Liquidswap Adds Frontrunning Protection: Don’t Let Bots Get Your Money!

Frontrunning is a serious problem for DEX users.  Aptos users suffer it less than on slower blockchains like Ethereum, but it can still be an annoying and costly experience. Frontrunning is the practice of using bots to  insert transactions into the queue to profit from price changes, forcing your trades to execute at worse rates.. Luckily, with the new Frontrunning Protection, this will be a thing of the past for our users.

TL;DR

• In traditional finance, frontrunning means using confidential information about future transactions to buy or sell a security before others do. This practice is illegal in most countries.
• In DeFi,  frontrunning generally means inserting one’s own transaction before another queued transaction to make a profit. This is possible because  of the blockchain’s transparent transaction queue (the mempool). This is often done with bots.  Frontrunning is one of many strategies based on the phenomenon of Miner’s Extractable Value (MEV): blockchain validators and miners seeking to maximize their own income by reordering transactions in blocks. MEV costs other users hundreds of millions of dollars each year.
• Users can protect themselves from frontrunning bots by paying higher gas fees or setting low slippage tolerance, but these solutions carry additional costs. A better alternative is using a DEX with built-in frontrunning resistance.
• Liquidswap is the first Aptos DEX to introduce protection from frontrunning bots. You can turn it on and off as you need, and there is no extra fee.

What is Front-Running and Why it Matters

In decentralized finance, frontrunning means using insider information about future transactions  to buy or sell an asset before everybody else does for extra profit.

Let’s say you have insider information that an investment fund is going to buy $1 million worth of an asset. You  buy some of that asset before the fund, believing  that the fund’s large buy will push the price higher. In this scenario, you would be frontrunning the fund (and other traders who buy later).

Frontrunning is considered unethical, because it disadvantages other traders. In traditional security markets, frontrunning is illegal, like all forms of insider trading and market manipulation.  

However, since crypto regulations in most countries are unclear, unenforced, or even non-existent , frontrunning in crypto is extremely common. For example, a trader on Binance recently made $100k in an hour buying GNS tokens a few minutes before the exchange announced that it was being listed, then selling them after the price pumped. They likely knew  about the listing in advance.

Front-running has also been detected on Coinbase, where up to 25% of token listings are subject to this sort of insider trading.

Frontrunning on DEX Exchanges

Decentralized exchanges are vulnerable to frontrunning because of the transparent nature of the blockchain itself. When a trader signs a DEX swap, it goes into the blockchain mempool – a queue for all the transactions waiting to be confirmed. While the swap is waiting in the queue, anyone can review its data and try to use it to their advantage. In a way, everyone who can read on-chain data has access to insider information.

But how do you front-run someone on a DEX? The answer is by paying a higher gas fee. In many networks users can decide how much to pay for gas, and miners or validators will often first pick up the transactions with the highest fee. So by offering more gas (a bribe of sorts), you can get your transaction to the front of the queue.

The most common DEX frontrunning strategy is a DEX frontrunning attack called a sandwich attack. In it, the attacker “sandwiches” a regular transaction between two of their own swaps: a buy and a sell, or vice versa. If they buy then sell, they acquire the token, hold it through a large purchase which raises the price, then sell for a profit. If they sell then buy, they unload the token, avoid the losses from a large sale, then buy it back for less.

Sandwich attack example

Imagine that you are a front-runner scanning the XXX-USDT mempool. You notice a 20,000 USDT scheduled swap on a not-so-liquid asset X, where the swapper (we’ll call him Whale) paid 0.5 USDT in gas fees. Let’s also assume that the estimated exchange rate because of  this large transaction is 2.2 USDT per XXX, up 10% from the current 2 USDT per XXX.

On AMMs, token prices move change each transaction based on the constant product formula X*Y=k. The constant k is set at the moment when a pool is created based on the initial amounts of X and Y tokens deposited in the pool. Every subsequent swap changes the ratios of X and Y and their relative prices in such a way that k remains the same (more info here).

Let’s go back to our example. You submit your own buy transaction to buy $2,000 worth of XXX at 2 USDT per XXX -- but you offer 1 USDT in fees,  far more than anyone else in the queue. At the same time, you submit a sell transaction for all the XXX that you’re about to purchase and offer the same amount in gas fees as the Whale. This way, your transaction will be executed after his purchase.

First, your buy is executed at 2.02 USDT per XXX.  Then Whale’s,  but now the price is higher than Whale expected because your transaction moved the price. Whale probably paid around 2.22 USDT per XXX.

Immediately after, your sell transaction is processed at 2.2 USDT because the transaction pushes the price back down. The final result is that you bought tokens at 2.02 and sold at 2.22: a 10% profit.

Meanwhile, Whale got fewer XXX tokens than he expected , because he paid a higher price after being frontrun by you: 2.22 vs. 2.2 (a slippage of 1%). Moreover, the price is now below his entry.

