A clever hustle in Ethereums mempools enabled attackers to steal $8.3 million from MakerDAO users on Black Thursday, according to research published Wednesday.
To recap: The price of ether (ETH) plummeted on March 12 and the Ethereum network was congested by a flood of attempted transactions. As investors fled to fiat, ETHs price sunk low enough to trigger liquidations of the collateral held on the MakerDAO lending platform. These programmatic liquidations enabled attackers to walk away with $8.3 million in ETH, for free, shorting borrowers and MakerDAO itself.
The congestion, though, was key and completely intentional, according to Blocknative, a company focused on studying action in blockchain mempools.
The new research suggests Marchs Black Swan event for Ethereum may have actually been a sophisticated plan to cash in on a global sell-off fueled by COVID-19 concerns.
The entire affair meant [the attackers] were able to achieve over 1,000 zero-bid auctions and collect that underlying value with almost no out-of-pocket expense, Blocknative CEO Matt Cutler told CoinDesk in an interview.
Mempool manipulation
At the heart of Blocknatives work is mempools: the temporary storage on every Ethereum node where transactions wait to get mined and finalized.
In mid-March, mempools got congested with useless transactions on purpose, Blocknative said, as part of a plan to win zero-bid auctions for ETH on MakerDAO under just these conditions.
Indeed, the Maker Foundation wrote as much in its post-mortem published in April:
"Network congestion and high gas prices caused transaction delays and, in many cases, failures. Those issues, combined with the unprecedented drop in the value of assets, caught Maker Vault owners, Keepers, and liquidity pools off-guard."
(The Maker Foundation referred CoinDesk to the above blog post and declined to comment further for this story.)
Obviously, many Ethereum users will wonder whether the drop in ETH price itself was somehow manufactured, but that question is outside the scope of Blocknatives investigation. The attackers could have been poised to opportunistically take advantage of a dramatic drop in ETHs price; whether the price drop itself was manufactured remains unknown.
That said, Blocknative did find what appears to be a March 8 test run of the attacks mechanics, a fact the research firm doesnt describe in its report.
It is an interesting coincidence that the test and the attack were within just four days of each other, Cutler told CoinDesk. [But] we dont have any evidence that this is anything other than opportunistic.
Either way, the attackers took advantage of some very subtle insights about both Ethereum and MakerDAO. They basically exploited some techniques that had never been seen before, Cutler said.
More on those techniques later. First, we need to cover a few basics about MakerDAO and Ethereum.
MakerDAO basics
MakerDAO is known as the creator of dai (DAI), the decentralized stablecoin currently beloved by yield farmers. DAI is created with debt. Users put ETH or other crypto-assets up as collateral on the Maker platform to then withdraw a portion of the value of those assets in the form of brand-new DAI.
To get back their collateral, users must repay the DAI they borrowed plus whatever interest the loan has accrued (in MakerDAO parlance this is the stability fee, but its just a variable interest rate). MakerDAO enforces the DAI price by liquidating collateral if its value falls below the minimum threshold to maintain proper collateralization. For ETH, thats 150%, but most users put in a lot more ETH than the minimum.
So, if ETH were at $200 and the user posted 1 ETH to borrow 100 DAI, they wont get liquidated unless ETH drops below $150.
But on Black Thursday, ETHs price fell almost $100, from $193, so that triggered a lot of liquidations.
Liquidations can be done by anyone, by the way, with bots called Keepers. MakerDAO itself runs a Keeper, but a few other unknown entities do as well.
Keepers win liquidations through an auction (described step-by-step in plain language by CoinList), so different Keepers bid to close the loan, and on Black Thursday, those auctions only lasted 10 minutes, or a few dozen Ethereum blocks.
The idea is that these auctions should (and normally have) resulted in users getting back their collateral minus however much they owed, plus the stability fee and the liquidation fee (its the last part that hurts). But thats not what happened this time.
Borrowers got nothing and, in fact, MakerDAO got paid back much too little DAI, and the whole system was undercollateralized.
Ethereum basics
Ethereum is a blockchain, which means its always gathering up transactions and miners are competing to compose blocks of those transactions, encrypt them, break the encryption and then prove their work to the rest of the miners to win a block reward.
