MEV: Solutions and Opportunities

The idea of MEV (Miner / Maximum Extractable Value) is not new to the crypto community. It was first formalized in the paper Flashboys 2.0 in 2019 and has since sparked many discussions around MEV’s effects and solutions. Nonetheless, for the majority of DeFi users or even natives, the concept of MEV can be convoluted and far-fetched.

MEV is typically defined as the total amount of pure profit a miner can extract by manipulating the order sequence within a block space or via block re-organizations. However, just by this definition, we still cannot be certain what exactly MEV is.

Is it a fixed amount of money or is it a phenomenon (as we can often see phrases like preventing MEV)? How does MEV have to do with front-running, back-running, and other types of predatory arbitrage techniques as they are always associated with each other? Finally, and perhaps more importantly, how does MEV have to do with the users, how will the MEV potentially change the crypto ecosystem (or will it), and what are the solutions?

Let’s first start with a better definition.

What exactly is MEV?

The core of MEV has very little to do with the miners but has everything to do with order sequence manipulation or order optimization techniques. To understand this concept, let’s first take a look at the traditional CeFi market.

In the traditional market where a continuous order flow processing mechanism is being used, from a high-level perspective, orders are processed on a first-come-first-serve basis. Once the order matching server receives the trader’s order, it gets pushed into the matching engine immediately. In this system, after the orders are being received, the order sequence is set and deterministic, and therefore, the full economic value of order sequencing is preserved.

Nonetheless, readers can probably see that before the order reaches the exchange server, it is just another dark forest where the order sequence can be theatrically manipulated (in the US, it is banned by the SEC). Predatory traders can use various methods to decrease the latency between their server and the exchange server, gaining the unfair market information ahead of the other trades and thereby making their own predatory transactions to be executed at the right time for maximized economic rewards. This, in a sense, can be viewed as order manipulation via speed, where you simply get to the “checkpoint” faster, and it has been implemented for years in the traditional markets.

Crypto markets open up an entirely new paradigm for order sequence manipulation as the centralized checkpoint — the exchange servers (or the SEC) — are non-existent. Instead, for L1 blockchains (predominantly PoW and PoS blockchains), all transactions are sent into a public mempool where transactions are visible to everyone, and the transactions are ordered and packaged by miners through priority gas auction, or PGA, which simply means that the highest gas-paying transaction gets batched and executed first (and you can bid up the gas fee while the transaction is still in the mempool).

Essentially, this means that instead of trying to be fast, in the crypto world, predatory bots pay for the position on the ledger within a block space (which can seem like a more brute-force way of manipulating the order sequence. In practice, it is a bit more difficult than just to pay for the advantageous order position). By utilizing different bidding strategies, predatory bots bid up the gas fee so that their orders can be placed at the desired place as instructed by the predatory algorithms (front-running, back-running, sandwich attacks, etc.). This, in fact, is the most common flavor of the MEV, where the order sequence is being manipulated by the predatory bots and the economic value of the transaction sequence is transferred from the user to the predators. However, where do miners come into the play?

There’s a catch to the system, of course. We said previously that a centralized checkpoint is not present in the decentralized blockchain ecosystem. Well, it shouldn’t. However, if you inspect the plot above closely, you would notice that the group of miners is the only entity that has the power to determine whose and which order should be executed first within a block space. In this original design, PGA is simply one mechanism to help the miner to sort through a sea of transactions in the mempool. In other words, what predatory bots can do, miners can do with a lesser hassle.

Further, if there is residual MEV value in the past blocks, miners are incentivized to rebuild the entire block sequence and the transaction order so that they can reap the MEV profit. In order to pull off this strategy — also known as the “time-bandit attack”, 51% of the entire network’s hashing power is required, thereby endangering the consensus layer’s stability and decentralization level (notice here that this problem is universal in almost all consensus mechanisms, including PoW and PoS).

