Abstract
As an integral part of the decentralized finance (DeFi) ecosystem, decentralized exchanges (DEXs) with automated market maker (AMM) protocols have gained massive traction with the recently revived interest in blockchain and distributed ledger technology (DLT) in general. Instead of matching the buy and sell sides, automated market makers (AMMs) employ a peer-to-pool method and determine asset price algorithmically through a so-called conservation function. To facilitate the improvement and development of AMM-based decentralized exchanges (DEXs), we create the first systematization of knowledge in this area. We first establish a general AMM framework describing the economics and formalizing the system’s state-space representation. We then employ our framework to systematically compare the top AMM protocols’ mechanics, illustrating their conservation functions, as well as slippage and divergence loss functions. We further discuss security and privacy concerns, how they are enabled by AMM-based DEXs’ inherent properties, and explore mitigating solutions. Finally, we conduct a comprehensive literature review on related work covering both DeFi and conventional market microstructure.
- [1] 2021. Defi Pulse. Retrieved from https://defipulse.com/.Google Scholar
- [2] 2021. Ethereum Improvement Proposals - EIP-20: Token Standard. Retrieved from https://eips.ethereum.org/EIPS/eip-20.Google Scholar
- [3] 2021. Rug Pull. Retrieved from https://coinmarketcap.com/alexandria/glossary/rug-pull.Google Scholar
- [4] . 2018. Uniswap Whitepaper (v1). Retrieved from https://hackmd.io/C-DvwDSfSxuh-Gd4WKE_ig.Google Scholar
- [5] . 2020. Uniswap v2 Core. Retrieved from https://uniswap.org/whitepaper.pdf.Google Scholar
- [6] . 2021. Uniswap v3 Core. Retrieved from https://uniswap.org/whitepaper-v3.pdf.Google Scholar
- [7] . 2020. Taming callbacks for smart contract modularity. ACM Program. Lang. 4, OOPSLA (
11 2020), 30.DOI: Google ScholarDigital Library - [8] . 2021. A mechanism to detect and prevent Ethereum blockchain smart contract reentrancy attacks. Front. Comput. Sci. 3 (2021), 1. Google ScholarCross Ref
- [9] . 2021. Ampleforth Home Page. Retrieved from https://www.ampleforth.org/.Google Scholar
- [10] . 2020. mStable — Introducing Constant Sum Bonding Curves for Tokenised Assets. Retrieved from https://medium.com/mstable/introducing-constant-sum-bonding-curves-for-tokenised-assets-6e18879cdc5b.Google Scholar
- [11] . 2020. Improved price oracles: Constant function market makers. In Advances in Financial Technologies. ACM, New York, NY, 80–91.
DOI: Google ScholarDigital Library - [12] . 2021. A note on bundle profit maximization. Retrieved from https://angeris.github.io/papers/flashbots-mev.pdf.Google Scholar
- [13] . 2021. A Note on Privacy in Constant Function Market Makers. Retrieved from http://arxiv.org/abs/2103.01193.Google Scholar
- [14] . 2021. Replicating Market Makers. Retrieved from http://arxiv.org/abs/2103.14769.Google Scholar
- [15] . 2018. Mastering Ethereum: Building Smart Contracts and Dapps. O’Reilly Media.Google Scholar
- [16] . 2017. Hijacking Bitcoin: Routing attacks on cryptocurrencies. In IEEE Symposium on Security and Privacy (SP). 375–392.Google Scholar
- [17] . 2021. Arbitrum – Scaling Ethereum. Retrieved from https://arbitrum.io/.Google Scholar
- [18] . 2017. A survey of attacks on Ethereum smart contracts (SoK). In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 10204. Springer Verlag, 164–186.
DOI: Google ScholarDigital Library - [19] . 2021. Liquidity Bootstrapping Pools (LBPs). Retrieved from https://docs.balancer.fi/products/balancer-pools/liquidity-bootstrapping-pools-lbps.Google Scholar
- [20] . 2022. Swap Fees. Retrieved from https://docs.balancer.fi/concepts/fees#swap-fees.Google Scholar
- [21] . 2020. Announcing Bancor V2. Retrieved from https://blog.bancor.network/announcing-bancor-v2-2f56b515e9d8.Google Scholar
- [22] . 2020. Bancor V2.1 Technical Explainer. (2020). Retrieved from https://drive.google.com/file/d/16EY7FUeS4MXnFjSf-KCgdE-Xyj4re27G/view.Google Scholar
- [23] . 2021. FAQs - Bancor Network. Retrieved from https://docs.bancor.network/faqs#how-does-impermanent-loss-insurance-work.Google Scholar
- [24] . 2021. SoK: Lending pools in decentralized finance. In Workshop Proceedings of Financial Cryptography and Data Security. Springer, Berlin, 553–578.
DOI: Google ScholarDigital Library - [25] . 2021. A theory of automated market makers in DeFi. In International Conference on Coordination Languages and Models. 168–187.
DOI: Google ScholarDigital Library - [26] . 2021. SoK: Mitigation of Front-running in Decentralized Finance.
Technical Report . https://eprint.iacr.org/2021/1628.Google Scholar - [27] . 2021. P2DEX: Privacy-preserving decentralized cryptocurrency exchange. In Applied Cryptography and Network Security. Springer International Publishing, Cham, 163–194.
