Events Add an event Speakers Talks Collections
 
IC3 Blockchain Camp 2021
July 25, 2021, Online
IC3 Blockchain Camp 2021
Request Q&A
IC3 Blockchain Camp 2021
From the conference
IC3 Blockchain Camp 2021
Request Q&A
Video
MEV Wat Do
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Add to favorites
475
I like 0
I dislike 0
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
  • Description
  • Transcript
  • Discussion

About the talk


About speaker

Philip Daian
PhD Student at Cornell Tech

Hi, I'm Phil! I'm a researcher, second year PhD student, and software engineer with a passion for computer security and applied cryptography. My research interests span several computer science subfields. My current work primarily covers cryptocurrencies and smart contracts.

View the profile
Share

Suffield, Diane is a PhD student in computer science at Cornell University and he has advised by our a jewels. I think he's renamed to talk to Mev. What do which I love? I think we just get started. Phil, you want to take away? Yeah, I've begun everyone. Yeah, Clockwork finances. Actually a placeholder. It's kind of the umbrella for all the projects we're doing and I see three for this kind of decentralized framework to study m e d. So I figured because of him, no smoking, right after me and because we have a spicy panel later on we're going to debate the tensions between Mev In

fairness. I thought it would be more fun to kind of give this talk a little modified version to stalk. I've given once or twice so hopefully not too many people have seen it but if you have, there's some different stuff, I promise. And this talk is basically about what we do about any beat a roadmap for Akron. Thorny problem of MTV. I encourage you to think stuff to clean deeply about everything. I make is Amber a bunch of claims and I would love to discuss this more in. Try to find some hypotheses that we can study on any be going forward. So let's start with

like a five-minute intro to what is any bee. And I'm going to use this example that I'm used at ic3b can't force. If you remember this from last time. I don't know. Bunch of you were also at the presentation this morning about Eunice Locke and what was talking about there was basically creating this contract this more contraction in here in which maintains this explains. Why you okay invariant and how that kind of lets you bootstrap decentralized exchange. So what is x * y? Porque mean in this contract is going to hold to access your evening USD. And the top of the some of the

side effects of the balances in his two assets is going to be a constant. So he has one for Simplicity but cigarette the contracts are still being 18 1st 1 and 11. I love you a lot, and want to make trades on it. So you're Alice wants to sell him and Bob wants to buy $0.50 to be similar to as they would in any other Market. So in this case, Alice goes first, she sends her, eat the contract, the contract now has to eat for the k. X * Y is now to which is not a consonant variant the way we want. So to bring that came back. The one with contract is going to send Alice back half dollar of

u.s. Dollars u.s. Dollar coin. So now there is to eat in the contract and fifty cents for a pair of Taylor store and what Alice has done this. You successfully sold for the market. Price of a automated market-maker contract is offering here, which is 50 Cent. Nobody wants to do the same thing. He says is, 150 USD K is now 4:00. So let's meet at one point five to eat back to restore the K of one and have to exchange. That doesn't require any counterparty where anyone can just trade at any time. But there's a fly in the

ointment, which is what if instead in these two traits. Bob goes first, if you're going to send the contract, makes a cat. Two point five. He's going to get back Point 16th to restore point, for Ethan, 2.5 USD in the contract for a K1. I was not going to go again Center East of the contract, which now has 1.40 makes making a case of 3.5 and she's going to have received back Dollar $0.80 in USD for her. So what's the difference here in in cryptocurrency systems? The differences, which order the transactions were included in and in the

left order Bob? That's a better deal. So far. He gets 1.5 eat for his USD 2.65 side. Alice got the better deal. So here she's getting a dollar a day for her. Who picks the winners and losers in the system, and who picks, which users, get better prices in, which users that were spices? That's what is concept of mine. Retractable, value comes in and this is something we talked about it a few times today. And it's a measure of how much cryptocurrency a malicious validator in proof of work. System of this is a minor, but it doesn't have to be an extract from a system by Rio during