Lastly, as for the debate regarding what the M in MEV stands for, whether it should mean miner or maximum, both would make sense. They all mean that MEV represents the upper bound, or the total aggregate, pure revenue that can be generated from order sequence manipulation. Since the miners have the final say in this matter, we shall give them some credits.

Hence the MEV — Miner (Maximum) Extractable Value — the maximum value generated by manipulating the order sequence within a block space, exploitable by the predatory bots, but ultimately can be all reaped by the miners if they wish to do so.

How Bad is MEV Currently?

Thanks to the Flashbots team, we can have a sneak peek into the current state of the MEV / block space market². One thing to get out of the way first is that MEV is clearly real and growing³.

The total tracked MEV value topped 675.8 million dollars, a shocking amount compared with just 1 year ago, a mere 12 million dollars (Figure 3). The aggregated MEV activities have also been wasting roughly on average 4% of the total gas usage of the Ethereum network, an increase from below 0.5% since last year this time.

On the daily level, regardless of the drawbacks that can be observed periodically, the MEV has also seen tremendous increase. The maximum amount of daily extracted MEV⁴ hit 43 million dollars on May 18, 2022, with the majority of the days in 2021–2022 experiencing over 1 million dollars in the daily extracted MEV value.

If we look at the origins of the humongous aggregate MEV value, we would discover that almost all of the MEV activities (97%) come from arbitrages, namely, arbitragers exploiting the price differences among different DEX protocols. It certainly makes sense as positions move in and out of the liquidity pool with such a high volume daily in the DeFi world, causing price distortion within the LP pools, and therefore give way to the arbitragers for the pure profit opportunity.

From the protocol distribution, we can find out that the major DEXes, leading with Uniswap V2, Uniswap V3, SushiSwap, and Balancer, accounted for over 99% of the MEV transactions, confirming the previous dominating percentages in arbitrage MEV activities.

On the other hand, lending and borrowing protocols such as AAVE, Compound and Curve only represent 1% of the total MEV market space, mainly from the liquidation events incurred in the platform, which accounts for roughly 1% of the total MEV activities.

Under the current paradigm, what we are facing is clear. Arbitrage-typed MEV activities account for the vast majority of the overall MEV space, and the most common strategy is still front-running. However, it is worth noting here that the current MEV detection scheme is yet to be perfected. In fact, what we are seeing from MEV Explore is merely a first version that only captures a portion of the total MEV happening on Ethereum today. As a result, it is still hard to evaluate the accurate percentage of Ethereum’s bandwidth that is wasted due to MEV activities.

Innovations in MEV management

Over time, blockchain developers have come to appreciate the complexity of MEV and its integral part in modern crypto-economic systems. Correspondingly, they have sought to restructure blockchain architectures and incentive systems to mitigate the negative effects of MEV while preserving or magnifying the positive effects. These attempts largely fall into two categories:

• Distribution of MEV equally across block producers, to avoid centralization risk while reaping the network security benefits of MEV extraction
• Mitigation of the negative effects of MEV on ordinary users through reduction of purely extractive MEV and/or distribution of MEV profits to the blockchain ecosystem

These strategies have been attempted at both the base architectural layer as well as at the protocol or application layer. To illustrate, the implementation of EIP-1559 is an architectural change which seeks to mitigate the negative effects of priority gas auctions on ordinary users, but does little to change the distribution of MEV profits across block proposers. In contrast, Flashbots-style auctions for transaction ordering privileges allow block producers to take advantage of a competitive searcher market to produce an effective floor on their MEV extraction effectiveness, therefore narrowing the gap between the worst and best block producer in terms of MEV extraction, but do nothing to prevent extractive MEV. In the following, we will touch upon some newer systems or proposed changes as well as their relative strengths and weaknesses.

