incentives and the market’s social incentives can hinder the market from adopting an effective prevention mechanism.
We present a game-theoretic model to study the behavior of traders and liquidity providers in DEXes. Our work finds that in most market configurations, the private interests of traders and liquidity providers align with the market’s social incentives - eliminating front-running attacks. However, even though liquidity providers generally benefit from embracing the market that prevents front-running, the benefit is often small and may not suffice to entice them to change strategy in reality. Thus, we find that inert liquidity providers might require additional incentives to adopt innovative market designs and permit the market’s successful self-regulation.@misc{Heimbach2023potential, author = {Heimbach, Lioba and Schertenleib, Eric and Wattenhofer, Roger}, title = {The Potential of Self-Regulation for Front-Running Prevention on Decentralized Exchanges}, journal = {arXiv preprint arXiv:2306.05756}, year = {2024}, } - SSRNDeFi LeverageLioba Heimbach, and Wenqian Huang2024
This paper examines DeFi leverage, using wallet-level data on major lending platforms. The overall leverage typically ranges between 1.4 and 1.9, while the largest and most active users consistently exhibit higher leverage in comparison to the rest. Leverage is mainly driven by loan-to-value requirements and borrow rates, as well as crypto market price movements and sentiments. Higher borrower leverage generally undermines lending resilience, particularly increasing the share of outstanding debt that is close to be liquidated. Borrowers with high leverage are more likely to tilt towards volatile collateral when their debt positions are about to be liquidated.
@misc{heimbach2023defileverage, title = {DeFi Leverage}, author = {Heimbach, Lioba and Huang, Wenqian}, journal = {SSRN 4459384}, year = {2024}, }
peer-reviewed
2024
- SoK: Attacks on DAOsRainer Feichtinger, Robin Fritsch, Lioba Heimbach, and 2 more authorsForthcoming in Sixth International Conference on Advances in Financial Technologies (AFT), Sep 2024Non-archival: 4th Workshop on Decentralized Finance (DeFi), March 2024
Non-archival: The Latest in DeFi Research (TLDR) Conference, May 2024
Non-archival: European DAO Workshop (DAWO) 2024, July 2024
Decentralized Autonomous Organizations (DAOs) are blockchain-based organizations that facilitate decentralized governance. Today, DAOs not only hold billions of dollars in their treasury but also govern many of the most popular Decentralized Finance (DeFi) protocols. This paper systematically analyses security threats to DAOs, focusing on the types of attacks they face. We study attacks on DAOs that took place in the past, attacks that have been theorized to be possible, and potential attacks that were uncovered and prevented in audits. For each of these (potential) attacks, we describe and categorize the attack vectors utilized into four categories. This reveals that while many attacks on DAOs take advantage of the less tangible and more complex human nature involved in governance, audits tend to focus on code and protocol vulnerabilities. Thus, additionally, the paper examines empirical data on DAO vulnerabilities, outlines risk factors contributing to these attacks, and suggests mitigation strategies to safeguard against such vulnerabilities.
@InProceedings{feichtinger2024attacks, title = {Non-Atomic Arbitrage in Decentralized Finance}, author ={Feichtinger, Rainer and Fritsch, Robin and Heimbach, Lioba and Vonlanthen, Yann and Wattenhofer, Roger}, booktitle ={Sixth International Conference on Advances in Financial Technologies (AFT)}, year = {2024}, month = sep, } - Non-Atomic Arbitrage in Decentralized FinanceLioba Heimbach, Vabuk Pahari, and Eric SchertenleibIn IEEE Symposium on Security and Privacy (SP) 2024, May 2024Non-archival: 4th Workshop on Decentralized Finance (DeFi), March 2024
The prevalence of maximal extractable value (MEV) in the Ethereum ecosystem has led to a characterization of the latter as a dark forest. Studies of MEV have thus far largely been restricted to purely on-chain MEV, i.e., sandwich attacks, cyclic arbitrage, and liquidations. In this work, we shed light on the prevalence of non-atomic arbitrage on decentralized exchanges (DEXes) on the Ethereum blockchain. Importantly, non-atomic arbitrage exploits price differences between DEXes on the Ethereum blockchain as well as exchanges outside the Ethereum blockchain (i.e., centralized exchanges or DEXes on other blockchains). Thus, non-atomic arbitrage is a type of MEV that involves actions on and off the Ethereum blockchain.