answering and or inserting new transactions or otherwise behaving maliciously on a cryptocurrency network. So basically as if a minor is, isn't going to just manipulate the market and extract as much money as possible from a system. How much are they going to make? That quantity is what we refer to as the enemy be formally. This basically talks about a set of user transactions T. So this is a set of transactions in the world that are in flight on the network. This would be Allison Bob's transaction. The Beatles example, initial state is

this is the state of the world. This is, how much in USD the units. Contract has at the beginning of execution. And this basically is determined by the current state of the blockchain in a set of contracts eat. So these are the set of contract that miners know about and can insert their own transactions, or otherwise use to pull off Meb extraction. Why do we have the set of contracts if we could allow minors to use any contracts? They could potentially have a contract that stores like trillions of dollars or they could have contracts. That create a new zero-day exploits that we

can't model in the sea. Does somebody have to bound a basically what actions the miners know about in? This is how we do it. What is the three degrees of freedom are inserting censoring and reordering? Either all-important? Anybody specifically? It's a lot of people talk about any of the yezda profit miners to make some reordering, that's not correct. Mrs. Quite a lot of anybody. So any any system that kind of, just handles ordering only and also doesn't handle insertion. Censorship is not a solution to m e d and it's not kind of tackling this fundamental issue. It's really a combination of all

these three powers. That's very important. So any day is super important practice to understand why any of these important important understand why we created the definition of the first place. So the definition was kind of specified in in Flatbush, 2.0 and follow-on work and toss. I've been given getting kind of since that time is because anybody as a kind of state space, search problem, unifies, all of these previously, disparate fields of study, that seemed totally destroyed. So, one example is arbitrage and this refers to the study of box on Wall Street,

high-frequency Traders, and other programmatic actress or extracting money from Trading, trading firms high-frequency trading firms more advanced hedge fund Anthony's about that, sell user order flow. All kind of phone is this category, the seven categories exploitation. So how do you get the X-ray cost of a system? What is it mean for something to be? But turns out that in defy, you can actually qualified listen to find his through Meb. The next one is verification release. The sulfur, security literature is a lot of work that I work early. In

this space include things. Like kevn. She's a former model for 97 virtual machine in a formal semantic language and there's a lot of literature on how do we program out? If we analyzed the smart contracts, people writing and pull out, and prove useful, a Safety and Security properties, for the next one is blocking in contempt of security was also created to talk about how they're doing cuz it's for the brakes when there's too much and this is something worth seeing in practice. Today with the real our discussion on Twitter that maybe we'll get you in the channel coming up next. And the last

thing is composability. So, how do you obtain the security of various defy instruments? How do you measure the security of multiple contracts composed together? It turns out you can actually also do this through. So remember this is our definition of Meb and it really unifies all of these fields of study into a single problem, which we can quantify and actually get a tan. One more point about interviews composability point. So the point here is basically how much energy is there in the total system and how do we measure this? Well, look at the Bob fading on uniswap. Let's say a minor

problem making that move steel Alice's want to eat that. She's trying to trade Bob's dollar fifty cents, plus all the money store in the contract. This is 1e. + $2. + 150 + 28, + 28, + $2.50. Now, let's say Carol and David come along, and they want to place a bet on whether a third was a lot or a little money. They create this new contract gold price which looks at the state of the swap contract and use it as a priest, Oracle basically uses this as a proxy for what is the next real price on a network and using that

they can physically decentralized that without using any extra work was like kind of heard in the units earlier. So, Carolyn Dave East and 1000 East into this. Contract was just look at the state of this in the future and then pay Skyler, Dave depending on whether there's more ether US dollars in his contract. Well, now you increase the end of your system to 2002 East but some of these bats plus all beside 2,000 plus all the original. Any be here is that when you're doing security of your application and when you're measuring a security, you also need to reason about every

other contract that's being deployed in the system and every other contract on a network that may use or affect the security of your contract is pretty good news. I live in when we're building complex, derivatives for holes and other systems, that probably felt. So you may have a security analysis has totally tight, but you may have someone else come in and be a bad citizen on the network, what you actually reduce the thirty of your original contract in your original by giving minors or validator. Using his wealthy Define, smart contract,

composability, and what it means for two contracts to come close to Fairlee a contract. See a contract seat was with a new contract speed, fine in States, a set of States. That's fine. If adding c-prime to see doesn't expose more Mev, then having just be by myself, this new contract, the end of the world does not increase. That means these two things, composed by Norm, just mean that is bounded by Sum function. So obviously, add a new contract will always increase. It may be a little bit, but we don't want to see something like this was an unbounded. I'm in