Fair sequencing

Naively, the simplest way to eliminate transaction frontrunning is to impose a first-in-first-out rule for transaction processing. This is straightforward to implement if a single centralized party possesses the right to order all transactions; in this case, there is a well-defined arrival order, and so long as the centralized party can be trusted, frontrunning is effectively impossible. For example, this is currently the case with Arbitrum One, an optimistic rollup on top of Ethereum mainnet, which has a single permissioned full node run by Offchain Labs with total transaction sequencing privileges. (Note that usage of sequencers is an optional part of the Arbitrum rollup technology which allows for near-instant confirmation of transactions.) However, centralization of transaction ordering to a single sequencer naturally exposes all users to the risk of malicious activity from that sequencer, and it is therefore desirable to eventually shift to a decentralized model.

However, in a decentralized setting where thousands of nodes may receive transactions at different times, implementing a precise notion of a fair arrival order is not trivial. Some progress in this direction was made by Kelkar et al. (2020), Order-Fairness for Byzantine Consensus, which proposes formal definitions of “fair ordering” as well as a family of protocols, termed Aequitas, which provide various guarantees of fair ordering. At a very high level, these protocols seek to ensure that if many nodes receive transaction A before they receive transaction B, then the resulting ordering should place transaction A before transaction B. Arbitrum One plans to eventually implement such a fair ordering protocol with the assistance of a decentralized network of Chainlink oracles.

Flashbots (MEV-Geth)

One of the most discussed MEV solutions is perhaps Flashbots⁶. As a R&D organization, Flashbots has a grand road map planning ahead, however, their current solution, MEV-Geth, builds upon the idea to democratize the MEV space. Why do I say this? Because, before Flashbots, searchers have been fighting in priority gas auctions (PGA), continuously bidding up fees to have their transaction recorded on block. And this was easily decided by whoever had a better view of the mempool, which would simmer down to the good methods used for extracting data from the “dark forest”, and executing on it. MEV opportunities would only be controlled by a few parties who had a good view of the mempool. These orders are then sent to miners to validate and add on-chain. However, only 1 transaction, the winner of the auction, will be able to capture the arbitrage opportunity. The rest of the orders, having not won this gas bidding auction, will then be cancelled and fail to land-on chain. It would be all good if that was all there is to it, but cancellations and failures lead to negative externalities that result in higher gas fees and more block space being used.

Now comes MEV-geth, the solution created by Flashbots. On a high-level, MEV-geth is effectively an API that consolidates all these MEV opportunities, and gives searchers a battleground to fight for the arbitrage opportunity. MEV-geth takes this battle off-chain, they identify all these flashbot bundles that searchers send, then analyses them, and they try to simulate these bundles being added to a block. Bundles are added according to the gas price listed, and ultimately, the bundles would be sent to a miner to validate the transactions.

Through this process, we can see that Flashbots’ MEV-geth addresses 3 things. Firstly, it took this battle off-chain, and only the bot that is going to capture this MEV opportunity lands on-chain. Resulting in no cancellation or failures on-chain, which makes MEV efficient and reduces the average gas price. Secondly, it fosters the growth of the MEV scene, Flashbots has turned the competition from having the best view of the mempool to instead operating on gas-efficiency. Thirdly, a factor that is usually overlooked, and pertains to the benefit of the miners — protecting the miners. Oftentimes searchers are paying for their bundle through smart contract transfer instead of gas price, and because of this, the miner has to expand computational resources in order to find out if a bundle is good or not. However, this is based on a relationship of trust that the searcher is sending a high quality bundle to the miner. Miners are wary of this because there could be instances where miners get DDOS by malicious searchers, who basically spam them with low quality bundles that do not pay the miners anything, and force miners to expand computational resources to find out if the bundles are good. Flashbots are taking on this risk for the miners in their MEV-geth, because they are doing the job of simulating every bundle before sending it to the miners. Essentially, they are providing miners with protection against these malicious searchers. Moreover, malicious searchers that send DDOS are constricted to the low priority queue, making it even harder for them to reach miners. This protects the good faith between Flashbots and the miners, providing the essential trust that is required to send transactions through private relay to these miners.