In our study of non-atomic arbitrage, we uncover that more than a fourth of the volume on Ethereum’s biggest five DEXes from the merge until 31 October 2023 can likely be attributed to this type of MEV. We further highlight that only eleven searchers are responsible for more than 80% of the identified non-atomic arbitrage volume sitting at a staggering 137 billion US$ and draw a connection between the centralization of the block construction market and non-atomic arbitrage. Finally, we discuss the security implications of these high-value transactions that account for more than 10% of Ethereum’s total block value and outline possible mitigations.@inproceedings{heimbach2024nonatomic, author = {Heimbach, Lioba and Pahari, Vabuk and Schertenleib, Eric}, title = {Non-Atomic Arbitrage in Decentralized Finance}, booktitle = {IEEE Symposium on Security and Privacy (SP) 2024}, year = {2024}, month = may, } - Short Paper: Dissecting the EIP-2930 Optional Access ListsLioba Heimbach, Quentin Kniep, Yann Vonlanthen, and 2 more authorsIn Financial Cryptography and Data Security (FC), Willemstad, Curaçao, Mar 2024
Ethereum introduced Transaction Access Lists (TALs) in 2020 to optimize gas costs during transaction execution. In this work, we present a comprehensive analysis of TALs in Ethereum, focusing on adoption, quality, and gas savings. Analyzing a full month of mainnet data with 31,954,474 transactions, we found that only 1.46% of transactions included a TAL, even though 42.6% of transactions would have benefited from it. On average, access lists can save around 0.29% of gas costs, equivalent to approximately 3,450 ETH (roughly US$ 5 Mio) per year. However, 19.6% of TALs included by transactions contained imperfections, causing almost 11.8% of transactions to pay more gas with TAL than without. We find that these inaccuracies are caused by the unknown state at the time of the TAL computation as well as imperfect TAL computations provided by all major Ethereum clients. We thus compare the gas savings when calculating the TAL at the beginning of the block vs. calculating it on the correct state, to find that the unknown state is a major source of TAL inaccuracies. Finally, we implement an ideal TAL computation for the Erigon client to highlight the cost of these flawed implementations.
@inproceedings{heimbach2024dissecting, title = {Short Paper: Dissecting the EIP-2930 Optional Access Lists}, author = {Heimbach, Lioba and Kniep, Quentin and Vonlanthen, Yann and Wattenhofer, Roger and Züst, Patrick}, booktitle = {Financial Cryptography and Data Security (FC), Willemstad, Curaçao}, year = {2024}, month = mar, } - CoDecFin@FCEthereum Proof-of-Stake Consensus Layer: Participation and DecentralizationDominic Grandjean, Lioba Heimbach, and Roger WattenhoferIn 5th Workshop on Coordination of Decentralized Finance 2024, Mar 2024
In September 2022, Ethereum transitioned from Proof-of-Work (PoW) to Proof-of-Stake (PoS) during "the merge" - making it the largest PoS cryptocurrency in terms of market capitalization. With this work, we present a comprehensive measurement study of the current state of the Ethereum PoS consensus layer on the beacon chain. We perform a longitudinal study of the history of the beacon chain. Our work finds that all dips in network participation are caused by network upgrades, issues with major consensus clients, or issues with service operators controlling a large number of validators. Further, our longitudinal staking power decentralization analysis reveals that Ethereum PoS fairs similarly to its PoW counterpart in terms of decentralization and exhibits the immense impact of (liquid) staking services on staking power decentralization. Finally, we highlight the heightened security concerns in Ethereum PoS caused by high degrees of centralization.