Columbus Universal composability, hit. All contracts. They should say see how? Sorry she from you, so you can post as universally get no matter what other contract you add, and no matter what state you start in, the Mev kind of does not change. This is very rare in, practice is only for like isolated contract. Okay, so that's in for that movie. So let's kind of go to a high level and talk a little bit to esophagus about. Why does this matter? Why are we here? What are we building? And when we do about this reminder, this is nakamoto's

white paper. This is the original security argument for Nakamoto style, consensus boar, boar Bitcoin. I'm basically says the system is secure as long as honest as we can, for Morsi to power than any Whopper. The really really care about and why most people are interested in Bitcoin my hypothesis. It has nothing to do with CPU power. It has to do with with the economic argument that having more CPU power requires more money, and therefore is hacking. The system is expensive. This is especially true. Once we have liquid stain sticking in mining products, delegation and bribery

infrastructure when you can even when someone else is Hash power, the economic security argument really comes into play, right? Because it doesn't matter who controls Morsi to power. It matters to me, right? Morsi to power. And that's a much more economic argument. So we're here because we want both systems that are economically robust and secure and it's not enough to Simply both systems that are secure when you assume that the participants in the system were honest. So what does it mean for MTV? Well, what this means is that any of you actually opens up a

whole bunch of games in the protocol where the rational behavior is not to do the default for the software. It could be some other transactions to censor or other validators in the system. This is something that was originally planned out for fees in a paper on the instability of decline without the Walker Award. But it also holds if you view, Mev, as if the abstraction and the cut the consequence of this game here is basically clear, is that anyone who plays the game purely expectedly purely for profit and doesn't care about ethics and doesn't care. About

honesty is going to be more profitable in the system and people who do not. And what this means is that people who are not ethical about any be people who don't care. We just go for profit are going to have a vector to concentrate money and see if you cowards of themselves in the system that's very direct with their influences. Increase through this Behavior. Who sings I'm selfish mining Act of any of the extraction 51% attacks on the blockchain forming minor. Cartels that sensor each other or fix prices exedra. Scooby-Doo solar system. Still has to be able to exist in the storm

users and provide the state of security properties. Even in the universe, would be above incentives, are set up and exist because that is the universe. We find ourselves in today as a community and sent, it is so strong. It really is self-defeating to the goals of creating a robust system to extract any Visa, Bop. What do I mean by this extraction? Rapidly concentrate CPU power to people who are engaging in it, where does concentration need everyone to engage in extraction to the best of their abilities? Why? Because this is going to lower the margin of validator unfairness, that's

created. Remember when people are in different regulatory regimes? When people have different investor relationships are trade-off preferences. Any actor that leaves energy on a table directly? Leave it on the table for people who are willing to attack the system and who are willing to use these exploits. And again, remember the point of Bitcoin and ethereum is to build systems that are robots against actors, like nation-states, private corporations that are cynical and extracted all of these actors are going to extract any be, right. So for the remaining ones, for the honest ones,

we need to make sure that power is not sight and away from them by these actors. Nothing is going to go to watch, talk to a lot of stickers and alligators and eat and eat two in the space. And and most of them just aren't willing to leave it on the table, right? So assuming we're going to exist in this reality or any of Aegis of hers and is like left out there for everyone in my opinion is it's a fallacy and it's a little bit naive because that's simply not. When you're making the business case seminar, operating on razor-thin margins, not taking an available Edge. Is simply not.

