senior research engineer martin derkablockchain/pdfs/derka.pdfpenny auctions 4 fomo 3d 1. the last...
TRANSCRIPT
![Page 2: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/2.jpg)
2
Topic
Mining Manipulation
Influencing the order or timeliness of transaction mining
Case Studies:
● Fomo3D (Network Jamming)● FairWin (Front Running)
![Page 3: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/3.jpg)
3
Penny Auctions
![Page 4: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/4.jpg)
4
Fomo 3D
1. The last investor takes the jackpot2. Investments extend the timer
Fomo 3D:A ponzi scheme, smart contract resembling a penny auctionhttps://etherscan.io/address/0xa62142888aba8370742be823c1782d17a0389da1
![Page 5: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/5.jpg)
5
Fomo 3D
● Deployed on July 6, 2018● Over 17,000 ETH by July 21, 2018 ($5.1 million @ $300 per ETH)
One possible outcome [...] is the game will attract a huge amount Ethers, and can do it again and again. [...] Ultimately, it will drain all liquidity of Ether and let the winner takes all. Then Ethererum’s network value will be largely destroyed. [...]
toliuyi, Ethresear.ch forum
![Page 6: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/6.jpg)
6
Fomo 3D
● Deployed on July 6, 2018● Over 17,000 ETH by July 21, 2018 ($5.1 million @ $300 per ETH)
Miner pool collusion much more likely.
![Page 7: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/7.jpg)
7
Fomo 3D
Random Airdrops
![Page 8: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/8.jpg)
8
Fomo 3D - Random Airdrops
contract Fomo3D {
uint256 pot; uint256 jackpot;
function invest() payable { if (msg.value >= 0.1 Ether && airdrop()) { uint256 reward = pot.mul(75) / 100; msg.sender.send(reward); }
// add a bit to the pot // add the rest to jackpot // extend the timer }
} ** A simplified interpretation of an excerpt from Fomo3D
![Page 9: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/9.jpg)
9
Fomo 3D - Random Airdrops
** An excerpt from Fomo3D
![Page 10: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/10.jpg)
10
Fomo 3D - Random Airdrops
There is no randomness on Ethereum!
All miners need to deterministically arrive to the same interpretation of the smart contract code.
![Page 11: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/11.jpg)
11
Fomo 3D - Random Airdrops Exploit
contract Exploit {
function airdrop() { ... define exactly as in fomo3d ... }
function exploit(address fomo3d) { if (this.airdrop()) { uint256 reward = fomo3d.pot().mul(75) / 100; if (reward > 0.1 Ether) { fomo3d.invest.value(0.1 Ether)(); } } }
// ... // more functions to make the whole thing useful
}
![Page 12: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/12.jpg)
12
Fomo 3D - Random Airdrops
We can do even better...
![Page 13: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/13.jpg)
13
Fomo 3D - Advanced Random Airdrops Exploit
![Page 14: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/14.jpg)
14
Fomo 3D - Random Airdrops Exploit
contract Exploiter { ... put the calling logic here ... }
contract JustDrain {
function (address exploiter) { ... define exactly as in fomo3d ... }
function exploit(address fomo3d) { Exploiter exploiter = new Exploiter(); while (!this.airdrop(exploiter)) { exploiter = new Exploiter(); } exploiter.callFomo3D(); }
// ... // more functions to make the whole thing useful
}
![Page 15: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/15.jpg)
15
Fomo 3D - Random Airdrops
How to fix this?
![Page 16: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/16.jpg)
16
Commit and Reveal
1. User commits to an action in block n2. The action will be resolved (n+k) blocks later
commit resolve
![Page 17: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/17.jpg)
17
Commit and Reveal
1. User commits to an action in block n2. The action will be resolved (n+k) blocks later
The level of security is equivalent to the level of trust that the user does not have sufficient hashpower and incentive to mine k blocks ahead.
commit resolve
![Page 18: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/18.jpg)
18
Naive Vulnerable Implementation
![Page 19: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/19.jpg)
19
Commit and Reveal Example
![Page 20: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/20.jpg)
20
Fomo 3D
Fomo 3D: End of Game
![Page 21: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/21.jpg)
21
Fomo 3D - Network Jamming
The first round of Fomo3D finished on August 22, 2018.
The winner collected 10,469 ETH (~$3.3 million @ $300 per Ether).
![Page 22: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/22.jpg)
22
Fomo 3D - Network Jamming
https://howmuch.net/articles/biggest-crypto-hacks-scams
![Page 23: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/23.jpg)
23
Fomo 3D - Regular Ethereum Block
● Regular block
![Page 24: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/24.jpg)
24
Fomo 3D - Network Jamming
● Block 6191896: A user purchased a Fomo3D investment key.
● Block 6191898 - 6191906: Ethereum started showing abnormal number of transactions.