@inproceedings{grandjean2024ethereum, title = {Ethereum Proof-of-Stake Consensus Layer: Participation and Decentralization}, author = {Grandjean, Dominic and Heimbach, Lioba and Wattenhofer, Roger}, booktitle = {5th Workshop on Coordination of Decentralized Finance 2024}, year = {2024}, }
2023
- A Fair and Resilient Decentralized Clock Network for Transaction OrderingAndrei Constantinescu, Diana Ghinea, Lioba Heimbach, and 2 more authorsIn 27th International Conference on Principles of Distributed Systems (OPODIS), Tokyo, Japan, Dec 2023
Traditional blockchain design gives miners or validators full control over transaction ordering, i.e., they can freely choose which transactions to include or exclude, as well as in which order. While not an issue initially, the emergence of decentralized finance has introduced new transaction order dependencies allowing parties in control of the ordering to make a profit by front-running others’ transactions.
In this work, we present the Decentralized Clock Network, a new approach for achieving fair transaction ordering. Users submit their transactions to the network’s clocks, which run an agreement protocol that provides each transaction with a timestamp of receipt which is then used to define the transactions’ order. By separating agreement from ordering, our protocol is efficient and has a simpler design compared to other available solutions. Moreover, our protocol brings to the blockchain world the paradigm of asynchronous fallback, where the algorithm operates with stronger fairness guarantees during periods of synchronous use, switching to an asynchronous mode only during times of increased network delay.@inproceedings{constantinescu2023fair, title = {A Fair and Resilient Decentralized Clock Network for Transaction Ordering}, author = {Constantinescu, Andrei and Ghinea, Diana and Heimbach, Lioba and Wang, Zilin and Wattenhofer, Roger}, booktitle = {27th International Conference on Principles of Distributed Systems (OPODIS), Tokyo, Japan}, year = {2023}, month = dec, } - Ethereum’s Proposer-Builder Separation: Promises and RealitiesLioba Heimbach, Lucianna Kiffer, Christof Ferreira Torres, and 1 more authorIn 2023 ACM Internet Measurement Conference (IMC), Montreal, QC, Canada, Oct 2023
With Ethereum’s transition from Proof-of-Work to Proof-of-Stake in September 2022 came another paradigm shift, the Proposer-Builder Separation (PBS) scheme. PBS was introduced to decouple the roles of selecting and ordering transactions in a block (i.e., the builder), from those validating its contents and proposing the block to the network as the new head of the blockchain (i.e., the proposer). In this landscape, proposers are the validators in the Proof-of-Stake consensus protocol, while now relying on specialized block builders for creating blocks with the highest value for the proposer. Additionally, relays act as mediators between builders and proposers. We study PBS adoption and show that the current landscape exhibits significant centralization amongst the builders and relays. Further, we explore whether PBS effectively achieves its intended objectives of enabling hobbyist validators to maximize block profitability and preventing censorship. Our findings reveal that although PBS grants validators the opportunity to access optimized and competitive blocks, it tends to stimulate censorship rather than reduce it. Additionally, we demonstrate that relays do not consistently uphold their commitments and may prove unreliable. Specifically, proposers do not always receive the complete promised value, and the censorship or filtering capabilities pledged by relays exhibit significant gaps.
@inproceedings{heimbach2023ethereum, title = {Ethereum's Proposer-Builder Separation: Promises and Realities}, author = {Heimbach, Lioba and Kiffer, Lucianna and Ferreira Torres, Christof and Wattenhofer, Roger}, booktitle = {2023 ACM Internet Measurement Conference (IMC), Montreal, QC, Canada}, month = oct, year = {2023}, } - DeFi Lending During The MergeLioba Heimbach, Eric Schertenleib, and Roger WattenhoferIn 5th Conference on Advances in Financial Technologies (AFT), Princeton, NJ, USA, Oct 2023
Lending protocols in decentralized finance enable the permissionless exchange of capital from lenders to borrowers without relying on a trusted third party for clearing or market-making. Interest rates are set by the supply and demand of capital according to a pre-defined function. In the lead-up to The Merge: Ethereum blockchain’s transition from proof-of-work (PoW) to proof-of-stake (PoS), a fraction of the Ethereum ecosystem announced plans of continuing with a PoW-chain. Owners of ETH - whether their ETH was borrowed or not - would hold the native tokens on each chain. This development alarmed lending protocols. They feared spiking ETH borrowing rates would lead to mass liquidations which could undermine their viability. Thus, the decentralized autonomous organization running the protocols saw no alternative to intervention - restricting users’ ability to borrow.