So, I think a lot of was debating, this community has come about, you know, any of the extraction is, basically, you know, is trying burglary like letting people break into users houses break down their doors in Mafia thugs, whatever it might be. And this is kind of a joke. I had in my blog post about it and it, again, it relates to the fierce argument that like cryptocurrencies exist to, to operate and to move power on a geopolitical power scale. Right? We are building these systems to be relevant International and to be relevant to geopolitics. If not, then as a

system of money, they've patently fails. And when you look at the power dynamics between nation states, when you look at things like the cold cyber-espionage war, that's going on between the United States, Russia and China right now on three different operation or any other technology that's involved in geopolitical conflict. The technology does end up getting developed to the maximum extent pretty much University. Right and there are many, many actors who operate on boxing today. You will have to ask me no problem attacking block sings the remedy,

absolutely no problem. If they don't have a problem, having you as elections, we won't have a problem having you to talk to us. So we have to deal with it and have to deal with these people. And we have to build systems that are robust against that, we can kind of stick our heads in the sand and say, like these attacks will not happen because we kind of assumed them away, or because we're all kind of nice in here for good purposes. That's not the case. All right, so we have to deal with any of the. What about just changing layer one? Or changing the protocols that we use to eliminate any

be? There was just no more any of you left in the universe, right? That is also a fallacy in my opinion. So any V. Comes from these three fundamental places in my view in Washington. And this is something that I will link to your blog post. That I go kind of more in-depth into this on. But this is an argument for why we will never be able to reduce any B20, you know, that this does not mean that we can't do things like reduce sandwiching, a tax. I'm going to swap reduce specific kinds of predatory, Mev, excetera. That's not what I'm saying at all. I'm not

saying that what I'm saying is that we will never be able to take any B20, no matter what kind of Silver Bullet. We have no matter what kind of protocol and no matter, what kind of technical solution weather is chain, link us, whether it's arbitrum, whether it's whatever you want to call it. You're not going to have a technology box that takes this problem away. Why? That's because energy comes from three different places in a systems that were building transportability interoperability and different models. So I'm going to go through these one at a time, but this one is

transportability. What does it mean when one of the things that we need to build and decentralized systems is sun lotion of auditability. You need to have a user that comes in with little to no information and audits that the system is working properly that there money still there that other people have behaved as they expected that. The system has not reached an unexpected State. We need this to be centralized trust. If I can't have any insight into the system. Verismo decentralisation of trust. It is something that's like really truly fundamental, and not one lies in any academic work. But

to me, it's very, very clear, that Autumn abilities required for desensitization a good example, would because he cash in the right. That is technically open source and technically out there, but if someone who has the bog is not possible, potentially for some classic bugs to audit that and that is a major centralization Vector, kind of the few people who understand that your poxy in general. If you want to be centralized plus you need to let people audit their own systems. And if you want to be with me, be centralized way and I didn't this past that we've been exploring, you need to be

with cryptographically, you need to do this with mathematical kind of physical world Assurance. Is that their data has not been tampered with? And we use entropy for that. We use for tography. Use signatures, right? As soon as you've done that, you've also introduced probability in the system. So I was an article from 2018 with code is a great day for access the systems Collections and other star systems basically says that once you can generate these transcripts, you can sell people, or people can buy from you certain actions on your transcripts and that's a very

difficult. I'm in dire straits on TV because as long as we're using assistance for people or things of value, and as long as users can be bribed or as long as certain, he was the first certain outcomes to others, there will be a financial incentive for them to incentivize certain outcomes and that directly create a meeting with this is never going away, doesn't matter. What kind of barrel ordering you use. There was still be an incentive alcheme over album, B & B property by users for that, and you'll still be able to go that infrastructure. So that is not going on the second

song of why anybody is fundamental is interoperability. So let me see. In. Is it ride in different blocks, made with very different truck models. And execution models, who is Bitcoin, which has very little in shop ability with other systems in there with the program ability has very, very high interoperability. You can program any strength, validation strip. You can have like lions brother chain excetera Cosmos. Again, as I drop my Bluetooth different on each his own in their system in this program, a programmable her application. So anytime we have these different

