The
U.S.
Department
of
Justice
charged
two
brothers
with
orchestrating
an
attack
on
Ethereum
trading
bots,
charging
them
with
conspiracy
to
commit
wire
fraud,
wire
fraud
and
conspiracy
to
commit
money
laundering.
In
essence,
the
brothers
found
a
way
to
target
bots
that
were
frontrunning
transactions
in
a
process
called
maximal
extractable
value,
or
MEV,
which
refers
to
the
amount
of
money
that
can
be
bled
out
of
the
block
production
process
by
ordering
transactions.
Note:
The
views
expressed
in
this
column
are
those
of
the
author
and
do
not
necessarily
reflect
those
of
CoinDesk,
Inc.
or
its
owners
and
affiliates.
This
is
an
excerpt
from
The
Node
newsletter,
a
daily
roundup
of
the
most
pivotal
crypto
news
on
CoinDesk
and
beyond.
You
can
subscribe
to
get
the
full
newsletter
here.
MEV,
which
itself
is
controversial,
can
be
a
highly
lucrative
game
dominated
by
automated
bots
that
often
comes
at
blockchain
users’
expense,
which
is
partially
why
so
many
in
the
crypto
community
have
rushed
to
denounce
the
DOJ’s
complaint.
However,
this
is
hardly
a
Robinhood
situation,
where
two
brothers,
Anton
and
James
Peraire-Bueno,
of
Bedford,
Massachusetts,
were
stealing
from
the
rich
to
give
to
the
poor.
As
indicated
by
the
DOJ’s
filing,
the
brothers
brought
in
approximately
$25
million
in
at
least
eight
separate
transactions
in
what,
according
to
the
DOJ,
was
a
highly
orchestrated
and
premeditated
plot.
They
set
up
shell
companies
and
searched
for
ways
to
safely
launder
funds
to
avoid
detection.
The
highly
technical
complaint
spells
out
the
process
by
which
the
exploit
occurred,
which
the
DOJ
calls
“the
very
first
of
its
kind.”
“They
used
a
flaw
in
MEV
boost
to
push
invalid
signatures
to
preview
bundles.
That
gives
an
unfair
advantage
via
an
exploit,”
former
employee
of
the
Ethereum
Foundation
and
Flashbots
Hudson
Jameson
told
CoinDesk
in
an
interview.
Jameson
added
that
the
Peraire-Bueno
brothers
were
also
running
their
own
validator
while
extracting
MEV,
which
violates
something
of
a
gentleman’s
agreement
in
MEV
circles.
“No
one
else
in
the
MEV
ecosystem
was
doing
both
of
those
things
at
once
that
we
know
of,”
he
added.
“They
did
more
than
just
play
by
both
the
codified
and
pinky
promise
rules
of
MEV
extraction.”
“It’s
not
some
kind
of
robin
hood
story
as
they
didn’t
return
the
money
to
people
MEVers
extracted
it
from,”
pseudonymous
researcher
Banteg
said.
At
a
more
technical
level,
the
brothers
were
able
to
exploit
an
open-source
built
by
MEV
firm
Flashbots
called
mev-boost
that
gave
them
an
unequal
view
into
how
MEV
bots
were
ordering
transactions.
(Mev-boost
is
an
open-source
protocol
that
allows
different
actors
to
compete
to
“build”
the
most
valuable
blocks
by
ordering
transactions.)
“Having
access
to
the
block
body
allowed
the
malicious
proposer
to
extract
transactions
from
the
stolen
block
and
use
them
in
their
own
block
where
it
could
exploit
those
transactions.
In
particular,
the
malicious
proposer
constructed
their
own
block
that
broke
the
sandwich
bots’
sandwiches
up
and
effectively
stole
their
money,”
according
to
a
Flashbots’
post-mortem
in
2023.
In
particular,
and
central
to
the
DOJ’s
case,
is
that
the
brothers
found
a
way
to
sign
false
transactions
in
order
to
run
the
scheme.
“This
False
Signature
was
designed
to,
and
did,
trick
the
Relay
to
prematurely
release
the
content
of
the
proposed
block
to
the
defendants,
including
private
transaction
information,”
the
document
reads.
“The
invalid
header
part
is
going
to
be
the
needle
that
this
all
balances
on
I
think,”
a
crypto
researcher,
who
asked
to
remain
anonymous,
said.
“I
feel
the
indictment
indicates
that
and
therefore
it
may
actually
be
a
good
thing
that
SDNY
is
verryyyy
tech
savvy
in
this
and
clearly
layed
out
where
they
fucked
up
and
alluded
to
the
inevitability
of
MEV
in
blockchains,”
Jameson
said.
Others
have
also
noted
the
technical
sophistication
of
the
DOJ’s
argument,
which
seems
to
be
less
of
an
indictment
of
MEV
or
Ethereum
itself
than
of
an
attempt
to
profit
by
unfairly
gaining
information.
“If
you
hope
Ethereum
will
always
be
a
‘dark
forest’
where
on-chain
predators
compete
with
each
other
for
arbitrage
opportunities,
then
you
probably
dislike
this
prosecution,”
Consensys
General
Counsel
Bill
Hughes
told
CoinDesk
in
an
interview.
“Thankfully,
I
think
there
are
only
a
few
who
are
actually
like
that.
If
you
prefer
predatory
behavior
like
this
be
curtailed,
which
is
the
vast
majority,
then
you
are
likely
to
feel
the
opposite.”
See
also:
Ethereum
Has
Gatekeepers
(for
Good
Reason)
|
Opinion
“All
of
the
defendants’
preparation
for
the
attack
and
their
completely
ham-fisted
attempts
to
cover
their
tracks
afterwards,
including
extensive
incriminating
google
searches,
just
helps
the
government
prove
they
intended
to
steal.
All
that
evidence
will
look
very
bad
to
a
jury.
I
suspect
they
plead
guilty
at
some
point,”
he
added.
Still,
others
remain
convinced
that
exploiting
MEV
bots
designed
to
reorder
transactions
is
fair
game.
“It’s
a
little
hard
to
sympathize
with
MEV
bots
and
block
builders
getting
f*cked
over
by
block
proposers,
in
the
exact
same
way
they
are
f*cking
over
end
users,”
the
anonymous
researcher
said.
Jameson,
for
his
part,
said
the
MEV
is
something
the
Ethereum
community
should
work
to
minimize
on
Ethereum,
but
that
it’s
a
difficult
problem
to
solve.
For
now,
the
process
is
“inevitable.”
“Until
it
can
be
eliminated,
let’s
study
it.
Let’s
illuminate
it.
Let’s
minimize
it.
And
since
it
does
exist,
let’s
make
it
as
open
as
possible
for
anyone
to
participate
with
the
same
rules,”
he
said.
If
there
is
any
silver
lining,
the
Flashbots
team
were
able
to
patch
the
error
that
enabled
the
attack
fairly
quickly,
Cornell
Tech
professor
Ari
Juels
said.
“There
are
no
lasting
implications,”
he
added.
“There
is
of
course
an
irony
in
what
took
place:
A
thief
stealing
money
from
sandwich
bots,
which
themselves
exploit
users
in
the
view
of
many
in
the
community.”
