cyberhang.eth
Mar 5, 2022
Global Coin Research
Here we assume there is a liquidity pool on Ethereum. Two assets GCR-USDC, with a relation $xy=k$, where $x,y$ represent the quantity of asset GCR, USDC in the pool, and $k$ is the product of their quantity, which is a constant given the property of the AMM mechanism. (We just ignore pool transaction fee since it is quite small and negligible in this question)
Sandwich Attacks is basically a front-running strategy to transact just before a large trade in a pool. For example, Alice trades GCR-USDC pair in Uniswap V2. She wants to buy $\Delta x$ amount of GCR tokens with $\Delta y$ USDC. After she approves her transaction with an input of $\Delta y$ amount of USDC, her transaction is pending and waiting for a miner to package her transaction. Just right before her transaction is packaged, a front-running bot discovered her transaction and traded before her transaction is finalized. We assume the front-running bot puts $\Delta y_{a}$ USDC into the pool at this time(an “a” here means attack, to distinguish with Alice’s money), with a higher network transaction fee to front-run Alice. What happened then is the bot’s transaction is packaged before Alice’s, which means Alice trades at a higher price than she expected because here is a bot traded before her. We just use the following formulas to describe it in a formalized manner:
$$ (x_t-\Delta x_a)(y_t+\Delta y_a)=k \quad \quad \quad \quad \quad \quad \quad(1)\\ (x_t- \Delta x_a- \Delta x)(y_t+ \Delta y_a+ \Delta y)=k \quad \quad \quad \quad \quad \quad \quad (2)\\ (x_t- \Delta x_a- \Delta x + \Delta x_a)(y_t+ \Delta y_a+ \Delta y -\Delta {y_a}^{\prime})=k \quad \quad \quad \quad \quad \quad \quad (3) $$
Here $x_y, y_t$ mean the amount of USDC and ETH in the pool at the time they trade. From the above formulas, we can clearly see that equation (1) represents the bot’s trade, and (2) represents Alice’s trade right after the bot’s, and (3) represents the bot sells its GCR right after Alice buys GCR. After these three trades, Alice got less GCR than she expected as she puts $\Delta y$ USDC into the pool, and the bot makes a profit from its buy and sell with no GCR left on its hand.
We then calculate the bot’s net profit in these two transactions: Assume the transaction cost of the bot is $c$ in each of its trades. The profit from the above two transactions is: (combine (1), (2) and (3) we have)
$$ \Delta y_a^{\prime} - \Delta y_a= y_t+ \Delta y - \frac{k}{\frac{k}{y_t+\Delta y_a +\Delta y}+x_t - \frac{k}{y_t +\Delta y_a}} \\= \Delta y + \frac{(\frac{y_t}{\Delta y_a})^2 (y_t+\Delta y_a)^2}{\Delta y+\frac{(y_t+\Delta y_a)^2}{\Delta y_a}} - \frac{y_t^2}{\Delta y_a} $$
Then bot’s net profit is:
$$ NP_a = \Delta y + \frac{(\frac{y_t}{\Delta y_a})^2 (y_t+\Delta y_a)^2}{\Delta y+\frac{(y_t+\Delta y_a)^2}{\Delta y_a}} - \frac{y_t^2}{\Delta y_a}-2c \quad \quad (4) $$
Here, $c$ depends on the network condition and the transaction fee put by Alice. This is because the bot show set a higher transaction fee to front-run Alice. And from the above formula, we can see the $NP_a$ (net profit) is correlated with $\Delta y$, $y_a$ and $y_t$.
From the above equation $(4)$, it’s clear that $NP_a$ is strictly increasing with $\Delta y$, which implies the larger trade Alice does, the more profit the bot can earn.
However, this function is also strictly decreasing with $y_t$. This conclusion is intuitive and easy to get from $(4)$, we can manipulate equation (4) as following:
$$ NP_a = \Delta y + \frac{(\frac{y_t}{\Delta y_a})^2 (y_t+\Delta y_a)^2}{\Delta y+\frac{(y_t+\Delta y_a)^2}{\Delta y_a}} - \frac{y_t^2}{\Delta y_a}-2c \\= \Delta y + \frac{y_t^2}{\Delta y_a}(\frac{(y_t+\Delta y_a)^2}{\Delta y \Delta y_a+(y_t+\Delta y_a)^2}-1) -2c \\=\Delta y + \frac{y_t^2}{\Delta y_a}(\frac{-\Delta y \Delta y_a}{\Delta y \Delta y_a+(y_t+\Delta y_a)^2}) -2c\\=\Delta y - \Delta y\frac{ y_t^2}{\Delta y \Delta y_a+(y_t+\Delta y_a)^2}-2c \quad \quad \quad (5) $$
From equation $(5)$, is easy to conclude that $NP_a$ is strictly decreasing with $y_t$, and as $y_t \to \infty$, $NP_a \to -2c$, which means when $y_t$ is sufficiently large, the bot cannot get any profits from its front-running trades but bear transaction fee loss.
From the pool data and historical data, we get $y_t \approx 300,000$, and $\Delta y ≤ 10,000$. We consider the worst-case scenario: we set $\Delta y = 10,000$ here, which maximise the attacker’s profit. We assume $c\approx150$ as this number is in line with common sense.
Firstly, we take a look at the following two examples:
If Alice put 10k value of ETH into the pool. And the attacker plans to use 10k value of ETH to implement his attack. From equation $(5)$ we get $NP_a \approx 344.5$. The net profit of this attack is around $344.5.
If Alice put 10k value of ETH into the pool. And the attacker plans to use 20k value of ETH to implement his attack. From equation $(5)$ we get $NP_a \approx 928$. The net profit of this attack is around $928.
The above two examples give us a sense of the current condition of the GCR’s Uniswap Pool. Our aim is to set up our liquidity to prevent sandwich attacks. Here is the simulation when we assume $\Delta y=10,000$ and $\Delta y_a = 10,000$.
| Liquidity | Attacker’s Net Profit | Profit rate |
|---|---|---|
| 60k(current liquidity) | $344.5 | 3.44% |
| 90k | $134.5 | 1.34% |
| 120k | $28 | 0.28% |
| 130k | 0 | 0 |
| 180k | -$80 |
<aside> 1️⃣ Simulation 1: $\Delta y=10,000$ ; $\Delta y_a = 10,000$.
</aside>
| Liquidity | Attacker’s Net Profit | Profit rate |
|---|---|---|
| 60k(current liquidity) | $928 | 4.6% |
| 90k | $541 | 2.7% |
| 120k | $340 | 1.7% |
| 150k | $216 | 1.1% |
| 180k | $132 | 0.66% |
| 210k | $72 | 0.36% |
| 240k | $26 | 0.13% |
| 270k | 0 | 0 |
<aside> 2️⃣ Simulation 2: $\Delta y=10,000$ ; $\Delta y_a = 20,000$.
</aside>