systems, people are using and you have information flowing across the boundaries that's going to create some sort of incentive to make these two systems interoperate the Arbitrage, their prices together to ensure they have the same Oracle data, whatever it might be, there is some Financial incentives to make sure data flowing across these boundaries is instinct. And anytime you have composability also have wrist was one of these things, or both might fail. And you need to be subject to the set of both of their guarantee is rather than just a single World here. So anytime you have a

risk and have an incentive to do something, you're creating basic mean arbitration. So this Arbitrage game across systems, that device profits from risk. This is a movie and its fundamental to having multiple custom that you can Arbitrage information. What is the movie Supply systems? It's not like everyone in here, going to get this Prophet. Right? Which ever bought is running this Arbitrage, whichever set of actors are involved here. They're the ones who get the car. So, that is that is by definition. A meeting last week, diapers trust models.

So another source of any of these that people just don't trust the same things in their life, right? Example of a house, which is a family of fairness, protocols. You're going to hear about. In the next month. You can use to stop my nose from interfering in your transaction worker. Is four different protocols that are all part of the Epic Pass family, and described in the paper. They all have different properties. As soon as I'm on my way home. Is there, any option they have different properties?

And again, there's a question of which notes do you use? Right? So like these Protocols are also planned arise on which know they're running. It. It's a large number of nose, receive some transactions for another then we out for the first the rich notes, right. So even though you have finished protocols on paper, you need to check your neck is real and it's very very unlikely that the entire world is going to agree on a single tennis protocol a single set of knows. You're probably going to have many different parents protocols that are running in parallel. And as soon as you have

that you have any be. So any personal playlist, Miami Vibes, I needed a universal right? Will always be no always carry. You always have to assume something about the world to get send definition of parents. That fundamental. I say this reduces libertarian pipe dream of the Universal Property ledger. So it's me kind of crapping on my Maximus. I think there's this inherent idea in like the climax in was in that which one is the one who Ledger and everyone will agree on that and should agree on that as we once were and that is a fantasy people. Just do not agree on

single letters of any kind of expecting them to agree on a single thing. As protocol. My opinion is also quite. So therefore arbitraging between the edges is also always going to create any be an aunt who invented buys information Plumbing in traffic on them and Arbitrage. Otherwise, they're not going to have any activity. You're not going to get information from the outside walls and so disincentives to all the information across from this, but it must Excel create them in the same way that these custom suit is the same

argument. So what are we saying? Was saying there is no one truth notion of fairness and this creates Meb. I'm also relying on a committee saying, you have some committee that you trust to be honest. In my opinion is rationally. Self-defeating. You can see the previous argument on kind of nation state, economics and rationality. I think the only reason decline has not been attacked now, is because it is actually expected. So, moving that, so kind of socialist option. I think it's very dangerous glasses back to a world of fuss and Building Systems, perhaps that one, be a few

things more in that style. Which I think is self-defeating for the goal, the whole Lasting is any of you is actually a good thing sometimes permission the system so I can use Swap and he is in some ways applied for Boss to come and bring the price to the market price. If there's a bigger centralized exchange on Lake about loans, in collateral, me to get repossessed. Someone needs to pay gas for that. But who pays the gas, especially if the gas bikes is his boss that are incentivised by getting a percentage of your collateral when it's Liquidators. And that is a bribe, an smed. And

without it to make it for the call Eva wouldn't work or what have to rely on a mission. Status of actress. Duty stipulations. Both of which I saw you. At the same thing with order book, liquidity and other contract, like crypto, kitties, and games, and things like that, often Drive users to pay gas to do things like both new cards, create new systems, Des excetera. And this isn't our only defense lawyers information. That's because the Mev is permission. Listen to extract by anyone. If this couldn't be extracted by anyone, then the

systems are not permissionless. If this can be extracted by anyone, when I feel like that, Dave's attention between permission systems and Meb kind of laid there. And that means that there are actually for the balls I want to build using. I mean, I don't want to reduce any because he doesn't even want to allow predatory any video. They won't allow all kinds of them, but they can't build systems in a world where any of these Heroes is not possible for them. And that's not because they're profiting from any vehicle because they don't understand. It's because you understand how they kind

