On May 15, the United States Department of Justice (DOJ) filed charges against Anton and James Peraire-Bueno, accusing them of orchestrating an attack on the Ethereum network that resulted in the transfer of $25 million from MEV bots to the defendants. The DOJ claims that the brothers manipulated the ordering of blocks through their Ethereum validators, constituting wire fraud. The charges have sparked a debate within the crypto community, with some arguing that the brothers were victims of the MEV bots, while others believe they exploited a flaw in the system. The technical nature of the case has further complicated the discussion, as terms like “MEV,” “searchers,” and “sandwich attacks” are being used without universal understanding. In this article, we will explore how the brothers allegedly carried out their attack.
MEV, or maximal extractable value, refers to the maximum value that can be extracted from a block of transactions based on their ordering. Some trades on the Ethereum network are more advantageous if they are prioritized. For example, a trader who wants to buy a large amount of Ether (ETH) at a low price would not want another trader to buy it first, as it may drive up the price. To prevent this, trades can be submitted directly to a whitelist of block-builders, bypassing the mempool where transactions are visible to other devices on the network.
However, some traders still submit their transactions to the mempool, making them vulnerable to sandwich attacks. In a sandwich attack, a bot copies and executes a trader’s transaction before it can be processed, causing the trader to pay a higher price. To execute a successful sandwich attack, the bot must pay a gas fee that is less than the profit it will make from the attack. This maximum gas fee is referred to as MEV.
The Peraire-Bueno case specifically involves bots attempting to perform a sandwich attack. The MEV ecosystem has evolved to address this issue. Flashbots, a system used by most nodes today, allows bots to hide their profitable transactions until they are added to the blockchain, preventing them from being copied. Traders can also hide their trades to defend against sandwich attacks.
According to the indictment, the Peraire-Bueno brothers exploited the Flashbots MEV system by creating Ethereum validator nodes and publishing “bait” transactions that appeared to be lucrative MEV opportunities. They used these test transactions to determine how to ensure that their transactions would be included in a relay’s block. Once they were confident, they waited for one of their nodes to be chosen as a block producer and published “lure” transactions that they wanted included in a block. These transactions were picked up by searchers and included by a relay. The brothers’ node then produced a fake signature to propose the relay’s block. The relay published the contents of its block, and the brothers reordered it with their real signature, causing the reordered block to be confirmed by other validators.
In the original block proposed by the relay, searchers purchased illiquid tokens, pushing up their prices. The brothers then purchased these tokens at a higher price, transferring stablecoins into the exchange’s liquidity pool. The searchers unloaded the tokens, draining the pool of stablecoins, and the brothers sold their tokens into the drained pool. In the reordered block, the brothers purchased the tokens first, pushing up their prices. The searchers then purchased more tokens, draining them from the pool and replacing them with stablecoins. The brothers sold their tokens into the pool, draining most of the stablecoins out of it. The searchers attempted to resell their tokens but failed due to the lack of liquidity in the pool. As a result, the brothers profited $25 million in stablecoins, while the searchers lost the same amount.
The DOJ considers this action as wire fraud, as the lure transactions and fake signature were material representations made to deceive the MEV bots. The case has sparked controversy within the crypto community, with some arguing that the brothers were unfairly charged, while others believe they exploited a flaw in the MEV system. The indictment has raised concerns about the potential regulation of Ethereum and the treatment of sandwich attacks and front-running. While the practice of obtaining MEV has been controversial, there have been no previous cases of victims prosecuting MEV bots for wire fraud.