 So my name is Lawrence Bridenbach. I'm from ETH Zurich and IC3 the initiative for cryptocurrencies and contracts and this right here is my body Hi, I'm Tyler. I'm with Cornell University. I'm also with IC3 and Today we're gonna be talking to you about a lip submarine a new smart contract library that you can use to temporarily hide transactions on Ethereum and Hopefully defeat front runners if you saw Phil's talk yesterday So a little bit about the background All right, here we go. Yeah, so this is based on research we did at IC3 with my colleagues Yeah, it's working Phil Dianne Florian Traumer and Ari Jules So if you're curious about the intricacies you can check out that stuff But today I'm not gonna bore you with that We're gonna dive right into sort of the motivation and then Tyler's gonna tell you a little bit about how this works So why would you want to temporarily hide transactions on Ethereum? Well, basically you want to hide transactions whenever you worry about somebody else seeing the transaction and doing something evil With the knowledge that that transaction will be included later So the typical use case would be to prevent front-running, but it's also useful for things like sealed bid auctions and things like that On-chain voting is another case where you might want to hide the fact that you're participating in a vote Share token offerings challenge protocols and maybe soon you're DAP So let me motivate this a little bit with an example in case that you want to know more about how this front-running attack would look like And I'm gonna be specifically talking about an example where we have a DEX contract similar to say Bankor or a Uniswap that is acting as a sort of automated market maker And so what happens here is that we have our user Who wants to buy some tokens say and so she broadcasts a buy transaction to the Ethereum network And now that now that transaction gets propagated on the network Sits in the mem pool for some time and is finally included in a block at which point it sort of reaches our DEX smart contract Now what a malicious user or a front-runner can do is that he can use this window of time this gap between when the transaction is broadcast And when it is included in the block Knowing that the transaction will be included in the future block But quickly sneak in in front of the transaction and sort of profit at our users expense So the way that the front-runner might be able to do this is in the simplest case by simply sandwiching this transaction So the front-runner would place a buy order in front of our users by order this by order would drive up the price Then our users by order would arrive buying at a higher price Then at which it would have bought if it hadn't been for the front-runner and then the front-runner can immediately sell again basically pocketing the spread and Benefiting at our poor users expense here and this attack is far from theoretical So there's actually a blog post out there where somebody can have computed that They could make like I don't know I think Tens of thousands hundreds of thousands maybe even millions of dollars a year just running this against Bancor and with a proliferation of more and more dexess This becomes more and more of a problem So at this point I'm going to hand over to Tyler and he's going to tell you about how we can prevent this with lip submarine Thanks Lawrence So if you notice the key problem that we have here is that there is a period of time in between a the time when a user Wants to broadcast a transaction to the network and when it's actually hardened into a block and like canonically in the chain So in that period of time a attacker can see this and then fuzz with the order So we were thinking about how do we solve this? Well, what's the key insight? Well? We can hide this transaction maybe and prevent users from or attackers from seeing this transaction And then they don't know that the transaction exists so then they can't front-run it So how do we do this? Well, we use a technique called a commit reveal scheme But a normal commit real scheme can't flow hide the flow of money, right? Because the flow of money in Ethereum has to be public. So how do we deal with this? Well, we do some cryptographic magic and we make this submarine address And so then what we do is we send this money to the submarine address in the form of a commit And then it just looks like a simple send of ether to Any address on the network which is actually some like small percentage like something like 2% of all Transactions on the network are actually simple sends so this is actually a lot of transactions that you can hide in and then later we can reveal the existence of this commit and sort of An attacker can see this reveal But by the time that they see this reveal the commit already happened and so they can't insert their own commit ahead of that commit So we can enforce an ordering of transactions for commits And then later the the smart contract can go get the money and unlock the money from the account and and and get the money And so by doing this we sort of prevent the ability to front-run transactions Thanks for that explanation Tyler. Yeah, and so this was just a short sneak peek. Unfortunately It's a little too much stuff to pack into five minutes, but if you're curious I encourage you to check out loop submarine Dordorg We're very proud of the web design at least I am although he thinks it's tacky, but Yeah, look at the details there We have links to the papers to the blog post and all of our code is open source no token required Check it out on github And yeah, don't forget to like and subscribe message us on Twitter Whatever other forms of outreach people usually encourage And finally there will be a talk by our two colleagues that we mentioned before Shianna Skandari and Stefan Gosling at The next session. I think the privacy session For something yeah, go check it out They will talk about how easy it is to actually take your existing contract and upgrade it using lip submarine to proof it against front-running