DOI: Google ScholarDigital Library - [28] . 2022. Ferveo: Threshold Decryption for Mempool Privacy in BFT Networks. Cryptology ePrint Archive (2022).Google Scholar
- [29] . 2021. Explained: The DODO DEX Hack. Retrieved from https://halborn.com/explained-the-dodo-dex-hack-march-2021/.Google Scholar
- [30] . 2019. Privacy-preserving solutions for blockchain: Review and challenges. IEEE Access 7 (2019), 164908–164940.Google ScholarCross Ref
- [31] . 2021. Blank Features beyond Basic Privacy (#2): Protecting Your IP in DeFi. Retrieved from https://blankwallet.medium.com/blank-features-beyond-basic-privacy-2-protecting-your-ip-in-defi-11bc76f2d67b.Google Scholar
- [32] . 2020. ZEXE: Enabling decentralized private computation. In IEEE Symposium on Security and Privacy. IEEE, 947–964.
DOI: Google ScholarCross Ref - [33] . 2012. A bayesian market maker. In ACM Conference on Electronic Commerce.
DOI: Google ScholarDigital Library - [34] . 2018. Enter the hydra: Towards principled bug bounties and exploit-resistant smart contracts. In USENIX Security Symposium. 1335–1352. Retrieved from https://www.usenix.org/conference/usenixsecurity18/presentation/breindenbach.Google Scholar
- [35] . 2020. Mooniswap by 1inch.exchange. Retrieved from https://mooniswap.exchange/docs/MooniswapWhitePaper-v1.0.pdf.Google Scholar
- [36] . 2020. Zether: Towards privacy in a smart contract world. In International Conference on Financial Cryptography and Data Security. 423–443.Google ScholarDigital Library
- [37] . 2018. Bulletproofs: Short proofs for confidential transactions and more. In IEEE Symposium on Security and Privacy (SP). 315–334.Google Scholar
- [38] . 2020. Burgerswap: Decentralized Finance Platform. (2020). Retrieved from https://burgerswap.org/whitepaper_burgerswap.pdf.Google Scholar
- [39] . 2021. Why Crypto Rug Pulls Happen in DeFi and How to Avoid It. Retrieved from https://learn.bybit.com/investing/why-crypto-rug-pulls-happen-in-defi/.Google Scholar
- [40] . 2021. Flashot: A Snapshot of Flash Loan Attack on DeFi Ecosystem. (
1 2021). Retrieved from http://arxiv.org/abs/2102.00626.Google Scholar - [41] . 2021. The Adoption of Blockchain-based Decentralized Exchanges: A Market Microstructure Analysis of the Automated Market Maker. (2021).
DOI: Google ScholarCross Ref - [42] . 2021. Compositional security for reentrant applications. In IEEE Symposium on Security and Privacy. IEEE, 1249–1267.
DOI: Google ScholarCross Ref - [43] . 2020. A survey on Ethereum systems security. ACM Comput. Surv. 53, 3 (
6 2020).DOI: Google ScholarDigital Library - [44] . 2020. Phishing scam detection on Ethereum: Towards financial security for blockchain ecosystem. In International Joint Conferences on Artificial Intelligence. 4506–4512.Google ScholarCross Ref
- [45] . 2019. Ekiden: A platform for confidentiality-preserving, trustworthy, and performant smart contracts. In IEEE European Symposium on Security and Privacy (EuroS&P). 185–200.Google Scholar
- [46] . 2021. How Liveness Separates CFMMs and Order Books. Retrieved from https://angeris.github.io/papers/cfmm-ob.pdf.Google Scholar
- [47] . 2020. Thoughts on DeFi Security. A deep dive into the Uniswap and... by ConsenSys. ConsenSys Media. Retrieved from https://media.consensys.net/thoughts-on-defi-security-640dde37bb3b.Google Scholar
- [48] . 2019. ConsenSys/Uniswap-audit-report-2018-12. Retrieved from https://github.com/ConsenSys/Uniswap-audit-report-2018-12#31-liquidity-pool-can-be-stolen-in-some-tokens-eg-erc-777-29.Google Scholar
- [49] . 2022. Token-based insurance solutions on blockchain. Blockchains and the Token Economy: Theory and Practice. Springer International Publishing, Cham, 237–260. Google ScholarCross Ref
- [50] . 2022. SoK: Yield aggregators in DeFi. In IEEE International Conference on Blockchain and Cryptocurrency (ICBC). IEEE, 1–14.
DOI: Google ScholarCross Ref - [51] . 2015. Secure Multiparty Computation. Cambridge University Press.Google ScholarCross Ref
- [52] . 2020. Block Timestamp Manipulation Attack. Retrieved from https://cryptomarketpool.com/block-timestamp-manipulation-attack/.Google Scholar
- [53] . 2020. GIV Balancer Listing and Staking Rewards Updates. Retrieved from https://cryptolocally.medium.com/giv-balancer-listing-and-staking-rewards-updates-81ebb5843e58.Google Scholar
- [54] . 2020. Flash Boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability. In IEEE Symposium on Security and Privacy (SP). IEEE, 910–927.
DOI: Google ScholarCross Ref - [55] . 2020. SushiSwap Will Withdraw Up to $830M from Uniswap Today: Why It Matters for DeFi. Retrieved from https://www.coindesk.com/sushiswap-uniswap-migration-defi-amm-wars.Google Scholar
- [56] . 2021. Resource-aware session types for digital contracts. In IEEE 34th Computer Security Foundations Symposium (CSF). 1–16.Google Scholar
- [57] . 2021. Geyser: Staking Rewards for Uniswap Liquidity Providers. Retrieved from https://medium.com/trips-community/geyser-staking-rewards-for-uniswap-liquidity-providers-115afc6f5c07.Google Scholar
- [58] . 2022. Dexes TVL Rankings. Retrieved from https://defillama.com/protocols/Dexes.Google Scholar
- [59] . 2021. An Analysis of Ethereum Front-running and Its Defense Solutions. Retrieved from https://globalcoinresearch.com/2021/05/04/an-analysis-of-ethereum-front-running-and-its-defense-solutions/.Google Scholar
- [60] Alex Gedevani. 2020. Delphi digital. Layer 2: Rollups.
