 Hello, everyone. My name is Torgan. I also work at chain security And today I'm going to be talking about what I call future block MEV In proof of stake. So what the hell is future block MEV supposed to be? To understand that first we have to talk about block production and how it changed With the merge that happened a couple weeks ago So in proof of work every miner tries to mine every single block and What that means is at no point? Can you know who the next block producer is going to be? But in proof of stake, that's a little bit different And there we actually decide ahead of time who the proposer for which block is going to be And in particular for Ethereum We use the Randall value together with the current validator set to do this And that means that you can always know all the block proposers for the current epoch and for the next epoch and Since two epochs in Ethereum take about 12 minutes. That means that if you are a validator on Ethereum You will know up to 12 minutes ahead of time when you will actually be the one that is able to produce a block So now what do you do with this information? This is what I call future block MeV so if You are the block producer for a block you can control the transactions that are included and the ordering of the transactions So if you know that in some block n plus one you are going to be Controlling that block you can do some weird stuff in the block before that in block n which you wouldn't do usually So one example of that would be that if you want to do an oracle manipulation on uniswap The way that you do that is You buy some asset like here. We have some asset that is worth one And then you buy enough of that to let's say move it to six And then the uniswap oracle will always record the price in between two blocks So it will record this price of six at the end and we'll take that into its Average that it reports now usually this would be very expensive to do because everyone would see That this price is incorrect. So there's obviously a really big arbitrage opportunity that somebody could take To like sell this asset at a higher price than what it is actually at And that means that for the attacker this would be really expensive But because now we're assuming that the attacker is actually the block producer for block n plus one they can just put their own transaction at the very beginning of the block n plus one and They can guarantee that they themselves are going to be the one that takes this arbitrage instead of anybody else So essentially they are able to hide the med From the other searchers and here we're assuming that there is some mechanism in which they can Make that first transaction in block n without going through the public mem pool So maybe they put it like through flashbots or something and that means that people will only see the transaction on chain At the point where it's already too late because the next block is going to be produced by the attacker And nobody is going to have any time to react before that happens And so one Example of what you could do is if there was a lending protocol that used such a uniswap oracle You might be able to manipulate it enough to get some To get something into the liquidation level where it can get liquidated, but it wasn't able to before and then That liquidation will be available in block n plus one and again because you control it No other searcher is going to be able to compete with you for it because you can just put your transaction Like in second position for example in that block So then you can trigger a liquidation without having to compete with all the other Searchers out there. So what are the main takeaways? first of all the block proposers improve a stake are Known in advance and that is different than it was in proof of work and second of all this information is valuable So for example, you can use it through Doing manipulations or creating MEV and hiding it like I said here But you could also imagine that you could maybe sell future block space and Guarantee that to people or you could even incentivize people to Create a lot of MEV in a block that you will control like you can imagine if there's some NFT project They might not care exactly in which block they're going to be launching so you could just tell them to launch in the block that you create and then all of the Gas that is going to be spent on minting those NFTs early is going to be in your block instead of somebody else's so I wrote a paper on Oracle manipulation and a blog post on how that changes After the merge. So if you guys are interested in learning more about the Oracle manipulation side of it I highly recommend checking it out