Transactions arent real until they are in a mined block. And there are usually more transactions out there waiting to get into a block than there is room for more transactions. Those delayed transactions wait in whats called the mempool.
Mempools are one of those things that most people dont really need to think about most of the time, except they become really important when situations get urgent: like when the price of ETH is falling off a cliff.
When you most need to be sure that things are happening are happening in an orderly fashion, Cutler said, is when things are least reliable.
This is the whole point of Blocknative. The firm keeps a detailed account of mempools all over the world, studying what it calls value in motion. Blocknative helps its customers decide if they need to be more aggressive in things like gas payments when things are going crazy. Mempool data is value in motion; finalized blockchain data is value at rest.
Crucially, miners cannot process a new transaction if the prior transaction hasnt gone through. Every transaction on Ethereum from a wallet gets a number, and 515 wont go through if 514 hasnt (this is tracked by the transaction nonce, in Ethereum-speak). This sequential reality turns out to be the key to the attack.
What Blocknative found
Blocknative has been keeping mempool data for Ethereum going back to early 2018 (also its testnets and for the Bitcoin network as well). The firm decided to take a look at the mempool data to see what happened around March 12.
Blocknative found that an unusually high proportion of the mempool was clogged by transactions with very low gas prices on them.
Usually this proportion isnt very high because users actually want their transactions to go through, so they will monitor gas prices and set them at levels that are likely to get picked up by a miner. But thats not what was happening on March 12. There were loads of transactions in the pool that had low gas prices on them. Too many.
This allowed the attackers to submit zero bids in MakerDAOs collateral auctions with strong gas prices attached knowing full well they could likely win those auctions against well-intentioned Keeper bots who couldnt get their bids through.
Blocknative describes something called Hammerbots. These would be bots designed to craft transactions precisely for the purpose of clogging the mempool.
The bots hammered the mempool with transactions that were never intended to be finalized. These Hammerbots consumed mempool resources by issuing extremely high rates of replacement transactions without any corresponding increase in gas, Blocknative wrote on its blog.
These transactions were additionally designed with a lot of pointless operations that could be shifted and changed easily to vary the hash, but appeared to serve no real purpose.
These particular transactions, they would be particularly good at consuming mempool resources, Chris Meisl, a Blocknative co-founder, told CoinDesk.
Cascading problems
So thats the first problem: Congestion made it hard for borrowers on MakerDAO to add more collateral and it made it hard for Keepers to get bids through.
This resulted in anomalous mempool conditions, which would ultimately favor certain transactions, the Blocknative post reports.
But there was another crucial observation the attackers appear to have made about Keepers: they didnt seem to be checking to see if transactions were getting through.
When you do transactions on an account or address on Ethereum, they have to be ordered, Meisl said.
As we wrote above, if a nonce is missing in a blockchains record, miners cant take later transactions until one with the prior nonce comes through. So a later transaction will get stuck, even if it has a very high gas price attached, until the prior one goes through.
This had a bizarre upshot. From the Blocknative blog post:
"When viewed in aggregate, even though the volume of transactions entering the mempool increased dramatically, the gas price of a significant portion of the mempool collapsed to an artificially low value."
In short: The attackers knew Keepers would fail to get their first bids through and it would result in subsequent bids probabilistically (in Cutlers words) getting stuck. And it worked often enough.
The open-source code that MakerDAO published for Keeper bots didnt have measures to check for stuck transactions.
This created a potential gap that allowed the attacker to submit a bid with a strong gas price but a 0 DAI bid for the collateral, starting that short 10-minute auction clock ticking.
While automated trading systems are often designed to programmatically increase the gas price of transactions, many such trading systems do not handle nonce gaps well if at all, the Blocknative post warns.
In 1,462 cases, the Keepers failed to notice that their bids were getting stuck in the mempools, the attackers won the bid, stealing millions of dollars in ETH and nearly forcing an emergency shutdown on MakerDAO.
MakerDAO has since extended the auction time to six hours. Blocknative has opened its data set of mempool activity for members of the community to study further.