Technical Report .Google Scholar - [61] . 2021. Uniswap proposal: Managing Systemic Risk in Uniswap’s Community Treasury using KPI Options. Retrieved from https://gov.uniswap.org/t/temperature-check-should-we-be-managing-systemic-risk-in-uniswaps-community-treasury-using-kpi-options/12624.Google Scholar
- [62] . 2021. DODO Pool Incident Postmortem: With a Little Help from Our Friends. Retrieved from https://medium.com/dodoex/dodo-pool-incident-postmortem-with-a-little-help-from-our-friends-327e66872d42.Google Scholar
- [63] . 2021. How to Create a Pool? Retrieved from https://dodoexhelp.zendesk.com/hc/en-us/articles/900005558243-How-to-create-a-pool-.Google Scholar
- [64] . 2020. DODO – A Next-Generation On-chain Liquidity Provider Powered by Pro-active Market Maker Algorithm. Retrieved from https://dodoex.github.io/docs/docs/whitepaper/.Google Scholar
- [65] . 2015. Toward de-anonymizing Bitcoin by mapping users location. In 5th ACM Conference on Data and Application Security and Privacy. 139–141.Google ScholarDigital Library
- [66] . 2021. Trade Now on Layer 2. Retrieved from https://dydx.exchange/blog/public.Google Scholar
- [67] . 2021. No Sandwich, Please!—Popular DeFi Attack Strategy Analysis. Hackernoon (
5 2021). Retrieved from https://hackernoon.com/no-sandwich-please-popular-defi-attack-strategy-analysis-jk1734rf.Google Scholar - [68] . 2019. StableSwap-efficient mechanism for Stablecoin liquidity. Retrieved from https://curve.fi/files/stableswap-paper.pdf.Google Scholar
- [69] . 2022. Zswap: zk-SNARK based non-interactive multi-asset swaps. Proc. Privac. Enhanc. Technol. 4 (2022), 507–527.
DOI: Google ScholarCross Ref - [70] . 2020. SoK: Transparent dishonesty: Front-running attacks on blockchain. In Lecture Notes in Computer Science, Vol. 11599. Springer, 170–189.
DOI: Google ScholarCross Ref - [71] . 2020. Types. Retrieved from https://docs.soliditylang.org/en/latest/types.html.Google Scholar
- [72] . 2021. Layer 2 Rollups. Retrieved from https://ethereum.org/en/developers/docs/scaling/layer-2-rollups/.Google Scholar
- [73] . 2021. Scaling. Retrieved from https://ethereum.org/en/developers/docs/scaling/.Google Scholar
- [74] . 2021. TruAmpl (TMPL) Token Tracker. Retrieved from https://etherscan.io/token/0xfcb755b046ea9b9bc4586db4018b49c5a02e3d1c.Google Scholar
- [75] . 2021. About EulerBeats. Retrieved from https://eulerbeats.com/about.Google Scholar
- [76] . 2020. Liquidity Provider Returns in Geometric Mean Markets. (
6 2020). Retrieved from http://arxiv.org/abs/2006.08806.Google Scholar - [77] . 2020. Reentrancy vulnerability identification in Ethereum smart contracts. In IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE). 22–29.
DOI: Google ScholarCross Ref - [78] . 2020. Application-layer DDoS defense with reinforcement learning. In IEEE/ACM 28th International Symposium on Quality of Service (IWQoS). 1–10.Google Scholar
- [79] . 2022. University blockchain research initiative (UBRI): Boosting blockchain education and research. IEEE Potentials (2022).
DOI: Google ScholarCross Ref - [80] . 2021. Uniswap V3 Introduces New License to Spoil Future SUSHIs. Retrieved from https://www.coindesk.com/tech/2021/03/23/uniswap-v3-introduces-new-license-to-spoil-future-sushis/.Google Scholar
- [81] . 2021. ‘‘Continuous Vampire Attack’’: The AMM Wars Are Getting Interesting with Integral - CoinDesk. Retrieved from https://www.coindesk.com/tech/2021/03/29/continuous-vampire-attack-the-amm-wars-are-getting-interesting-with-integral/.Google Scholar
- [82] . 1976. Market microstructure. J. Finan. Econ. 3, 3 (
6 1976), 257–275.DOI: Google ScholarCross Ref - [83] . 2021. Tracer: Perpetual swaps. Retrieved from https://www.tracer.finance/static/Tracer%20Perpetual%20Swaps-ea826cb7819c7655e078119ee7acf83e.pdf.Google Scholar
- [84] . 2009. Fully homomorphic encryption using ideal lattices. In 41st Annual ACM Symposium on Theory of Computing. 169–178.Google Scholar
- [85] . 2019. ZK Rollup: scaling with Zero-knowledge Proofs. Retrieved from https://pandax-statics.oss-cn-shenzhen.aliyuncs.com/statics/1221233526992813.pdf.Google Scholar
- [86] . 2020. Custom Market Maker—Gnosis Developer Portal Gnosis Protocol. Retrieved from https://docs.gnosis.io/protocol/docs/intro-cmm/.Google Scholar
- [87] . 1994. Definitions and properties of zero-knowledge proof systems. J. Cryptol. 7, 1 (1994), 1–32.Google ScholarDigital Library
- [88] . 2007. On best-possible obfuscation. In Theory of Cryptography Conference. 194–213.Google ScholarCross Ref
- [89] . 2022. Privacy-preserving decentralized exchange marketplaces. In IEEE International Conference on Blockchain and Cryptocurrency (ICBC). IEEE, 1–9.Google ScholarCross Ref
- [90] . 2021. BSC DeFi app “Pancakebunny” Releases Post-mortem of $2.4 Million Exploit. Retrieved from https://cryptoslate.com/bsc-defi-app-pancakebunny-releases-post-mortem-of-2-4-million-exploit/.Google Scholar
- [91] . 2018. An investigation into a denial of service attack on an Ethereum network. In Proceedings of the 16th Australian Information Security Management Conference, 90 pages.Google Scholar
- [92] . 2020. SoK: Layer-two blockchain protocols. In Financial Cryptography and Data Security, Vol. 12059 LNCS. Springer, Cham, 201–226.
