search

Uniswap / v2-core

🦄 🦄 Core smart contracts of Uniswap V2
https://uniswap.org/docs
GNU General Public License v3.0
2.97k stars 3.18k forks source link

Front-running vulnerability in Uniswap #88

Closed nrgskill closed 4 years ago

nrgskill commented 4 years ago

How someone made a million dollar in 30 min? credit to https://twitter.com/rstormsf

Original post https://twitter.com/rstormsf/status/1282734073081823232

  1. Wait for BZRX news for uniswap listing.
  2. Write a smart contract that buys token on Uniswap
  3. Spam eth network to others can't get in with failed txs

The block #10451767 is very interesting. As soon as the liquidity tx went thru the bot was able to get right after it to be the first one to buy BZRX.

In 2 minutes, he started to sell: 100,000 bzrx 218 eth 100,000 bzrx 257 eth 400,000 bzrx 741 eth 200,000 bzrx 337 eth 100,000 bzrx 193 eth 100,000 bzrx 193 eth 100,000 bzrx 195 eth 100,000 bzrx 157 eth 200,000 bzrx 234 eth 100,000 bzrx 103 eth 66,111 bzrx 52 eth

nrgskill commented 4 years ago

https://www.memesmonkey.com/images/memesmonkey/c1/c11bb353e638bfb2b41a3ce4b5fddffd.jpeg I hope you're gonna appreciate the memeiness

moodysalem commented 4 years ago

Front running is a well known attribute of many decentralized exchanges, described in the security audit

These issues are well known, and are also present in Uniswap V1. Transaction reordering and front-running attacks can arguably be viewed as a broader structural problem inherent to many trading venues with on-chain clearing and settlement. As has been extensively documented in Daian et al.1, such strategies have been widespread in Ethereum for many years, and the rents accruing to miners from the transaction reordering privilege (miner extractable value) can even pose a threat to the security of the blockchain consensus layer.

This is not something Uniswap V2 aims to solve.

This is why we provide 'slippage tolerance' parameter in the UI, meaning the price you get cannot exceed the price you see in the UI by more than X%, default to 0.5%.

Protection against slippage does not prevent users from bidding up the price of a token to a significantly higher price as soon as liquidity is added, and this is not something that should be prevented in any case (it is possible that the true price is actually 500% higher than the listed price, and this is just part of price discovery)

nrgskill commented 4 years ago

Traders set high gas prices to mitigate this risk. As a result, every time there is a new yield farming craze, the gas price skyrockets. Given the amount of volume and revenue generated by Uniswap, a layer 2 solution would be an act of responsibility towards the entire ecosystem.