EVM智能合约的反夹心机制

IF 6.2 2区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

Future Generation Computer Systems-The International Journal of Escience Pub Date : 2025-08-17 DOI:10.1016/j.future.2025.108077

Barbara Guidi, Francesco Massellucci, Andrea Michienzi

{"title":"EVM智能合约的反夹心机制","authors":"Barbara Guidi, Francesco Massellucci, Andrea Michienzi","doi":"10.1016/j.future.2025.108077","DOIUrl":null,"url":null,"abstract":"<div><div>With the advent of blockchain, Decentralised Finance (DeFi) has become an accessible and decentralised method for financial services. One of the most important components of DeFi is the Decentralised Exchanges (DEXs), smart contracts that let users exchange tokens with each other. Trading through DEXs has become crucial in the blockchain ecosystem; however, new malicious activities have begun to spread in parallel. The Maximal Extractable Value (MEV) is becoming pervasive. In this paper, we propose an analysis of the magnitude of MEV activities and a new solution to prevent sandwich attacks after a deep overview of the current anti-MEV approaches. We focused on sandwich attacks because they are the most common MEV attacks (1,330,732 attacks within our 3-year-wide dataset) and cause significant losses to end users ($809,453,320 recorded in our dataset). Our proposed solution prevents sandwich attacks by enhancing token contracts to enforce a cooldown for transferring tokens. Unlike existing approaches, this solution can be easily integrated into any token contract, providing developers with a versatile and customisable MEV solution. Additionally, we extensively evaluate our solution and show that it successfully blocks all sandwich attacks, prove that it does not cause any harm to normal users, and compute that it only introduces a small 3 % gas fee increase.</div></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":"175 ","pages":"Article 108077"},"PeriodicalIF":6.2000,"publicationDate":"2025-08-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An anti-sandwich mechanism for EVM’s smart contracts\",\"authors\":\"Barbara Guidi, Francesco Massellucci, Andrea Michienzi\",\"doi\":\"10.1016/j.future.2025.108077\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>With the advent of blockchain, Decentralised Finance (DeFi) has become an accessible and decentralised method for financial services. One of the most important components of DeFi is the Decentralised Exchanges (DEXs), smart contracts that let users exchange tokens with each other. Trading through DEXs has become crucial in the blockchain ecosystem; however, new malicious activities have begun to spread in parallel. The Maximal Extractable Value (MEV) is becoming pervasive. In this paper, we propose an analysis of the magnitude of MEV activities and a new solution to prevent sandwich attacks after a deep overview of the current anti-MEV approaches. We focused on sandwich attacks because they are the most common MEV attacks (1,330,732 attacks within our 3-year-wide dataset) and cause significant losses to end users ($809,453,320 recorded in our dataset). Our proposed solution prevents sandwich attacks by enhancing token contracts to enforce a cooldown for transferring tokens. Unlike existing approaches, this solution can be easily integrated into any token contract, providing developers with a versatile and customisable MEV solution. Additionally, we extensively evaluate our solution and show that it successfully blocks all sandwich attacks, prove that it does not cause any harm to normal users, and compute that it only introduces a small 3 % gas fee increase.</div></div>\",\"PeriodicalId\":55132,\"journal\":{\"name\":\"Future Generation Computer Systems-The International Journal of Escience\",\"volume\":\"175 \",\"pages\":\"Article 108077\"},\"PeriodicalIF\":6.2000,\"publicationDate\":\"2025-08-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Future Generation Computer Systems-The International Journal of Escience\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167739X25003711\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X25003711","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

摘要

随着区块链的出现，去中心化金融（DeFi）已成为金融服务的一种可访问和去中心化方法。DeFi最重要的组成部分之一是去中心化交易所（DEXs），这是一种允许用户相互交换令牌的智能合约。通过dex进行交易在区块链生态系统中已变得至关重要；然而，新的恶意活动已经开始并行传播。最大可提取值（maximum Extractable Value， MEV）正变得越来越普遍。在本文中，我们在深入概述了当前的反MEV方法之后，提出了对MEV活动大小的分析和防止三明治攻击的新解决方案。我们专注于三明治攻击，因为它们是最常见的MEV攻击（在我们3年的数据集中有1,330,732次攻击），并给最终用户造成重大损失（在我们的数据集中记录了809,453,320美元）。我们提出的解决方案通过增强令牌合约来强制传输令牌的冷却时间来防止三明治攻击。与现有方法不同，该解决方案可以轻松集成到任何令牌合约中，为开发人员提供多功能和可定制的MEV解决方案。此外，我们广泛评估了我们的解决方案，并证明它成功地阻止了所有三明治攻击，证明它不会对正常用户造成任何伤害，并计算出它只引入了3%的小额gas费用增加。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An anti-sandwich mechanism for EVM’s smart contracts

With the advent of blockchain, Decentralised Finance (DeFi) has become an accessible and decentralised method for financial services. One of the most important components of DeFi is the Decentralised Exchanges (DEXs), smart contracts that let users exchange tokens with each other. Trading through DEXs has become crucial in the blockchain ecosystem; however, new malicious activities have begun to spread in parallel. The Maximal Extractable Value (MEV) is becoming pervasive. In this paper, we propose an analysis of the magnitude of MEV activities and a new solution to prevent sandwich attacks after a deep overview of the current anti-MEV approaches. We focused on sandwich attacks because they are the most common MEV attacks (1,330,732 attacks within our 3-year-wide dataset) and cause significant losses to end users ($809,453,320 recorded in our dataset). Our proposed solution prevents sandwich attacks by enhancing token contracts to enforce a cooldown for transferring tokens. Unlike existing approaches, this solution can be easily integrated into any token contract, providing developers with a versatile and customisable MEV solution. Additionally, we extensively evaluate our solution and show that it successfully blocks all sandwich attacks, prove that it does not cause any harm to normal users, and compute that it only introduces a small 3 % gas fee increase.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Future Generation Computer Systems-The International Journal of Escience 工程技术-计算机：理论方法

CiteScore

19.90

自引率

2.70%

发文量

376

审稿时长

10.6 months

期刊介绍： Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications. Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration. Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.