DOI: Google ScholarDigital Library - [93] . 2020. The decentralized financial crisis. In Crypto Valley Conference on Blockchain Technology (CVCBT). IEEE, 1–15.
DOI: Google ScholarCross Ref - [94] . 2021. Autonomous Pricing. Retrieved from https://docs.gyro.finance/gyroscope-protocol/stablecoin/autonomous-pricing.Google Scholar
- [95] . 2021. Gyroscope, the New All-weather Stablecoin. Retrieved from https://gyro.finance/.Google Scholar
- [96] . 2020. Scaling blockchains: A comprehensive survey. IEEE Access 8 (2020), 125244–125262.
DOI: Google ScholarCross Ref - [97] . 2021. Weekly DEX Volume. Retrieved from https://dune.xyz/queries/4323/8547https://github.com/flashbots/pm.Google Scholar
- [98] . 2003. Combinatorial information market design. Inf. Syst. Front. 5, 1 (2003), 107–119. Retrieved from http://hanson.gmu.edu.Google ScholarDigital Library
- [99] . 2012. Logarithmic markets scoring rules for modular combinatorial information aggregation. J. Predict. Mark. 1, 1 (
12 2012), 3–15.DOI: Google ScholarCross Ref - [100] . 2020. Harvest Flashloan Economic Attack Post-mortem. Retrieved from https://medium.com/harvest-finance/harvest-flashloan-economic-attack-post-mortem-3cf900d65217.Google Scholar
- [101] . 2022. Eliminating sandwich attacks with the help of game theory. In Asia Conference on Computer and Communications Security. ACM, New York, NY, 153–167.
DOI: Google ScholarDigital Library - [102] . 2018. Bancor Protocol Continuous Liquidity for Cryptographic Tokens through Their Smart Contracts. (2018). Retrieved from https://storage.googleapis.com/website-bancor/2018/04/01ba8253-bancor_protocol_whitepaper_en.pdf.Google Scholar
- [103] . 2021. The security reference architecture for blockchains: Toward a standardized model for studying vulnerabilities, threats, and defenses. IEEE Commun. Surv. Tutor. 23, 1 (
1 2021), 341–390.DOI: Google ScholarCross Ref - [104] . 2019. Will 2020 Be the Year of DEX? Retrieved from https://medium.com/@kidinamoto/will-2020-be-the-year-of-dex-ac7dfb6276e8.Google Scholar
- [105] . 2019. Smart contract security: A software lifecycle perspective. IEEE Access 7 (2019), 150184–150202.Google ScholarCross Ref
- [106] . 2021. Intro. HydraDX Docs. Retrieved from https://docs.hydradx.io/.Google Scholar
- [107] . 2020. What Is a Vampire Attack? SushiSwap Saga Explained. Retrieved from https://finematics.com/vampire-attack-sushiswap-explained/.Google Scholar
- [108] . 2019. SoK: A Taxonomy for Layer-2 Scalability Related Protocols for Cryptocurrencies. Retrieved from https://eprint.iacr.org/2019/352.pdf.Google Scholar
- [109] . 2012. A Comparison of Different Automated Market-maker Strategies. 2009–2012. Retrieved from http://www.cs.allegheny.edu/jjumadinova/market-maker_AMEC.pdf.Google Scholar
- [110] . 2020. First Mover: SushiSwap’s Billion-dollar “Rug Pull” Is Thriller to Crypto Geeks - CoinDesk. Retrieved from https://www.coindesk.com/markets/2020/09/08/first-mover-sushiswaps-billion-dollar-rug-pull-is-thriller-to-crypto-geeks/.Google Scholar
- [111] . 2019. Preventing DEX Front-running with Enigma. Retrieved from https://blog.enigma.co/preventing-dex-front-running-with-enigma-df3f0b5b9e78.Google Scholar
- [112] . 2021. (Almost) Everything You Need to Know about Optimistic Rollup. Retrieved from https://research.paradigm.xyz/rollups.Google Scholar
- [113] . 2016. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In IEEE Symposium on Security and Privacy (SP). 839–858.Google Scholar
- [114] . 2021. Dynamic automated market makers for decentralized cryptocurrency exchange. In IEEE International Conference on Blockchain and Cryptocurrency (ICBC). IEEE, 1–2.