"The mempool is a critical yet ephemeral and often overlooked element of the blockchain ecosystem. As such, mempools present many 'unknown unknowns' to builders and users alike."
In this case, however, the attackers studied Makers Keeper code and realized it was possible to know what the real Keepers didnt.
The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.
Read the original post:
- How does Ethereum work - Medium [Last Updated On: February 3rd, 2018] [Originally Added On: February 3rd, 2018]
- Ethereum - BTCMANAGER [Last Updated On: February 19th, 2018] [Originally Added On: February 19th, 2018]
- This Giant Infographic Compares Bitcoin, Ethereum, and ... [Last Updated On: February 19th, 2018] [Originally Added On: February 19th, 2018]
- What is Ethereum? | CryptoCompare.com [Last Updated On: February 23rd, 2018] [Originally Added On: February 23rd, 2018]
- The Top 10 Best Ethereum Wallets (2018 Edition) [Last Updated On: February 23rd, 2018] [Originally Added On: February 23rd, 2018]
- Ethereum fixes serious eclipse flaw that could be exploited ... [Last Updated On: March 7th, 2018] [Originally Added On: March 7th, 2018]
- How does Ethereum work, anyway? - Medium [Last Updated On: April 25th, 2018] [Originally Added On: April 25th, 2018]
- Free-Ethereum.com - Free Ether! [Last Updated On: May 31st, 2018] [Originally Added On: May 31st, 2018]
- What is Ethereum? | The Ultimate Beginners' Guide [Last Updated On: June 20th, 2018] [Originally Added On: June 20th, 2018]
- Ethereum Mining Guide for AMD and NVidia GPUs - Windows ... [Last Updated On: June 20th, 2018] [Originally Added On: June 20th, 2018]
- Ethereum: Blockchains, Digital Assets, Smart Contracts ... [Last Updated On: July 16th, 2018] [Originally Added On: July 16th, 2018]
- Ethereum Price - Mobile Friendly Price of Ether [Last Updated On: July 16th, 2018] [Originally Added On: July 16th, 2018]
- Ethereum Soars with over a 2,800% Rally - Coin News Asia [Last Updated On: July 28th, 2018] [Originally Added On: July 28th, 2018]
- Ethereum Co-Founder Joseph Lubin Says Speculators Driving ... [Last Updated On: August 20th, 2018] [Originally Added On: August 20th, 2018]
- Bitcoin and Ethereum: A Look At The Week Ahead [Last Updated On: September 2nd, 2018] [Originally Added On: September 2nd, 2018]
- EthereumPrice - Official Site [Last Updated On: October 3rd, 2018] [Originally Added On: October 3rd, 2018]
- Ethereum Classic Price Analysis: ETC/USD Could Revisit $12 [Last Updated On: October 6th, 2018] [Originally Added On: October 6th, 2018]
- Ethplorer Ethereum tokens explorer and data viewer. Top ... [Last Updated On: October 6th, 2018] [Originally Added On: October 6th, 2018]
- Buy and Sell Ether With The Peer-to-Peer Ethereum ... [Last Updated On: October 6th, 2018] [Originally Added On: October 6th, 2018]
- Ethereum Price - CoinDesk [Last Updated On: October 18th, 2018] [Originally Added On: October 18th, 2018]
- EthereumPrice.org - USD Price, Charts & History [Last Updated On: October 18th, 2018] [Originally Added On: October 18th, 2018]
- Report: Whales Accumulate Ethereum (ETH) En-Masse Amid Bear ... [Last Updated On: December 7th, 2018] [Originally Added On: December 7th, 2018]
- GitHub - ethereum/go-ethereum: Official Go implementation of ... [Last Updated On: December 7th, 2018] [Originally Added On: December 7th, 2018]
- Ethererum Crypto-Economics Index Real-time Price Charts and ... [Last Updated On: December 7th, 2018] [Originally Added On: December 7th, 2018]
- Ethereum Definition | Investopedia [Last Updated On: December 7th, 2018] [Originally Added On: December 7th, 2018]
- What is Ethereum Gas: Step-By-Step Guide - Blockgeeks [Last Updated On: December 19th, 2018] [Originally Added On: December 19th, 2018]
