Conference: ACM CCS 2025
CCF level: CCF A
Year: 2025
On Frontrunning Risks in Batch-Order Fair Systems for Blockchains
关于区块链批处理订单公平系统中的抢跑风险
Key words: Blockchain, Batch-Order Fairness, Decentralized Sequencing, Frontrunning Attack
Abstract: In timing-sensitive blockchain applications, such as decentralized finance (DeFi), achieving first-come-first-served (FCFS) transaction ordering among decentralized nodes is critical to prevent frontrunning attacks. Themis [CCS'23], a state-of-the-art decentralized FCFS ordering system, has become a key reference point for high-throughput fair ordering systems for real-world blockchain applications, such as rollup chains and decentralized sequencing, and has influenced the design of several subsequent proposals. In this paper, we critically analyze its core system property of practical batch-order fairness and evaluate the frontrunning resistance claim of Themis. We present the Ambush attack, a new frontrunning technique that achieves nearly 100% success against the practical batch-order fair system with only a single malicious node and negligible attack costs. This attack causes a subtle temporary information asymmetry among nodes, which is allowed due to the heavily optimized communication model of the system. A fundamental trade-off we identify is a challenge in balancing security and performance in these systems; namely, enforcing timely dissemination of transaction information among nodes (to mitigate frontrunning) can easily lead to non-negligible network overheads (thus, degrading overall throughput performance). We show that it is yet possible to balance these two by delaying transaction dissemination to a certain tolerable level for frontrunning mitigation while maintaining high throughput. Our evaluation demonstrates that the proposed delayed gossiping mechanism can be seamlessly integrated into existing systems with only minimal changes.
在对时间敏感的区块链应用(如去中心化金融(DeFi))中,在去中心化节点之间实现先到先得(FCFS)的交易排序对于防范抢跑攻击至关重要。Themis [CCS'23] 作为最先进的去中心化 FCFS 排序系统,已成为现实世界区块链应用(如 Rollup 链和去中心化排序)中高吞吐量公平排序系统的关键参考,并影响了后续多项提案的设计。本文对 Themis 的核心系统属性——实用批处理顺序公平性进行了批判性分析,并评估了其抗抢跑能力的宣称。我们提出了一种名为'伏击(Ambush)'的新型抢跑技术,仅需单个恶意节点且攻击成本微乎其微,即可对实际批处理顺序公平系统实现近 100% 的成功率。该攻击会在节点间引发微妙的临时信息不对称,而这种现象正是由于系统高度优化的通信模型所允许的。我们发现了一个根本性的权衡难题:即在这些系统中平衡安全性与性能的挑战;具体而言,强制节点之间及时传播交易信息(以缓解抢跑)很容易导致不可忽视的网络开销(从而降低整体吞吐量性能)。我们证明,通过将交易传播延迟至可容忍的范围以缓解抢跑,同时保持高吞吐量,仍可实现二者之间的平衡。我们的评估表明,所提出的延迟闲聊机制只需极小的改动,即可无缝集成到现有系统中。
