Mitigating Frontrunning Atacks in Ethereum Maddipati Varun varunmaddipati@iitkgp.ac.in Indian Institute of Technology Kharagpur Kharagpur, West Bengal, India Balaji Palanisamy bpalan@pitt.edu University of Pittsburgh Pittsburgh, Pennsylvania, USA Shamik Sural shamik@cse.iitkgp.ac.in Indian Institute of Technology Kharagpur Kharagpur, West Bengal, India ABSTRACT With the rising popularity of Ethereum, there is also an uptick in the number of smart contract based decentralized applications (DApps). Consequently, Ethereum transaction volume is growing steadily over the last few years, but so are the various types of attacks on it. In Ethereum vulnerable smart contracts are always taken advantage of by adversaries. One of the primary ways of exploiting Ethereum with malicious intent is through frontrunning attacks that take advantage of the waiting time of transactions in the pending pool by adjusting the gas price. Attackers willing to execute such attacks constantly monitor the pending transaction pool and try to frontrun transactions. Mitigating such attacks is a critical step for ensuring secure DApp operations in Ethereum. In this paper, we propose a model-based attack detection and prevention scheme. We extract specifc features for each transaction and transform each transaction into a feature vector which is then analyzed by a machine learning model to detect if it is a frontrunning attack transaction or not in real time. Extensive experiments on a large dataset of transactions establish the efectiveness of our approach. CCS CONCEPTS · Security and privacy → Domain-specifc security and pri- vacy architectures; Intrusion/anomaly detection and malware mit- igation. KEYWORDS Ethereum, Frontrunning Attack, Machine Learning, Multi-layer Perceptron, LSTM ACM Reference Format: Maddipati Varun, Balaji Palanisamy, and Shamik Sural. 2022. Mitigating Frontrunning Attacks in Ethereum. In Proceedings of the Fourth ACM Inter- national Symposium on Blockchain and Secure Critical Infrastructure (BSCI ’22), May 30, 2022, Nagasaki, Japan. ACM, New York, NY, USA, 10 pages. https://doi.org/10.1145/3494106.3528682 1 INTRODUCTION Blockchain has gained a lot of popularity in recent times mainly due to the success of Bitcoin. This is clearly visible as blockchain is being used in a variety of felds [13][27][41], since it provides Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for proft or commercial advantage and that copies bear this notice and the full citation on the frst page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specifc permission and/or a fee. Request permissions from permissions@acm.org. BSCI ’22, May 30, 2022, Nagasaki, Japan © 2022 Association for Computing Machinery. ACM ISBN 978-1-4503-9175-7/22/05. . . $15.00 https://doi.org/10.1145/3494106.3528682 a transparent medium to share and use data [42][8]. Ethereum, which was conceived in 2013 [7] and went online in 2015, has several advantages over previous blockchain technologies. These include Turing-completeness of smart contract languages and support for transaction states. It also provides a user with the fexibility to make his rules for ownership, transaction formats and functions. This is enabled by using smart contracts ś programs stored on the blockchain that run when pre-established conditions are met. Even though it was deployed after Bitcoin [29], the number of transactions on the Ethereum network has outgrown Bitcoin. It has become the most used platform for the deployment of smart contracts with thousands of them being deployed [2][22]. However, this growth has also incentivized attackers to target Ethereum since there are more transactions to exploit. One of the major ways to manipulate Ethereum transactions is through frontrunning attacks. In this type of attack, the gas price of new transactions are appro- priately adjusted for impacting the ordering of transactions waiting in the pool to be mined as blocks. Frontrunning as such is not a new concept and has been quite common in the fnance market. A broker having insider knowledge about the trading decisions of clients can give higher priority to his own trading actions than the client’s, and thus end up making additional proft. Such actions are deemed unfair and have been successfully regulated in the fnancial markets. Evolution of decen- tralized applications especially on Ethereum has replaced most of the intermediaries with smart contracts. While avoiding the inter- mediate costs, it has also eliminated the central authorities who could regulate frontrunning. This has led to a rise in the number of attackers and several new forms of attacks on the Ethereum blockchain. Frontrunning attacks were frst brought to public notice when a group unsuccessfully tried to get back their tokens by calling a public function on the blockchain [11]. Since their transaction call was visible on the pending transaction pool and the function call could be made by anyone, their call was frontrun by bots. A solu- tion was eventually derived to successfully recover the tokens by privately mining the transactions [33]. Even though such a solution works, it centralizes the mining power to one trusted pool. It needs to be noted that, each user pays a transaction fee to the miner, the amount of which determines how quickly that transaction is mined in a block. Higher transaction fee incentivizes the miners to include the transaction in the block they mine. Therefore, nodes observing the transaction pool can frontrun other transactions by paying a higher fee to the miner. Furthermore, specialized software is not required to run frontrunning attacks as sample code for frontrun- ning bots is readily available on the Internet [30][31]. Therefore, detecting and preventing such attacks is critical to ensure secure and dependable operations in Ethereum. BSCI Session 3 BSCI '22, May 30, 2022, Nagasaki, Japan 115