- Ethereum Price Analysis: ETH Could Extend Losses Below $80 ... [Last Updated On: December 19th, 2018] [Originally Added On: December 19th, 2018]
- Ethereum Price Analysis: ETH Could Turn Bullish Above $90 ... [Last Updated On: December 19th, 2018] [Originally Added On: December 19th, 2018]
- Bitcoin, Ethereum, Ripple Prices Surge Higher; FOMO Santa Rally? [Last Updated On: December 26th, 2018] [Originally Added On: December 26th, 2018]
- Ethereum Co-Founder Calls the Cryptobottom of 2018 ... [Last Updated On: December 26th, 2018] [Originally Added On: December 26th, 2018]
- Part 1: Ethereum vs NEO Which blockchain will provide ... [Last Updated On: December 31st, 2018] [Originally Added On: December 31st, 2018]
- Ethereum Price Analysis: ETH Corrects Sharply, Can It Hold ... [Last Updated On: December 31st, 2018] [Originally Added On: December 31st, 2018]
- Ethereum: JPMorgan, Microsoft, Banks Form ... - fortune.com [Last Updated On: January 3rd, 2019] [Originally Added On: January 3rd, 2019]
- Ethereum News | Ethereum News today | Latest Ethereum News [Last Updated On: January 3rd, 2019] [Originally Added On: January 3rd, 2019]
- Ethereum (ETH) - Price, Chart, Info | CryptoSlate [Last Updated On: January 3rd, 2019] [Originally Added On: January 3rd, 2019]
- Ethereum Cash Pro [Last Updated On: January 3rd, 2019] [Originally Added On: January 3rd, 2019]
- What Is Ethereum? Here's What You Need To Know [Last Updated On: January 3rd, 2019] [Originally Added On: January 3rd, 2019]
- What is Ethereum? | The Ultimate Beginners Guide [Last Updated On: January 27th, 2019] [Originally Added On: January 27th, 2019]
- Ethereum Classic - A smarter blockchain that takes digital ... [Last Updated On: January 27th, 2019] [Originally Added On: January 27th, 2019]
- Ethereum Price Analysis: ETH Relatively Muted, Next Move ... [Last Updated On: January 27th, 2019] [Originally Added On: January 27th, 2019]
- Buy and Sell Ether With The Peer-to-Peer Ethereum Marketplace ... [Last Updated On: January 27th, 2019] [Originally Added On: January 27th, 2019]
- What is Ethereum? | The Ultimate Beginners' Guide - CoinCentral [Last Updated On: January 30th, 2019] [Originally Added On: January 30th, 2019]
- Ethereum Price Analysis: ETH Breaks Down, Turned Sell on ... [Last Updated On: January 30th, 2019] [Originally Added On: January 30th, 2019]
- Ethereum Price Analysis: ETH Remains Sell Near $128 ... [Last Updated On: March 6th, 2019] [Originally Added On: March 6th, 2019]
- Ethereum Price Analysis: ETH Remains Sell Near $128, Target ... [Last Updated On: March 11th, 2019] [Originally Added On: March 11th, 2019]
- Create a cryptocurrency contract in Ethereum [Last Updated On: March 11th, 2019] [Originally Added On: March 11th, 2019]
- Ethereum Price Analysis: ETH Buyers Wont Give Up Easily ... [Last Updated On: March 11th, 2019] [Originally Added On: March 11th, 2019]
- Buy and Sell ETH With The Peer-to-Peer Ethereum Marketplace ... [Last Updated On: March 18th, 2019] [Originally Added On: March 18th, 2019]
- Ethereum Technical Analysis - FXStreet [Last Updated On: March 18th, 2019] [Originally Added On: March 18th, 2019]
- Ethereum - Investopedia [Last Updated On: March 18th, 2019] [Originally Added On: March 18th, 2019]
- Ethereum - reddit [Last Updated On: March 18th, 2019] [Originally Added On: March 18th, 2019]
- Ethereum vs Bitcoin: The Battle for the Crypto Throne - Coindoo [Last Updated On: March 18th, 2019] [Originally Added On: March 18th, 2019]
- Ethereum Price Analysis: ETH Could Make a Sustained Move ... [Last Updated On: March 18th, 2019] [Originally Added On: March 18th, 2019]
- Ethereum Project [Last Updated On: March 18th, 2019] [Originally Added On: March 18th, 2019]