DOI: Google ScholarCross Ref - [115] . 2021. Kyber 3.0: Architecture Revamp, Dynamic MM, and KNC Migration Proposal. Retrieved from https://blog.kyber.network/kyber-3-0-architecture-revamp-dynamic-mm-and-knc-migration-proposal-acae41046513.Google Scholar
- [116] . 2020. A survey on the security of blockchain systems. Fut. Gen. Comput. Syst. 107 (2020), 841–853.Google ScholarDigital Library
- [117] . 2017. A survey of blockchain security issues and challenges.Int. J. Netw. Secur. 19, 5 (2017), 653–659.Google Scholar
- [118] . 2018. ReGuard: Finding reentrancy bugs in smart contracts. In IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion). IEEE, 65–68. Google ScholarDigital Library
- [119] . 2020. Random Ordering of Equally-priced Transactions Incentivises Competitive Spam. Retrieved from https://github.com/ethereum/go-ethereum/issues/21350.Google Scholar
- [120] . 2020. Uniswap and the rise of the decentralized exchange. Retrieved from https://mpra.ub.uni-muenchen.de/103925/1/MPRA_paper_103925.pdf.Google Scholar
- [121] . 2019. NeuCheck: A more practical Ethereum smart contract security analysis tool. Softw.: Pract. Exper. 51, 10 (2019).Google Scholar
- [122] . 2016. Making smart contracts smarter. In ACM SIGSAC Conference on Computer and Communications Security. ACM, New York, NY, 254–269.
DOI: Google ScholarDigital Library - [123] . 2021. $50M Drained from Uranium Finance: Hack or Rug Pull? (2021). Retrieved from https://cryptopotato.com/50m-drained-from-uranium-finance-hack-or-rug-pull/.Google Scholar
- [124] . 2020. Achieving reliable timestamp in the bitcoin platform. Peer-to-peer Netw. Applic. 13, 6 (2020), 2251–2259.Google ScholarCross Ref
- [125] . 2020. Trading and arbitrage in cryptocurrency markets. J. Finan. Econ. 135, 2 (2020), 293–319.Google ScholarCross Ref
- [126] . 2017. Decentralized exchange. Amer. Econ. Rev. 107, 11 (
11 2017), 3320–3362.DOI: Google ScholarCross Ref - [127] . 2021. DeFi ‘‘Rug Pull’’ Scams Pulled in $2.8B This Year: Chainalysis. (
12 2021). Retrieved from https://www.coindesk.com/markets/2021/12/17/defi-rug-pull-scams-pulled-in-28b-this-year-chainalysis/.Google Scholar - [128] . 2021. Introducing Balancer V2: Generalized AMMs. Retrieved from https://medium.com/balancer-protocol/balancer-v2-generalizing-amms-16343c4563ff.Google Scholar
- [129] . 2019. Balancer: A Non-custodial Portfolio Manager, Liquidity Provider, and Price Sensor. (2019). Retrieved from https://balancer.finance/whitepaper/.Google Scholar
- [130] . 2021. Distributed financial exchanges: Security challenges and design principles. IEEE Secur. Priv. 19, 1 (
1 2021), 54–64.DOI: Google ScholarDigital Library - [131] . 2022. Do Not Rug on Me: Zero-dimensional Scam Detection. arXiv preprint arXiv:2201.07220 (2022).Google Scholar
- [132] . 2018. Security vulnerabilities in Ethereum smart contracts. In Proceedings of the 20th International Conference on Information Integration and Web-Based Applications & Services (iiWAS’18). Association for Computing Machinery, New York, NY, 375–380. Google ScholarDigital Library
- [133] . 2013. Zerocoin: Anonymous distributed e-cash from Bitcoin. In IEEE Symposium on Security and Privacy. 397–411.Google Scholar
- [134] . 2021. $280 million stolen per month from crypto transactions. Cybernews (2021). Retrieved from https://cybernews.com/crypto/flash-boys-2-0-front-runners-draining-280-million-per-month-from-crypto-transactions/.Google Scholar
- [135] . 2020. BDoS: Blockchain denial-of-service. In ACM SIGSAC Conference on Computer and Communications Security. ACM, New York, NY, 601–619.
DOI: Google ScholarDigital Library - [136] . 2021. Why Locking Liquidity Is Important for Cryptocurrency. Retrieved from https://hackernoon.com/why-locking-liquidity-is-important-for-cryptocurrency-qv4d37hd.Google Scholar
- [137] . 2016. Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction. Princeton University Press.Google ScholarDigital Library
- [138] . 2021. How Ethereum Layer 2’s Are Leveling Up DeFi. Retrieved from https://www.nasdaq.com/articles/how-ethereum-layer-2s-are-leveling-up-defi-2021-06-08.Google Scholar
- [139] . 2015. Efficiency in decentralized oligopolistic markets. J. Econ. Theor. 157 (
5 2015), 315–348.DOI: Google ScholarCross Ref - [140] . 2020. YieldSpace: An Automated Liquidity Provider for Fixed Yield Tokens. (2020). Retrieved from https://yield.is/Yield.pdf.Google Scholar
- [141] . 2015. Ring Signature confidential transactions for Monero.IACR Cryptol. ePrint Arch. 2015, 1098.Google Scholar
- [142] . 2020. Notional AMM. Retrieved from https://docs.notional.finance/traders/technical-topics/notional-amm.Google Scholar
- [143] . 2021. Notional Finance. Retrieved from https://notional.finance/.Google Scholar
- [144] . 2021. PancakeSwap: A Perpetual Vampire? - Delphi Digital. Retrieved from https://members.delphidigital.io/reports/pancakeswap-a-perpetual-vampire/.Google Scholar
- [145] . 2021. Flash Crash for Cash: Cyber Threats in Decentralized Finance. (
6 2021). Retrieved from https://arxiv.org/abs/2106.10740v1.Google Scholar - [146] . 2021. Optimism home page. Retrieved from https://optimism.io/.Google Scholar
- [147] . 2013. A practical liquidity-sensitive automated market maker. ACM Trans. Econ. Computat. 1, 3 (
9 2013), 1–25.DOI: Google ScholarDigital Library - [148] . 2011. Liquidity-sensitive automated market makers via homogeneous risk measures. In Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7090. Springer, Berlin, 314–325.
