|
|
|
|
|
|
by schoen
2089 days ago
|
|
|
My understanding of the front-running issue in these two cases is that a human being found vulnerabilities in particular smart contracts, which would allow anyone to claim the value protected by a particular contract. The human beings wanted to use these vulnerabilities to transfer the value somewhere, such as to an escrow account or to the original owners of that value. However, since the vulnerabilities allow anyone to do this, the front-runners could take this value for themselves by noticing the humans' attempt to execute the transactions, and then more quickly executing the exact same transaction with a different destination. You can't take advantage of a "normal" cryptocurrency transaction this way because the "normal" transaction is like a super-minimal smart contract that's designed to pay only one hard-coded recipient. Therefore, that transaction either happens or doesn't happen, but its recipient can't be altered. Nor can you take advantage of a non-vulnerable smart contract this way, because the non-vulnerable smart contract can't be triggered to perform an action that its creators would consider inappropriate. But for a vulnerable smart contract, there's a series of events that would cause it to send value to an arbitrary address (and not in exchange for some other adequate compensatory value). It's this case where the front-runners want to find a way to swap in their own addresses for these transactions, and that's also why obfuscation could deter that -- making it hard for the front-runners to notice that that was possible. |
|
|