By Daniel Kuhn, CoinDesk; Translated by Deng Tong, Golden Finance
The U.S. Department of Justice has charged two brothers with orchestrating an attack on Ethereum trading bots, charging them with conspiracy to commit wire fraud and conspiracy to launder money. Essentially, the brothers found a way to target bots that front-loaded trades in a process called Maximum Extractable Value (MEV), which refers to the amount of money that can be extracted from the block production process by ordering transactions.
MEV is controversial in its own right, but the fact that it can be a lucrative game dominated by automated bots, often at the expense of blockchain users, is part of the reason so many in the crypto community rushed to condemn the DOJ complaint. However, this is not the case with Robinhood, where two brothers, Anton and James Peraire-Bueno of Bedford, Massachusetts, are stealing money from the rich and giving it to the poor.
As the Justice Department’s filing shows, the brothers made about $25 million in at least eight separate transactions in what, according to the Justice Department, was an elaborate and premeditated scheme. They set up shell companies and found ways to safely launder the money to avoid detection. The highly technical complaint details how the exploit took place, with the Justice Department calling it “the first of its kind.”
“They exploited a flaw in MEV boost to push invalid signatures to preview packages. This provided an unfair advantage through a vulnerability,” Hudson Jameson, a former employee of the Ethereum Foundation and Flashbots, said in an interview. Jameson added that the Peraire-Bueno brothers were also running their own validators when they withdrew MEV, which violated the gentleman’s agreement in the MEV community.
“To our knowledge, no one else in the MEV ecosystem was doing both,” he added. “They did more than just follow the written and unwritten rules of MEV extraction.”
“This is not some Robinhood story because they didn’t give the money back to the people who had extracted the MEVers,” said Banteg, the anonymous researcher.
On a more technical level, the brothers were able to exploit open source software called mev-boost built by the MEV company Flashbots, which gave them a different view of how the MEV bots ordered transactions. (Mev-boost is an open source protocol that allows different players to compete to “build” the most valuable blocks by ordering transactions.)
“With access to the blocks, the malicious proposer could extract transactions from the stolen blocks and use them in their own blocks, which could then be exploited. In particular, the malicious proposer built their own blocks, compromising the Sandwich bots and effectively stealing their money,” Flashbots’ 2023 postmortem showed.
The heart of the DOJ’s case is that the brothers found a way to sign fake transactions to carry out the scheme. “The purpose of this fake signature was to trick the relay into prematurely releasing the contents of the proposed block, including private transaction information, to the defendants,” the filing reads.
“I think the invalid header section is going to be the pointer that balances this out,” said a cryptocurrency researcher who requested anonymity.
“I feel like the indictment shows that, so the SDNY is very technically savvy here and clearly lays out where they screwed up and suggests the inevitability of MEV in the blockchain, which may actually be a good thing,” Jameson said.
Others have also noted the technical complexity of the DOJ’s argument, which doesn’t seem to be an indictment of MEV or ethereum itself, but rather an attempt to profit from unfair access to information.
"If you want Ethereum to always be a 'dark forest' with on-chain predators competing with each other for arbitrage opportunities, then you may not like this prosecution," Consensys General Counsel Bill Hughes said in an interview. "Thankfully, I think it's actually only a minority of people who are like that. If you want this kind of predatory behavior to be limited (which it is, the vast majority), then you may feel the opposite."
"All of the defendants' preparation for the attack, and their completely clumsy attempts to cover their tracks afterwards, including a lot of incriminating Google searches, help the government prove that they intended to steal. All of this evidence looks bad to a jury. I suspect they will plead guilty at some point," he added.
Still, others still believe that it's fair to exploit MEV robots designed to reorder transactions. "It's a little hard to sympathize with MEV robots and block builders being bullied by block proposers, just as they bully end users," said the anonymous researcher.
Jameson said the Ethereum community should work to minimize MEV, but it's a difficult problem to solve. For now, the process is “inevitable.”
“Before it can be eliminated, let’s study it. Let’s illuminate it. Let’s minimize it. And since it does exist, let’s make it as open as possible so that anyone can participate under the same rules,” he said.
If there is any silver lining, Ari Juels, a professor at Cornell Tech, said the Flashbots team was able to fix the bug that enabled the attack fairly quickly.
“There were no lasting effects,” he added. “What happened was certainly ironic: thieves stole money from a sandwich robot that, in the eyes of many in the community, was itself exploiting its users.”