We investigate the effects of the merge and the aforementioned intervention on the two biggest lending protocols on Ethereum: AAVE and Compound. Our analysis finds that borrowing rates were extremely volatile, jumping by two orders of magnitude, and borrowing at times reached 100% of the available funds. Despite this, no spike in mass liquidations or irretrievable loans materialized. Further, we are the first to quantify and analyze hard-fork-arbitrage, profiting from holding debt in the native blockchain token during a hard fork. We find that arbitrageurs transferred tokens to centralized exchanges which at the time were worth more than 13 Mio US$, money that was effectively extracted from the platforms’ lenders.@inproceedings{heimbach2023defilending, title = {DeFi Lending During The Merge}, author = {Heimbach, Lioba and Schertenleib, Eric and Wattenhofer, Roger}, booktitle = {5th Conference on Advances in Financial Technologies (AFT), Princeton, NJ, USA}, month = oct, year = {2023}, } - Base Fee Manipulation In Ethereum’s EIP-1559 Transaction Fee MechanismSarah Azouvi, Guy Goren, Lioba Heimbach, and 1 more authorIn 34th International Symposium on Distributed Computing (DISC), L’Aquila, Italy, Oct 2023
In 2021 Ethereum adjusted the transaction pricing mechanism by implementing EIP-1559, which introduces the base fee - a fixed network fee per block that is burned and adjusted dynamically in accordance with network demand. The authors of the Ethereum Improvement Proposal (EIP) noted that a miner with more than 50% of the mining power might have an incentive to deviate from the honest mining strategy. Instead, such a miner could propose a series of empty blocks to increase its future rewards.
In this paper, we generalize this attack and show that under rational player behavior, deviating from the honest strategy can be profitable for a miner with less than 50% of the mining power. Further, even when miners do not collaborate, it is rational for smaller mining power miners to join the attack.@inproceedings{azouvi2023base, title = {Base Fee Manipulation In Ethereum's EIP-1559 Transaction Fee Mechanism}, author = {Azouvi, Sarah and Goren, Guy and Heimbach, Lioba and Hicks, Alexander}, booktitle = {34th International Symposium on Distributed Computing (DISC), L'Aquila, Italy}, month = oct, year = {2023}, } - FnF-BFT: A BFT protocol with provable performance under attackZeta Avarikioti, Lioba Heimbach, Roland Schmid, and 3 more authorsIn 30th International Colloquium on Structural Information and Communication Complexity (SIROCCO), Alcala de Henares, Spain, Jun 2023
We introduce FnF-BFT, the first partially synchronous BFT protocol with performance guarantees under truly byzantine attacks during stable networking conditions. At its core, FnF-BFT parallelizes the execution of requests by allowing all replicas to act as leaders independently. Leader parallelization distributes the load over all replicas. Consequently, FnF-BFT fully utilizes all correct replicas’ processing power and increases throughput by overcoming the single-leader bottleneck.
