“These brothers allegedly committed a first-of-its-kind manipulation of the Ethereum blockchain by fraudulently gaining access to pending transactions, altering the movement of the electronic currency, and ultimately stealing $25 million in cryptocurrency from their victims,” said Special Agent in Charge Thomas Fattorusso of the IRS Criminal Investigation (IRS-CI) New York Field Office.
Good to know the prosecutors have an understanding of what they’re prosecuting… Not even a single mention of MEV in the DoJ press release.
Because it’s not the public mempool. It’s a private MEV mempool that people pay to add their transactions to for special priority or conditional inclusion. For instance, asshole profiteers can use it to sandwich attack traders to siphon off “market inefficiencies” or some people just want immediate front of the line inclusion in the next block.
Presumably they exploited something in this MEV system (completely unrelated to the Ethereum protocol) that allowed them to see the pool and they shouldn’t have. Wish I knew more but everything I read was incredibly vague and misleading.
gaining access to pending transactions, altering the movement of the electronic currency, and ultimately stealing $25 million in cryptocurrency from their victim
I skipped “fraudulent” because neither MEV bots nor this attack can be called fraudulent imo, although MEV is definitely taking value one didn’t help create.
Frustratingly vague for a Slashdot write-up.
Good to know the prosecutors have an understanding of what they’re prosecuting… Not even a single mention of MEV in the DoJ press release.
That makes no sense to me. The mempool is public, everyone can see pending transactions.
Because it’s not the public mempool. It’s a private MEV mempool that people pay to add their transactions to for special priority or conditional inclusion. For instance, asshole profiteers can use it to sandwich attack traders to siphon off “market inefficiencies” or some people just want immediate front of the line inclusion in the next block.
Presumably they exploited something in this MEV system (completely unrelated to the Ethereum protocol) that allowed them to see the pool and they shouldn’t have. Wish I knew more but everything I read was incredibly vague and misleading.
What’s funny is that that’s a description of MEV.
I skipped “fraudulent” because neither MEV bots nor this attack can be called fraudulent imo, although MEV is definitely taking value one didn’t help create.