Validator attacks Ethereum's MEV bot, escapes with nearly $20 million
Several experts including the former Ethereum Foundation member posed questions on trusting validators.
Highlights
- Total $20 million of loss was noticed amid validator’s attack on Ethereum bot
- OtterSec, blockchain auditor, observed the attack to be linked with front-running
- The $20 million in stolen money has been dispersed across three wallets
As per the recent information, Ethereum MEV bots were reportedly attacked by one of the blockchain's validators, causing a loss of roughly $20 million.
What is MEV and the overall attack?
In an effort to increase earnings, transaction validators adopted a technique known as ‘maximum extractable value’ or MEV. The transaction validators through this technique included, excluded or changed the sequence of transactions in a block.
In the wake of this attack, OtterSec, blockchain auditor, said that the overall attack happened inside the single Ethereum block, which was forced by the validator into the block to steal money that was eventually assumed to have been obtained by bot through front-running. The process of front-running is designed to scan the blockchain for pending transactions. The scanning then allows traders to pay more gas fee, which eventually allows miners to process their transactions first to front-run a major trade that manipulates the market pricing.
While describing the attack, OtterSec also revealed that the validator behind the attack had funded its wallet via privacy layer Aztec Network more than two weeks prior, indicating the attack to be pre-planned.
Biggest attack since September
Hudson Jameson, a former member of the Ethereum Foundation, claimed in a tweet that the attack could alter the MEV ecosystem since it will leave MEV extractors wondering as to which Ethereum validators are malicious and which are not.
The role of MEV flashbots includes using a technique known as ‘sandwich attacks’ to defraud users of value, just before and after the victim makes their own transaction. The overall alteration in the base price allows bots to steal user’s money and is thus considered as one of the biggest MEV bot attacks since September.
The incident was first reported on Twitter by smart contract developer, 3155.eth. The $20 million in stolen money has been dispersed across three wallets, according to blockchain investigator Peckshield.