We prove lower bounds on FnF-BFT’s efficiency and performance in synchrony: the amortized communication complexity is linear in the number of replicas and thus competitive with state-of-the-art protocols; FnF-BFT’s amortized throughput with less than byzantine replicas is at least th of its best-case throughput. We also provide a proof-of-concept implementation and preliminary evaluation of FnF-BFT.@inproceedings{Avarikioti2023fnfbft:, author = {Avarikioti, Zeta and Heimbach, Lioba and Schmid, Roland and Vanbever, Laurent and Wattenhofer, Roger and Wintermeyer, Patrick}, title = {FnF-BFT: A BFT protocol with provable performance under attack}, booktitle = {30th International Colloquium on Structural Information and Communication Complexity (SIROCCO), Alcala de Henares, Spain}, month = jun, year = {2023}, } - DeFi and NFTs Hinder Blockchain ScalabilityLioba Heimbach, Quentin Kniep, Yann Vonlanthen, and 1 more authorIn Financial Cryptography and Data Security (FC), Bol, Brač, Croatia, May 2023
Many classical blockchains are known to have an embarrassingly low transaction throughput, down to Bitcoin’s notorious seven transactions per second limit. Various proposals and implementations for increasing throughput emerged in the first decade of blockchain research. But how much concurrency is possible? In their early days, blockchains were mostly used for simple transfers from user to user. More recently, however, decentralized finance (DeFi) and NFT marketplaces have completely changed what is happening on blockchains. Both are built using smart contracts and have gained significant popularity. Transactions on DeFi and NFT marketplaces often interact with the same smart contracts. We believe this development has transformed blockchain usage. In our work, we perform a historical analysis of Ethereum’s transaction graph. We study how much interaction between transactions there was historically and how much there is now. We find that the rise of DeFi and NFT marketplaces has led to an increase in "centralization" in the transaction graph. More transactions are now interconnected: currently there are around 200 transactions per block with 4000 interdependencies between them. We further find that the parallelizability of Ethereum’s current interconnected transaction workload is limited. A speedup exceeding a factor of five is currently unrealistic.
@inproceedings{Heimbach2023defi, author = {Heimbach, Lioba and Kniep, Quentin and Vonlanthen, Yann and Wattenhofer, Roger}, title = {DeFi and NFTs Hinder Blockchain Scalability}, booktitle = {Financial Cryptography and Data Security (FC), Bol, Brač, Croatia}, month = may, year = {2023}, } - Short Squeeze in DeFi Lending Market: Decentralization in Jeopardy?Lioba Heimbach, Eric Schertenleib, and Roger WattenhoferIn 3rd Workshop on Decentralized Finance (DeFi), Bol, Brač, Croatia, May 2023
Anxiety levels in the Aave community spiked in November 2022 as Avi Eisenberg performed an attack on Aave. Eisenberg attempted to short the CRV token by using funds borrowed on the protocol to artificially deflate the value of CRV. While the attack was ultimately unsuccessful, it left the Aave community scared and even raised question marks regarding the feasibility of large lending platforms under decentralized governance.
In this work, we analyze Avi Eisenberg’s actions and show how he was able to artificially lower the price of CRV by selling large quantities of borrowed CRV for stablecoins on both decentralized and centralized exchanges. Despite the failure of his attack, it still led to irretrievable debt worth more than 1.5 Mio USD at the time and, thereby, quadrupled the protocol’s irretrievable debt. Furthermore, we highlight that his attack was enabled by the vast proportion of CRV available to borrow as well as Aave’s lending protocol design hindering rapid intervention. We stress Eisenberg’s attack exposes a predicament of large DeFi lending protocols: limit the scope or compromise on ’decentralization’.@inproceedings{Heimbach2023short, author = {Heimbach, Lioba and Schertenleib, Eric and Wattenhofer, Roger}, title = {Short Squeeze in DeFi Lending Market: Decentralization in Jeopardy?}, booktitle = {3rd Workshop on Decentralized Finance (DeFi), Bol, Brač, Croatia}, month = may, year = {2023}, }
2022
- Exploring Price Accuracy on Uniswap V3 in Times of DistressLioba Heimbach, Eric Schertenleib, and Roger WattenhoferIn 2nd ACM Workshop on Decentralized Finance and Security (DeFi), Los Angeles, CA, USA, Nov 2022
Financial markets have evolved over centuries, and exchanges have converged to rely on the order book mechanism for market making. Latency on the blockchain, however, has prevented decentralized exchanges (DEXes) from utilizing the order book mechanism and instead gave rise to the development of market designs that are better suited to a blockchain. Although the first widely popularized DEX, Uniswap V2, stood out through its astonishing simplicity, a recent design overhaul introduced with Uniswap V3 has introduced increasing levels of complexity aiming to increase capital efficiency.