DOI: Google ScholarDigital Library - [149] . 2020. Uniswap/Lendf.Me Hacks: Root Cause and Loss Analysis. Retrieved from https://peckshield.medium.com/uniswap-lendf-me-hacks-root-cause-and-loss-analysis-50f3263dcc09.Google Scholar
- [150] . 2020. Value DeFi Incident: Root Cause Analysis. Retrieved from https://peckshield.medium.com/value-defi-incident-root-cause-analysis-fbab71faf373.Google Scholar
- [151] . 2021. Liquidations: DeFi on a knife-edge. In Financial Cryptography and Data Security. Retrieved from http://arxiv.org/abs/2009.13235.Google ScholarDigital Library
- [152] . 2020. Revisiting transactional statistics of high-scalability blockchains. In ACM Internet Measurement Conference. ACM, New York, NY, 535–550.
DOI: Google ScholarDigital Library - [153] . 2021. vAMM. Retrieved from https://docs.perp.fi/getting-started/how-it-works/vamm.Google Scholar
- [154] . 1996. Interdealer trade and information flows in a decentralized foreign exchange market. In The Microstructure of Foreign Exchange Markets. University of Chicago Press, 73–106. Google Scholar
- [155] . 2015. Augur: a decentralized, open-source platform for prediction markets. Retrieved from https://cryptochainuni.com/wp-content/uploads/Augur-A-Decentralized-Open-Source-Platform-for-Prediction-Markets.pdf.Google Scholar
- [156] . 2020. Tracing cryptocurrency scams: Clustering replicated advance-fee and phishing websites. In IEEE International Conference on Blockchain and Cryptocurrency (ICBC). 1–8.Google ScholarCross Ref
- [157] . 2020. Cheese Bank’s Multi-million-dollar Hack Explained by Security Firm. Retrieved from https://cointelegraph.com/news/cheese-bank-s-multi-million-dollar-hack-explained-by-security-firm.Google Scholar
- [158] . 2021. The Easiest Way to Hedge Crypto. Retrieved from https://www.pods.finance/.Google Scholar
- [159] . 2021. Ethereum’s Internet of Blockchains. Retrieved from https://polygon.technology/.Google Scholar
- [160] . 2016. A Hacking of More Than $50 Million Dashes Hopes in the World of Virtual Currency. Retrieved from https://www.nytimes.com/2016/06/18/business/dealbook/hacker-may-have-removed-more-than-50-million-from-experimental-cybercurrency-project.html.Google Scholar
- [161] . 2019. Security analysis methods on Ethereum smart contract vulnerabilities: A survey. arXiv preprint arXiv:1908.08605 (2019).Google Scholar
- [162] . 2021. An empirical study of DeFi liquidations. In 21st ACM Internet Measurement Conference. ACM, New York, NY, 336–350.
DOI: Google ScholarDigital Library - [163] . 2022. Quantifying blockchain extractable value: How dark is the forest? In IEEE Symposium on Security and Privacy.Google Scholar
- [164] . 2021. Attacking the DeFi ecosystem with flash loans for fun and profit. Financial Cryptography and Data Security. Borisov Nikita and Diaz Claudia (Eds). Springer, Berlin, Heidelberg, 3–32.Google Scholar
- [165] . 2020. QuickSwap FAQ. Retrieved from https://quickswap-layer2.medium.com/welcome-to-quickswap-exchange-93d47e057633.Google Scholar
- [166] . 2021. Aggregation in blockchain ecosystem. In International Conference on Software Defined Systems (SDS). IEEE, 1–6.
DOI: Google ScholarCross Ref - [167] . 2021. Blockchain-based decentralized replay attack detection for large-scale power systems. IEEE Trans. Syst. Man Cyber. Syst. 52, 8 (2021).Google Scholar
- [168] . 2019. A survey on DNS security issues and mitigation techniques. In International Conference on Intelligent Computing and Control Systems (ICCS). IEEE, 781–784. Google ScholarCross Ref
- [169] . 2022. Rango Docs. Retrieved from https://docs.rango.exchange/.Google Scholar
- [170] . 2020. Report: Blockchain Price Oracle Manipulation Produces Millions in Losses, Shows No Signs of Slowing – Altcoins Bitcoin News. Retrieved from https://news.bitcoin.com/report-blockchain-price-oracle-manipulation-produces-millions-in-losses-shows-no-signs-of-slowing/.Google Scholar
- [171] . 2021. The 51% Attack. Retrieved from https://privacycanada.net/cryptocurrency/51-attack/.Google Scholar
- [172] . 2020. Carbon trading with blockchain. In Mathematical Research for Blockchain Economy. Springer, 105–124.
DOI: Google ScholarCross Ref - [173] . 2020. The Yield Protocol: On-chain Lending with Interest Rate Discovery.
Technical Report . Yield Protocol.Google Scholar - [174] . 2019. Sereum: Protecting existing smart contracts against re-entrancy attacks. In Network and Distributed System Security Symposium. Internet Society.
