[iameli]

Love whitehat crypto postmortems like this. They always read like heist movies.

Curious about the use of SparkPool to bypass the mempool and get the transactions minted directly into a block. It looks like anyone can sign up and contribute their hashrate to SparkPool. Is there a risk of malicious miners running workers in their competitors' pools and then frontrunning?

[bodski]

AFAIK only the pool operator can see the full set of transactions for the block being mined. Pool workers only get to see the block header for the new block. This header only contains the hashed root of the transaction tree, and so they are unable to front-run private transactions in this way.

[iameli]

That makes sense, ty