of needed massive additional systems. All right, misconceptions about my fault that I wanted address because we're going to have a longer panel discussion. After me him, not kind of shoe fits to see if you count points at you next. I'm not saying that I need to not be reduced from today. That is not what I'm saying. There are many ways to reduce the freedom that miners have in in doing things like sandwich and used to determine if we and other forms of many a purchase do the Spanish, Protocols are not the only one. There was a good post. I

think it was by Tom Schmidt recently tweeted it. So, feel free to scroll down on Twitter. A little bit, basically, laying out, how you can reduce any be through by the Temple's protocol, negotiation and restructuring. Do not saying anything, should not even the mice. I'm also not saying any of you is a virtue. I'm not saying like you were staying for extracting. Any of it is required to make systems work in irrational, contacts. That nothing said I see it as a necessary evil, right? So we need to deal with this. We need to handle it, we should reduce it, and we shouldn't shy away from it.

But we also shouldn't glorify it and and increase it. I'm also not saying today. System is the is the is the most recent are so like, I'm not saying it started a workout. Today is like amazing and like to keep it the way it is today at all. Actually, you know, we all work very hard. I think an ic3 and Anthony and personally to move this is important status quo. And I am saying or name is apps and TV come from. That's that are designing kind of intentionally this way. As I said the device best Contracting, the previous life and carefully. Anything

in your protocol and be really careful with silver bullets. One part of the bottom like ordering especially, you know, if they're all kind of Fantastical claims made about like reducing energy 20 or something like that. That is something you should think. They're hard about what it is. Actually, this is my name on the everyday on Twitter. I get at least four people who are like I made a new protocol to reduce Mev and it's been happening since 2018 and they all fundamentally do very similar things and yet no one has adopted any of them, but I think it's important to think

about why not. And I don't think that's because none of them will ever be adopted. But certainly they are not acceptable. If you want to read more about this post with the full contents of the slide. This picture is how I summarize. My Mev Journey. When we first discovered MTV kind of around 2018 and last letter to leave you with some conclusions on what we do about this. So if you were that, your job is to limit and Evie strictly. What is required? An intern, if you are you. You have to understand that may be behind the systems or using

if you're building a layer one or later to you have to design or redesign with Meb awareness. And if your mind or you have to maximize extraction efficiency. Last thing I want to talk about, hold on. Hey, how's it going? Hey that nice to meet you in five minutes. I'm giving a talk right now. Almost. Absolutely. Right. So laughing I want to say is actually maximizing the Semi V kind of has a video game style format to it. So basically given the state of the world, instead of user transactions, finding profitable nevez game that people

are playing, today is a love like various different distribution. If you care more about this, I highly recommend this podcast, it's 3 hours, long that goes in-depth about like what do people extracting energy on the network look like today? And you know, how rare the funk. So super, super bass. Highly recommended and that's it. That's all I have to. Thank you so much, happy to take questions from the panel cuz we'll have time for your overtime.

Cackle comments for the website

Buy this talk

Access to the talk “MEV Wat Do”
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free

Full access

Get access to all videos “IC3 Blockchain Camp 2021”
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Ticket

Interested in topic “Blockchain”?

You might be interested in videos from this event

April 23 - 24, 2019
Singapore
23
671
bitmain, blockchain, crypto, cryptocurrency, fintech, fundraising, game, government, investment

Similar talks

Mahimna Kelkar
CS PhD Student at Cornell University
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Philip Daian
PhD Student at Cornell Tech
+ 1 speaker
Mahimna Kelkar
CS PhD Student at Cornell University
+ 1 speaker
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Arthur Gervais
Lecturer (Assistant Professor) at Imperial College London
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free

Buy this video

Video
Access to the talk “MEV Wat Do”
Available
In cart
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free
Free

Conference Cast

With ConferenceCast.tv, you get access to our library of the world's best conference talks.

Conference Cast
949 conferences
37757 speakers
14408 hours of content