DOI: Google ScholarCross Ref - [175] . 2019. Exploring the attack surface of blockchain: A systematic overview. arXiv preprint arXiv:1904.03487 (2019).Google Scholar
- [176] . 2021. Saber. Solana AMM and DEX. Retrieved from https://saber.so/.Google Scholar
- [177] . 2022. SoK: Decentralized finance (DeFi). arXiv. https://arxiv.org/abs/2101.08778.Google Scholar
- [178] . 2014. Zerocash: Decentralized anonymous payments from Bitcoin. In IEEE Symposium on Security and Privacy. 459–474.Google Scholar
- [179] . 2020. Smart contract: Attacks and protections. IEEE Access 8 (2020), 24416–24427.Google ScholarCross Ref
- [180] . 2021. Decentralized finance: On blockchain-and smart contract-based financial markets. Fed. Res. Bank St. Lou. Rev. 103, 2 (2021), 153–174.
DOI: Google ScholarCross Ref - [181] . 2020. Impermanent Losses in Uniswap-Like Markets. Retrieved from https://dsenchenko.medium.com/impermanent-losses-in-uniswap-like-markets-4315359ea9b1.Google Scholar
- [182] . 2021. Layer 2 Blockchain Scaling: A Survey. arXiv preprint arXiv:2107.10881 (2021).Google Scholar
- [183] . 2018. Blockchain State Machine Representation. (2018).
DOI: Google ScholarCross Ref - [184] . 2021. SIREN Markets Summary. (2021). Retrieved from https://siren.xyz/whitepaper.Google Scholar
- [185] . 2013. Prediction market performance and market liquidity: A comparison of automated market makers. IEEE Trans. Eng. Manag. 60, 1 (
2 2013), 169–185.DOI: Google ScholarCross Ref - [186] . 2021. TWAP Oracles vs. Chainlink Price Feeds: A Comparative Analysis. Retrieved from https://smartcontentpublication.medium.com/twap-oracles-vs-chainlink-price-feeds-a-comparative-analysis-8155a3483cbd.Google Scholar
- [187] 2021. StarkNet. Retrieved from https://starkware.co/product/starknet/.Google Scholar
- [188] . 2021. Trustless, Privacy-preserving Blockchain Bridges. (2021). Retrieved from http://arxiv.org/abs/2102.04660.Google Scholar
- [189] . 2021. Mutation testing for integer overflow in Ethereum smart contracts. Tsinghua Sci. Technol. 27, 1 (2021), 27–40.Google ScholarCross Ref
- [190] . 2020. The SushiSwap Project. Retrieved from https://sushiswapchef.medium.com/the-sushiswap-project-dd6eb80c6ba2.Google Scholar
- [191] . 2018. (Short paper) towards more reliable Bitcoin timestamps. Crypto Valley Conference on Blockchain Technology (CVCBT’18), 101–104.
DOI: Google ScholarCross Ref - [192] . 2021. Privacy First DeFi Sienna Network Raises $11.2 million, Takes Front-running Head on. Retrieved from https://tech.eu/brief/privacy-first-defi-sienna-network-raises-11-2-million-takes-front-running-head-on/.Google Scholar
- [193] . 2021. What Is a “Rug Pull” in Crypto? DeFi Exploits Explained. Retrieved from https://www.europeanbusinessreview.com/what-is-a-rug-pull-in-crypto-defi-exploits-explained/.Google Scholar
- [194] . 2021. Frontrunner Jones and the raiders of the dark forest: An empirical study of frontrunning on the Ethereum blockchain. In 30th USENIX Security Symposium (USENIX Security’21). 1343–1359.Google Scholar
- [195] . 2018. Securify: Practical security analysis of smart contracts. In ACM Conference on Computer and Communications Security (
10 2018), 67–82.DOI: Google ScholarDigital Library - [196] . 2020. Flash Swaps. Retrieved from https://uniswap.org/docs/v2/core-concepts/flash-swaps/.Google Scholar
- [197] . 2022. Liquidity provider fees. Retrieved from https://docs.uniswap.org/protocol/V2/concepts/advanced-topics/fees#liquidity-provider-fees.Google Scholar
- [198] . 2021. Temperature Check - [Fee Switch V2 should be turned on]. Retrieved from https://gov.uniswap.org/t/temperature-check-fee-switch-v2-should-be-turned-on/13537.Google Scholar
- [199] . 2021. How It Works - OUSD.
Technical Report . Origin Protocol. Retrieved from https://docs.ousd.com/how-it-works.Google Scholar - [200] . 2021. Regulatory considerations on centralized aspects of defi managed by DAOs. In FC International Workshops. Vol. 12676 LNCS. Springer, 21–36.
DOI: Google ScholarDigital Library - [201] . 2022. State of research: increasing censorship resistance of transactions under proposer/builder separation (PBS). Retrieved from https://notes.ethereum.org/@vbuterin/pbs_censorship_resistance.Google Scholar
- [202] . 2021. Detecting and Quantifying Wash Trading on Decentralized Cryptocurrency Exchanges.
DOI: Google ScholarDigital Library - [203] . 2017. SkyShield: A sketch-based defense system against application layer DDoS attacks. IEEE Trans. Inf. Forens. Secur. 13, 3 (2017), 559–573.Google ScholarCross Ref
- [204] . 2020. Towards Understanding Flash Loan and Its Applications in DeFi Ecosystem. Retrieved from http://arxiv.org/abs/2010.12252.Google Scholar
- [205] . 2021. ProMutator: Detecting vulnerable price oracles in DeFi by mutated transactions. In IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 380–385.Google Scholar
- [206] . 2020. Automated Market Makers for Decentralized Finance (DeFi). Retrieved from http://arxiv.org/abs/2009.01676.Google Scholar
- [207] . 2017. 0x: An open protocol for decentralized exchange on the Ethereum blockchain. Retrieved from https://github.com/0xProject/whitepaper/blob/master/0x_white_paper.pdf.Google Scholar
- [208] . 2020. Hegic: On-chain Options Trading Protocol on Ethereum Powered by Hedge Contracts and Liquidity Pools.