In this work, we empirically study the ability of Unsiwap V3 to handle unexpected price shocks. Our analysis finds that the prices on Uniswap V3 were inaccurate during the recent abrupt price drops of two stablecoins: UST and USDT. We identify the lack of agility required of Unsiwap V3 liquidity providers as the root cause of these worrying price inaccuracies. Additionally, we outline that there are too few incentives for liquidity providers to enter liquidity pools, given the elevated volatility in such market conditions.@inproceedings{Heimbach2022exploring, author = {Heimbach, Lioba and Schertenleib, Eric and Wattenhofer, Roger}, title = {Exploring Price Accuracy on Uniswap V3 in Times of Distress}, booktitle = {2nd ACM Workshop on Decentralized Finance and Security (DeFi), Los Angeles, CA, USA}, month = nov, year = {2022}, } - Risks and Returns of Uniswap V3 Liquidity ProvidersLioba Heimbach, Eric Schertenleib, and Roger WattenhoferIn 4th ACM Conference on Advances in Financial Technologies (AFT), Cambridge, MA, USA, Sep 2022
Trade execution on Decentralized Exchanges (DEXes) is automatic and does not require individual buy and sell orders to be matched. Instead, liquidity aggregated in pools from individual liquidity providers enables trading between cryptocurrencies. The largest DEX measured by trading volume, Uniswap V3, promises a DEX design optimized for capital efficiency. However, Uniswap V3 requires far more decisions from liquidity providers than previous DEX designs.
In this work, we develop a theoretical model to illustrate the choices faced by Uniswap V3 liquidity providers and their implications. Our model suggests that providing liquidity on Uniswap V3 is highly complex and requires many considerations from a user. Our supporting data analysis of the risks and returns of real Uniswap V3 liquidity providers underlines that liquidity providing in Uniswap V3 is incredibly complicated, and performances can vary wildly. While there are simple and profitable strategies for liquidity providers in liquidity pools characterized by negligible price volatilities, these strategies only yield modest returns. Instead, significant returns can only be obtained by accepting increased financial risks and at the cost of active management. Thus, providing liquidity has become a game reserved for sophisticated players with the introduction of Uniswap V3, where retail traders do not stand a chance.@inproceedings{Heimbach2022risks, author = {Heimbach, Lioba and Schertenleib, Eric and Wattenhofer, Roger}, title = {Risks and Returns of Uniswap V3 Liquidity Providers}, booktitle = {4th ACM Conference on Advances in Financial Technologies (AFT), Cambridge, MA, USA}, month = sep, year = {2022}, } - SoK: Preventing Transaction Reordering Manipulations in Decentralized FinanceLioba Heimbach, and Roger WattenhoferIn 4th ACM Conference on Advances in Financial Technologies (AFT), Cambridge, MA, USA, Sep 2022Non-archival: SNB-CIF Conference on Cryptoassets and Financial Innovation, May 2023
User transactions on Ethereum’s peer-to-peer network are at risk of being attacked. The smart contracts building decentralized finance (DeFi) have introduced a new transaction ordering dependency to the Ethereum blockchain. As a result, attackers can profit from front- and back-running transactions. Multiple approaches to mitigate transaction reordering manipulations have surfaced recently. However, the success of individual approaches in mitigating such attacks and their impact on the entire blockchain remains largely unstudied.