This is a very exaggerated example, because a DEX user would set their slippage tolerance well below 1%,  and would almost never accept a swap that moves the price by 10% in the first place.

DEX Frontrunning in Real Life

Real-life frontrunning is done by trading bots. They are programmed to scan queued transactions in swapping pools. Such a bot can then submit sandwich transactions that will  push the slippage to the maximum set by the real user (say, 0.5%) and still make the swap succeed.  

Bots also compete with each other and send multiple transactions to increase the chances that one of them will get processed first. The resulting profit per attack will be low, but with many such transactions, bots can earn good money.

In fact, there is a thriving market for frontrunning bots, selling  for thousands of dollars.

Sandwich attacks  are particularly popular on the Uniswap and PancakeSwap DEXs because of their high trading volumes. Also, the  blockchains they run on (Ethereum and BNB Chain) are comparatively slow, giving bots enough time to check the mempool and submit their transactions.

Here is a real example from PancakeSwap: the bot buys 6.279M Corgicoin tokens and sells them immediately after someone else’s 8.829M buy. The whole thing takes place within a single block.

Ethereum changed its gas fee structure in 2022. Instead of a single fee set by the user, now there is a base fee set by the network and a priority fee (like a tip). Since the priority fee is still  set by the user, front-runners are still very common on Uniswap.

There are many chains (e.g. Solana, Avalanche etc.) where simple Ethereum-style sandwiching isn’t possible, because a single validator cannot pick and confirm transactions. However, there are many other frontrunning and MEV strategies. Bots can simulate various transactions without confirming them to see how the state of their wallet will change - and execute them  if they make a profit.

How to Protect Yourself from Frontrunning

Regular users can protect themselves from frontrunning bots in several ways:

1. Set the maximum slippage very low, e.g. 0.1%. However, the risk of the swap failing becomes higher.
2. Pay a higher gas fee – though this increases your costs, of course.
3. Swap smaller amounts. Bots target large swaps to make the profit worth the gas fee. If you need to swap 3,000 USDT, you can split it into three transactions of 1,000 USDT each. This solution is more relevant on expensive chains like Ethereum than on Aptos, for example.
4. Trade highly liquid assets. Front-running bots prefer low-liquidity pools with fewer transactions, as they control the transaction flow more easily. Illiquid pools are also more susceptible to large price swings.

Luckily, there is a third, much more efficient way: built-in anti-bot protection. This feature already exists on 1inch (Ethereum) and SecretSwap (Secret Network), among others, but Liquidswap is the first AMM on Aptos to introduce frontrunning protection.

Liquidswap: the First Frontrunning-Resistant DEX on Aptos

How it works

When you turn on Frontrunning Protection on Liquidswap, your swap will not appear in the general Aptos mempool. Instead, it will be sent straight to validators. The transaction will remain invisible to potential sandwich bots, so they won’t be able to intercept it or use it for arbitrage. Only when the transaction is confirmed and added to a block, can everyone on the network see it.

Important: Liquidswap frontrunning protection works in the most common cases, but there are still situations where a frontrun attack can succeed. We are working on improvements that will make the protection even more secure, but in any case, you are safer with it than without it.

How to use it

Note that frontrunning protection on Liquidswap currently works only with Pontem Wallet. If you are using a different Aptos wallet (Petra, Martian, Fewcha etc.), you can easily import the account into Pontem Wallet and have access to all your assets. See the FAQ for details.

Frontrun protection is supported in all versions of Pontem Wallet: Chrome, Android, iOS, and Firefox. So you’ll be safe from bots, even when swapping from your phone!

On Liquidswap, pick a currency pair and enter the swap details. Then, click the Frontrunning Protection icon in the top right corner (the one with the red padlock).

Then confirm the swap as usual.

Liquidswap doesn’t charge any additional fee for this feature. The gas fee you’ll pay will be the same as for a regular swap. Yes, it is really that easy!

When to use frontrunning protection

If you want to swap $50 or $100 worth of APT with standard 0.50% slippage, the risk of getting frontrun is low. However, in some situations you may want to increase the slippage tolerance, such as if you need the swap process no matter what and are willing to tolerate the loss due to slippage.

If you enter a slippage value manually and Liquidswap warns you that the transaction can be frontrun, you should definitely turn on the protection or reduce slippage tolerance. But as the feature is free, you can keep it enabled at all times.

Frontrunning protection is just one of many innovations that we have planned for Liquidswap: check out the Roadmap Update for more exciting features. And don’t forget to follow Pontem on Twitter, Telegram, and Discord to get the latest updates on our Aptos DEX, wallet, NFT collections, and more.

About Pontem

Pontem Network is a product studio building t foundational dApps for Aptos. Our products  include Pontem Wallet; Liquidswap, the first DEX (AMM) for Aptos; browser code editor Move Playground; the Move IntelliJ IDE plugin for developers; and the Solidity to Move translator ByteBabel -- the first implementation of the Ethereum Virtual Machine for Aptos.