Technical Report . Hegic. Retrieved from https://github.com/hegic/whitepaper/blob/master/HegicProtocolWhitepaper.pdf.Google Scholar - [209] . 2021. SushiSwap Drained UniSwap of $1 Billion in Liquidity and No One Knows Who Was Behind It to This Day. The Business of Business. Retrieved from https://www.businessofbusiness.com/articles/satoshi-30-billion-bitcoin-sushiswap-uniswap-defi-summer-crypto-anonymity-sybil-attacks/.Google Scholar
- [210] . 2020. Who are the phishers? Phishing scam detection on Ethereum via network embedding. IEEE Trans. Syst. Man Cyber. Syst. 52, 2 (2020).Google Scholar
- [211] . 2021. Trade or trick? Detecting and characterizing scam tokens on Uniswap decentralized exchange. Proc. ACM Measur. Anal. Comput. Syst. 5, 3 (
12 2021), 1–26.DOI: Google ScholarDigital Library - [212] . 2008. Monitoring the application-layer DDoS attacks for popular websites. IEEE/ACM Trans. Netw. 17, 1 (2008), 15–25.Google ScholarDigital Library
- [213] . 2022. Reap the harvest on blockchain: A survey of yield farming protocols. IEEE Transactions on Network and Service Management (2022).
DOI: Google ScholarCross Ref - [214] . 2022. From banks to DeFi: The evolution of the lending market. In Enabling the Internet of Value. Springer, 53–66.
DOI: Google ScholarCross Ref - [215] . 2022. A short survey on business models of decentralized finance (DeFi) protocols. In Workshop Proceedings of Financial Cryptography and Data Security.
DOI: Google ScholarCross Ref - [216] . 2022. DeFi vs TradFi: Valuation Using Multiples and Discounted Cash Flow.
DOI: Google ScholarCross Ref - [217] . 2022. Blockchain stretching & squeezing: Manipulating time for your best interest. In Proceedings of the 23rd ACM Conference on Economics and Computation. 65–88.Google ScholarDigital Library
- [218] . 2021. Ethereum Average Gas Price. Retrieved from https://ycharts.com/indicators/ethereum_average_gas_price.Google Scholar
- [219] . 2021. Mitigating Sandwich Attacks in Kyber DMM. (2021). Retrieved from https://repository.tudelft.nl/islandora/object/uuid%3A58ac3b00-10fb-44cd-b1eb-1e1139c39fd7.Google Scholar
- [220] . 2020. Economic games as estimators. In Mathematical Research for Blockchain Economy. Springer, Cham, 125–142.
DOI: Google ScholarCross Ref - [221] . 2020. From curved bonding to configuration spaces. In IEEE International Conference on Blockchain and Cryptocurrency (ICBC). IEEE, 1–3.
DOI: Google ScholarCross Ref - [222] . 2018. A State-space Modeling Framework for Engineering Blockchain-enabled Economic Systems. Retrieved from http://arxiv.org/abs/1807.00955.Google Scholar
- [223] . 2019. Security and privacy on blockchain. ACM Comput. Surv. 52, 3 (2019), 1–34.Google ScholarDigital Library
- [224] . 2020. SMARTSHEILD: Automatic smart contract protection made easy. In IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER). 23–34.Google Scholar
- [225] . 2020. On modeling blockchain-enabled economic networks as stochastic dynamical systems. Appl. Netw. Sci. 5, 1 (
12 2020), 19.DOI: Google ScholarCross Ref - [226] . 2021. On the just-in-time discovery of profit-generating transactions in DeFi protocols. In IEEE Symposium on Security and Privacy (SP). IEEE, 919–936.Google Scholar
- [227] . 2021. A2MM: Mitigating Frontrunning, Transaction Reordering and Consensus Instability in Decentralized Exchanges. Retrieved from http://arxiv.org/abs/2106.07371.Google Scholar
- [228] . 2021. High-frequency trading on decentralized on-chain exchanges. In IEEE Symposium on Security and Privacy. 428–445.
DOI: Google ScholarCross Ref - [229] . 2021. ZKSwap home page. Retrieved from https://zks.org/en.Google Scholar
- [230] . 2021. Analyzing and preventing sandwich attacks in Ethereum. (2021). Retrieved from www.DeFi-Sandwi.ch.Google Scholar
Index Terms
- SoK: Decentralized Exchanges (DEX) with Automated Market Maker (AMM) Protocols
Recommendations
SoK: Decentralized Finance (DeFi)
AFT '22: Proceedings of the 4th ACM Conference on Advances in Financial TechnologiesDecentralized Finance (DeFi), a blockchain powered peer-to-peer financial system, is mushrooming. Two years ago the total value locked in DeFi systems was approximately 700m USD, now, as of April 2022, it stands at around 150bn USD. The frenetic ...
Cyclic Arbitrage in Decentralized Exchanges
WWW '22: Companion Proceedings of the Web Conference 2022Decentralized Exchanges (DEXes) enable users to create markets for exchanging any pair of cryptocurrencies. The direct exchange rate of two tokens may not match the cross-exchange rate in the market, and such price discrepancies open up arbitrage ...
Concentrated Liquidity in Automated Market Makers
DeFi '21: Proceedings of the 2021 ACM CCS Workshop on Decentralized Finance and SecurityWe examine how the introduction of concentrated liquidity has changed the liquidity provision market in automated market makers such as Uniswap. To this end, we compare average liquidity provider returns from trading fees before and after its ...
Comments