In this systematization of knowledge (SoK), we categorize and analyze state-of-the-art transaction reordering manipulation mitigation schemes. Instead of restricting our analysis to a scheme’s success at preventing transaction reordering attacks, we evaluate its full impact on the blockchain. Therefore, we are able to provide a complete picture of the strengths and weaknesses of current mitigation schemes. We find that currently no scheme fully meets all the demands of the blockchain ecosystem. In fact, all approaches demonstrate unsatisfactory performance in at least one area relevant to the blockchain ecosystem.@inproceedings{Heimbach2022sok, author = {Heimbach, Lioba and Wattenhofer, Roger}, title = {SoK: Preventing Transaction Reordering Manipulations in Decentralized Finance}, booktitle = {4th ACM Conference on Advances in Financial Technologies (AFT), Cambridge, MA, USA}, month = sep, year = {2022}, } - Eliminating Sandwich Attacks with the Help of Game TheoryLioba Heimbach, and Roger WattenhoferIn ACM Asia Conference on Computer and Communications Security (ASIA CCS), Nagasaki, Japan, Jun 2022
Predatory trading bots lurking in Ethereum’s mempool present invisible taxation of traders on automated market makers (AMMs). AMM traders specify a slippage tolerance to indicate the maximum price movement they are willing to accept. This way, traders avoid automatic transaction failure in case of small price movements before their trade request executes. However, while a too-small slippage tolerance may lead to trade failures, a too-large slippage tolerance allows predatory trading bots to profit from sandwich attacks. These bots can extract the difference between the slippage tolerance and the actual price movement as profit.
In this work, we introduce the sandwich game to analyze sandwich attacks analytically from both the attacker and victim perspectives. Moreover, we provide a simple and highly effective algorithm that traders can use to set the slippage tolerance. We unveil that most broadcasted transactions can avoid sandwich attacks while simultaneously only experiencing a low risk of transaction failure. Thereby, we demonstrate that a constant auto-slippage cannot adjust to varying trade sizes and pool characteristics. Our algorithm outperforms the constant auto-slippage suggested by the biggest AMM, Uniswap, in all performed tests. Specifically, our algorithm repeatedly demonstrates a cost reduction exceeding a factor of 100.@inproceedings{Heimbach2022eliminating, author = {Heimbach, Lioba and Wattenhofer, Roger}, title = {Eliminating Sandwich Attacks with the Help of Game Theory}, booktitle = {ACM Asia Conference on Computer and Communications Security (ASIA CCS), Nagasaki, Japan}, month = jun, year = {2022}, } - An Empirical Study of Market Inefficiencies in Uniswap and SushiSwapJan Arvid Berg, Robin Fritsch, Lioba Heimbach, and 1 more authorIn 2nd Workshop on Decentralized Finance (DeFi), Grenada, May 2022
Decentralized exchanges are revolutionizing finance. With their ever-growing increase in popularity, a natural question that begs to be asked is: how efficient are these new markets?
We find that nearly 30% of analyzed trades are executed at an unfavorable rate. Additionally, we observe that, especially during the DeFi summer in 2020, price inaccuracies across the market plagued DEXes. Uniswap and SushiSwap, however, quickly adapt to their increased volumes. We see an increase in market efficiency with time during the observation period. Nonetheless, the DEXes still struggle to track the reference market when cryptocurrency prices are highly volatile. During such periods of high volatility, we observe the market becoming less efficient - manifested by an increased prevalence in cyclic arbitrage opportunities.@inproceedings{Berg2022empirical, author = {Berg, Jan Arvid and Fritsch, Robin and Heimbach, Lioba and Wattenhofer, Roger}, title = {An Empirical Study of Market Inefficiencies in Uniswap and SushiSwap}, booktitle = {2nd Workshop on Decentralized Finance (DeFi), Grenada}, month = may, year = {2022}, }
2021
- Behavior of Liquidity Providers in Decentralized ExchangesLioba Heimbach, Ye Wang, and Roger WattenhoferIn 2021 Crypto Valley Conference on Blockchain Technology (CVCBT), Rotkreuz, Switzerland, Oct 2021
Decentralized exchanges (DEXes) have introduced an innovative trading mechanism, where it is not necessary to match buy-orders and sell-orders to execute a trade. DEXes execute each trade individually, and the exchange rate is automatically determined by the ratio of assets reserved in the market. Therefore, apart from trading, financial players can also liquidity providers, benefiting from transaction fees from trades executed in DEXes. Although liquidity providers are essential for the functionality of DEXes, it is not clear how liquidity providers behave in such markets. In this paper, we aim to understand how liquidity providers react to market information and how they benefit from providing liquidity in DEXes. We measure the operations of liquidity providers on Uniswap and analyze how they determine their investment strategy based on market changes. We also reveal their returns and risks of investments in different trading pair categories, i.e., stable pairs, normal pairs, and exotic pairs. Further, we investigate the movement of liquidity between trading pools. To the best of our knowledge, this is the first work that systematically studies the behavior of liquidity providers in DEXes.