![Page 25: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/25.jpg)
25
Fomo 3D - Jammed Block
● Regular block
![Page 26: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/26.jpg)
26
Fomo 3D - Jammed Block
● Regular block
![Page 27: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/27.jpg)
27
Fomo 3D - Jammed Block
![Page 28: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/28.jpg)
28
Fomo 3D - Network Jamming
● Block 6191896: A user purchased a Fomo3D investment key. ● Block 6191898 - 6191906: Ethereum started showing abnormal number of
transactions.● This time was sufficient for the limit for the next key purchase to lapse.
![Page 29: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/29.jpg)
29
Fomo 3D - Network Jamming
How can such a thing happen?
![Page 30: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/30.jpg)
30
How Did This Work: Transaction Mining
tx
...
mempool
![Page 31: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/31.jpg)
31
How Did This Work: Transaction Mining
tx
...
mempool
miner
![Page 32: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/32.jpg)
32
How Did This Work: Transaction Mining
tx
...
mempool
miner
![Page 33: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/33.jpg)
33
How Did This Work: Transaction Mining
tx
...
mempool
miner
![Page 34: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/34.jpg)
34
How Did This Work: Transaction Mining
tx
...
mempool
miner
Miner chooses transactions to include in a block!
![Page 35: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/35.jpg)
35
Fomo 3D - Final Remarks
Final Remarks
● Someone is playing again: Fomo3D holds ~1,253.00 Ether● User interface (www.exitscam.me) does not seem to be active
![Page 36: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/36.jpg)
36
Fomo 3D - Final Remarks
An implementation of the world’s first self-decentralizing artificial intelligence that reaches beyond the boundaries of its own software in order to sustain itself.
![Page 37: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/37.jpg)
37
FairWin
FairWin
![Page 38: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/38.jpg)
38
FairWin
FairWin: A ponzi scheme deployed on July 27, 2019. On September 26, it held ~49,518 ETH. Vulnerabilities were found and reported in September 2019. The contract is currently empty.
![Page 39: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/39.jpg)
39
FairWin
Throughout late September 2019, the community found disclosed two vulnerabilities:
1. Centralization of Power allowing the owner of the contract to drain all the invested funds
2. Front running vulnerability allowing anyone to compete for another person’s investments
![Page 40: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/40.jpg)
40
Front Running
Front Running: An attempt to get one transaction to be mined before another.
![Page 41: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/41.jpg)
41
Front Running
Front Running: An attempt to get one transaction to be mined before another. This is often done through offering excessive gas prices.
tx
...
mempool
miner
Miner chooses transactions to include in a block!
![Page 42: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/42.jpg)
42
FairWin
contract FairWin {
mapping (string => address) investors; mapping (string => uint256) investments;
function invest(string inviteCode, ...) payable { if (investors[inviteCode] == 0x0) investors[inviteCode] = address; investments[inviteCode] = investments[inviteCode].add(msg.value);
//… other logic }
function exit(string inviteCode) { require(investors[inviteCode] == msg.sender); investors[inviteCode].send(investments[inviteCode]); }
} ** An illustration of a vulnerability similar to FairWin
![Page 43: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/43.jpg)
43
Mempool Problem
Front Running: An attempt to get one transaction to be mined before another. This is often done through offering excessive gas prices.
tx
...
mempool
miner
Miner chooses transactions to include in a block!
Anyone can read mempool !
![Page 44: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/44.jpg)
44
Mempool Problem
One more example...
![Page 45: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/45.jpg)
45
Escrow Examplecontract Escrow { mapping (bytes32 => uint256) deposits; mapping (bytes32 => bool) invalid;
function deposit(bytes32 secret) payable { require(!invalid[secret]); deposits[secret] = deposits[secret].add(msg.value); }
function withdraw(string password) { bytes32 secret = keccak256(password); uint256 value = deposits[secret];
require(value > 0); deposits[secret] = 0; invalid[secret] = true; msg.sender.send(value); }}
![Page 46: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/46.jpg)
46
Combination
Can we combine the two techniques?
![Page 47: Senior Research Engineer Martin Derkablockchain/pdfs/Derka.pdfPenny Auctions 4 Fomo 3D 1. The last investor takes the jackpot 2. Investments extend the timer Fomo 3D: A ponzi scheme,](https://reader036.vdocuments.mx/reader036/viewer/2022081612/5f256915e6861203f8752c4e/html5/thumbnails/47.jpg)
47
Effective Front Running
1. Front Running a. Read the mempoolb. Submit competing transactions with higher gas price
2. Jam the networka. Submit transactions exhausting block gas limitb. Nobody’s transactions will be mined
3. Jam the network + Front Runninga. Submit transactions exhausting block gas limitb. Nobody’s transactions will be mined, but they will be present in mempoolc. Read the mempoold. Submit competing transactions with higher gas pricee. Unblock the network