Understanding the Security Risks of Decentralized Exchanges by Uncovering Unfair Trades in the Wild

Jiaqi Chen, Yibo Wang, Yuxuan Zhou, Wanning Ding, Yuzhe Tang, Xiao Feng Wang, Kai Li

Research output: Chapter in Book/Entry/PoemConference contribution

1 Scopus citations

Abstract

DEX, or decentralized exchange, is a prominent class of decentralized finance (DeFi) applications on blockchains, attracting a total locked value worth tens of billions of USD today.This paper presents the first large-scale empirical study that uncovers unfair trades on popular DEX services on Ethereum and Binance Smart Chain (BSC). By joining and analyzing 60 million transactions, we find 671, 400 unfair trades on all six measured DEXes, including Uniswap, Balancer, and Curve. Out of these unfair trades, we attribute 55, 000 instances, with high confidence, to token thefts that cause a value loss of more than 3.88 million USD. Furthermore, the measurement study uncovers previously unknown causes of extractable value and real-world adaptive strategies to these causes. Finally, we propose countermeasures to redesign secure DEX protocols and to harden deployed services against the discovered security risks.

Original languageEnglish (US)
Title of host publicationProceedings - 8th IEEE European Symposium on Security and Privacy, Euro S and P 2023
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages332-351
Number of pages20
ISBN (Electronic)9781665465120
DOIs
StatePublished - 2023
Event8th IEEE European Symposium on Security and Privacy, Euro S and P 2023 - Delft, Netherlands
Duration: Jul 3 2023Jul 7 2023

Publication series

NameProceedings - 8th IEEE European Symposium on Security and Privacy, Euro S and P 2023

Conference

Conference8th IEEE European Symposium on Security and Privacy, Euro S and P 2023
Country/TerritoryNetherlands
CityDelft
Period7/3/237/7/23

Keywords

  • DEX
  • DeFi
  • Ethereum
  • Theft
  • blockchain
  • fairness

ASJC Scopus subject areas

  • Information Systems
  • Safety, Risk, Reliability and Quality
  • Artificial Intelligence
  • Computer Networks and Communications
  • Computer Science Applications
  • Software

Fingerprint

Dive into the research topics of 'Understanding the Security Risks of Decentralized Exchanges by Uncovering Unfair Trades in the Wild'. Together they form a unique fingerprint.

Cite this