Problem
Abstract The use of blockchains for automated and adversarial trading has become commonplace. However, due to the transparent nature of blockchains, an adversary is able to observe any pending, not-yet-mined transactions, along with their execu- tion logic. This transparency further enables a new type of adversary, which copies and front-runs profitable pending transactions in real-time, yielding significant financial gains.
Approach
Shedding light on such “copy-paste” malpractice, this paper introduces the Blockchain Imitation Game and proposes a gen- eralized imitation attack methodology called APE. Leveraging dynamic program analysis techniques, APE supports the auto- matic synthesis of adversarial smart contracts. Over a time- frame of one year (1st of August, 2021 to 31st of July, 2022), APE could have yielded 148.96M USD in profit on Ethereum, and 42.70M USD on BNB Smart Chain (BSC).
Results
Not only as a malicious attack, we further show the po- tential of transaction and contract imitation as a defensive strategy. Within one year, we find that APE could have suc- cessfully imitated 13 and 22 known Decentralized Finance (DeFi) attacks on Ethereum and BSC, respectively. Our find- ings suggest that blockchain validators can imitate attacks in real-time to prevent intrusions in DeFi. 1