@inproceedings{Heimbach2021behavior, author = {Heimbach, Lioba and Wang, Ye and Wattenhofer, Roger}, title = {Behavior of Liquidity Providers in Decentralized Exchanges}, booktitle = {2021 Crypto Valley Conference on Blockchain Technology (CVCBT), Rotkreuz, Switzerland}, month = oct, year = {2021}, }
2020
- PIBES - A Competing-Flow-Aware Protocol for Real-Time Video ApplicationsLioba Heimbach, Lingfeng Guo, Rudolf KH Ngan, and 1 more authorIn IEEE Open Journal of the Communications Society, Aug 2020
With the recent explosive growth in online classes and virtual meetings, real-time video communication has quickly become essential to everyday life. Despite its widespread deployment, our investigation revealed that current protocols, ranging from industry standards such as WebRTC to state-of-the-art research such as Salsify, frequently perform sub-optimally in the presence of competing flows at the same bottleneck. For example, WebRTC’s throughput can degrade from 73% to a mere 8% of the available bandwidth when competing with just two TCP flows. We tackle this problem in this work by introducing a novel PIBES protocol for real-time video applications to operate in the presence of competing TCP traffic. PIBES employs a new inband bandwidth estimation method that can quickly and accurately measure the bottleneck link bandwidth even with competing flows. Moreover, PIBES can detect the absence or presence of competing flows, which enables it to maximize video quality when there is no competing flow and to maintain acceptable video quality while sharing bandwidth with competing flows. Experiments demonstrate that PIBES achieves throughput and delay comparable to the state-of-art protocols, but outperforms them significantly in the presence of competing TCP flows.
@inproceedings{Heimbach2020pibes, author = {Heimbach, Lioba and Guo, Lingfeng and Ngan, Rudolf KH and Lee, Jack YB}, title = {PIBES - A Competing-Flow-Aware Protocol for Real-Time Video Applications}, booktitle = {IEEE Open Journal of the Communications Society}, month = aug, year = {2020}, } - Ride the Lightning: The Game Theory of Payment ChannelsZeta Avarikioti, Lioba Heimbach, Yuyi Wang, and 1 more authorIn 24th Financial Cryptography and Data Security (FC), Kota Kinabalu, Sabah, Malaysia, Feb 2020
Payment channels were introduced to solve various eminent cryptocurrency scalability issues. Multiple payment channels build a network on top of a blockchain, the so-called layer 2. In this work, we analyze payment networks through the lens of network creation games. We identify betweenness and closeness centrality as central concepts regarding payment networks. We study the topologies that emerge when players act selfishly and determine the parameter space in which they constitute a Nash equilibrium. Moreover, we determine the social optima depending on the correlation of betweenness and closeness centrality. When possible, we bound the price of anarchy. We also briefly discuss the price of stability.
@inproceedings{Avarikioti2020ride, author = {Avarikioti, Zeta and Heimbach, Lioba and Wang, Yuyi and Wattenhofer, Roger}, title = {Ride the Lightning: The Game Theory of Payment Channels}, booktitle = {24th Financial Cryptography and Data Security (FC), Kota Kinabalu, Sabah, Malaysia}, month = feb, year = {2020}, }