- Ethereum - Official Site [Last Updated On: April 20th, 2019] [Originally Added On: April 20th, 2019]
- Ethereum (ETH) Price Starts Much Awaited Rebound To $170 [Last Updated On: May 9th, 2019] [Originally Added On: May 9th, 2019]
- Ethereum Price Analysis: ETH Corrects But More Upsides Likely ... [Last Updated On: May 9th, 2019] [Originally Added On: May 9th, 2019]
- Ethereum Price Analysis: ETH Primed For Additional Losses ... [Last Updated On: May 9th, 2019] [Originally Added On: May 9th, 2019]
- Ethereum Won't Fail: Joseph Lubin - ccn.com [Last Updated On: May 9th, 2019] [Originally Added On: May 9th, 2019]
- Ethereum (ETH) Price Starts Fresh Increase: Bitcoin Leading ... [Last Updated On: May 9th, 2019] [Originally Added On: May 9th, 2019]
- Bitcoin Booming As Ethereum, Ripple's XRP, EOS And Litecoin ... [Last Updated On: May 9th, 2019] [Originally Added On: May 9th, 2019]
- Ethereum Bounty Program [Last Updated On: May 30th, 2019] [Originally Added On: May 30th, 2019]
- Dark Horses of dApps: 6 Blockchains With Ethereum In Their Sights - Crypto Briefing [Last Updated On: October 21st, 2019] [Originally Added On: October 21st, 2019]
- Latin Americans get two new ways to trade Bitcoin, Ethereum, and more - Decrypt [Last Updated On: October 21st, 2019] [Originally Added On: October 21st, 2019]
- Ethereums Bearish Wave Count Outlined by Cryptocurrency Analyst - BeInCrypto [Last Updated On: October 21st, 2019] [Originally Added On: October 21st, 2019]
- XRPs Third Quarter Inflation Rate Was Lower Than Ethereum (ETH) and Litecoin (LTC) - SludgeFeed [Last Updated On: October 21st, 2019] [Originally Added On: October 21st, 2019]
- Ethereum (ETH) Dives To $170, Is $160 Next Bear Target? - newsBTC [Last Updated On: October 21st, 2019] [Originally Added On: October 21st, 2019]
- Thomson Reuters: Bringing Smart Contracts to the Mainstream With Ethereum & Chainlink - Blockonomi [Last Updated On: October 21st, 2019] [Originally Added On: October 21st, 2019]
- Crypto Analyst: Ethereum Has Bottomed, Expected To See Extended Rally - newsBTC [Last Updated On: October 21st, 2019] [Originally Added On: October 21st, 2019]
- WATCH: MyCrypto CEO Taylor Monahan on Crypto Adoption and Ethereum - Coindesk [Last Updated On: October 21st, 2019] [Originally Added On: October 21st, 2019]
- Cryptocurrency market update: Kicks of a dying horse as Bitcoin, Ethereum and Ripple remain suppressed - FXStreet [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]
- Cryptocurrencies price prediction: Bitcoin, Ethereum & Litecoin - American Wrap - 22 October - FXStreet [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]
- Ethereums gas prices show an unusual surge when the Asian market sleeps - AMBCrypto [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]
- Whale Consolidates $88M Worth of Ethereum in Two Transactions - BeInCrypto [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]
- Ethereum Falls 10% In Selloff - Yahoo Finance [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]
- TRON Joins Bitcoin And Ethereum On Opera Browser - Crypto Briefing [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]
- Ethereum (ETH) Rebound Faces Major Hurdle Near $180 - newsBTC [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]
- Ethereum Breakout Above $360 Means Skys the Limit, Believes Cryptocurrency Analyst - BeInCrypto [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]
- Ethereum Futures: The Next Big Derivative to Hit the Market? - Cointelegraph [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]
- Ethereum and Stellars Lumen Daily Tech Analysis 23/10/19 - Yahoo Finance [Last Updated On: October 24th, 2019] [Originally Added On: October 24th, 2019]