Over time, we see that the average gas fees it takes to capture an arbitrage opportunity has come down, and this is one of the main goals of MEV solutions.

Protocol-level reduction of MEV opportunities

Certain MEV opportunities may be understood as flaws either in user behavior or in protocol design which allow for purely extractive MEV as a result of normal user-protocol interaction. These MEV opportunities are likely to disappear over time as new protocols emerge which prevent their generation.

For example, imbalances in liquidity pool are typically caused by users performing large atomic swaps within single pools. In principle, the user can spread out their transaction across multiple DEXes to reduce overall price impact and execute their trade at lower cost; however, doing so manually is slow and cumbersome. Consequently, DEX aggregators such as 1inch, ParaSwap, and Rango, which identify optimal paths for trade routing to deliver users superior trade execution across many different DEXes (and, in the case of Rango, across multiple chains as well), have become increasingly popular. Eventually, as more trade volume moves to these aggregators, the space of available arbitrage opportunities will commensurately diminish. (That being said, it is valuable to note that the individual routed trades of a larger order through an aggregator can still be sandwiched, and that arbitrage between aggregated and non-aggregated DEXes remains possible.)

As we can see, there is substantial interest from both users and developers in building out MEV-resistant blockchain ecosystems at the protocol level. In general, to the extent that MEV opportunities are created from transactions “leaving money on the table,” as it were, we should expect users to heavily favor protocols which deliver greater value by allowing them to easily claw back at least some fraction of those inefficiencies (which would otherwise be captured as MEV). Commensurate with the maturation of cryptoeconomic systems, MEV searchers and block producers should expect “easy revenues” arising from rectifiable inefficiencies to diminish over time. This may drive searchers, who have significant investments into domain-specific expertise and hardware, toward increasingly complex forms of MEV.

MEV on Cashmere Protocol

Cashmere provides MEV protection to its users. The main reason for doing this is to protect the assets of the users and to prevent various losses. Cashmere uses several methods to protect against especially front-run and sandwich attacks. In this section we will explain technically how Cashmere does this.

Cashmere has developed many mechanisms for MEV (front-run) protection:

1) Destination asset (any asset) that the user wants to retrieve on the destination chain can only be known by Cashmere validators, an ordinary MEV front-run bot cannot see it as on-chain, because this information is sent to validators with zk-like proof.

2) On the Ethereum blockchain, users will be able to hide their transactions from ETH mempool and be protected from front-run by giving the option from Cashmere app to use private RPCs flashbots.

On the other L1s and L2s, unfortunately, transactions cannot be executed by making direct payments to the miner in other chains except than Ethereum. That’s why we developed a unique front-run protector tool, This tool based on the liquidity of the swapping assets on Cashmere (on the source & destination chain) It calculates the best slippage value that the user should use, and the Cashmere application makes the user use this slippage value. In this way, front-run bots cannot profit from transactions because slippages are very low and optimized depends on assets & their liquidities. Since Cashmere MEV Tool is highly efficient as it can scan all the liquidity pools and amounts of any token.

The flows describe Cashmere’s fully decentralized and permissionless architecture, with this architecture, Cashmere is not dependent to centralized servers and Cashmere app cannot be stopped if the validators are running.

Briefly in this architecture :

It is explained that the swap parameters from the backend are validating and approved by validators via zk-like proofs and executed. In this way,

— Cashmere backend cannot act against the user,

— Can not harm the user’s assets.

— It cannot make a query other than the amounts requested by the user.

— Can not query other than the entities requested by the user.

Validators work like guardians and validate these queries on-chainly.

For example, if the 8/10 validator validates this query, the transaction will be executed.

— Validators will be rewarded for their validation process, so here Cashmere offers a cashflow for validators, not just simple capital growth.