Arrow Icon
X Icon

Left arrow icon

The First Prechain Enforcement Action: Everything You Need To Know About The Recent DOJ Indictment

Solidus Labs
May 22, 2024

On May 15, the United States Department of Justice (DOJ) announced the arrest of two brothers on charges of conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering for exploiting the “very integrity of the Ethereum blockchain” resulting in the theft of $25 million in cryptocurrency.

What Just Happened? 

This event was a unique case of a “malicious validator”. By exploiting a vulnerability within the MEV-Boost relay protocol, the attackers manipulated and tampered with the processes by which new transactions are validated and added to the Ethereum blockchain.

This exploit enabled the malicious validator to unbundle pending transactions from an already constructed block before committing to propose the block to the network. Under normal MEV-Boost protocol, the contents of a block are hidden from the validator until the validator commits to proposing that block by signing the block header. 

In this case, the malicious validator was able to trick the MEV-Boost relay into disclosing the contents of the block before the validator committed, allowing it to unbundle the block’s transactions into a new block where it inputted its own front-run transactions, draining funds from five different MEV Bots.   

Why is it Important? 

This first-of-its-kind enforcement action by the DOJ marks a significant milestone in addressing risks within the Ethereum block-building supply chain, referred to as the “Prechain” ecosystem by Solidus Labs.

While the charges in this case stem from a cyber exploit that resulted in stolen funds, the meticulous establishment of these charges in the indictment reflects a well-informed understanding of the intricacies of  the Prechain ecosystem.

Importantly, this indictment may serve as a catalyst for other law enforcement teams, regulators, and policymakers worldwide to enhance their oversight and understanding of the Prechain ecosystem.

What Does It Mean for Market Participants? 

The DOJ states in the indictment that tampering with the established MEV-Boost protocols, which are relied upon by the vast majority of Ethereum users, threatens the stability of the Ethereum blockchain for all network participants. In this case, exploiting a vulnerability within MEV-Boost constitutes criminal activity in the form of wire fraud.

A deeper dive into the indictment also raises questions about the classification of transactions as public or private within the Ethereum block-building process. This distinction could have far-reaching implications for regulatory frameworks and the legal and compliance responsibilities of builders, relays, and validators in the Prechain ecosystem.

Solidus’ take

As law enforcement teams, regulators, and policy makers begin grappling with the legal, compliance, and potential fiduciary responsibilities of various actors in the Prechain ecosystem, from front-end applications to builders, relays, and perhaps most importantly, validators, questions will arise that must be informed by the technical aspects of the protocol. For example, if the private versus public nature of transactions flowing through the block-building lifecycle constitutes a key factor in determining potential fiduciary obligations, clarification is needed regarding the point at which a set of pending transactions becomes private.

One thing is for sure, this unprecedented indictment shines a spotlight on the Prechain ecosystem, underscoring the necessity for proactive measures and tailored solutions to mitigate its unique risks and safeguard against malicious actors.

A Deeper Dive into the Indictment

The Decentralized Nature of the Ethereum Network 

In its indictment, the DOJ explicitly defines the Ethereum network as a “decentralized blockchain that is used by millions of people across the world... [with] more than one million daily transactions...” and that “no centralized actor runs the Ethereum Network... it is run through a decentralized network of  participants across the world that operate based on a set of rules and protocols...” .

These statements are important in framing normal activity based on the protocol’s autonomous, decentralized functioning, in contrast to activities that alter this baseline.

The Role of MEV-Boost and Normative Behavior 

In its indictment, the DOJ implicitly characterized Ethereum’s block-building lifecycle and market structure as potentially normative, with embedded expectations by network participants with respect to the system’s attributes and functions. Particularly notable is the discussion around transaction (re)ordering, as it typically occurs within the bounds of the MEV-Boost protocol, including front-running and sandwiching strategies. The indictment reads:

“Tampering with these established MEV-Boost protocols, which are relied  upon by the vast majority of Ethereum users, threatens the stability and  integrity of the Ethereum blockchain for all network participants.”

The MEV-Boost protocol, even though it enables MEV extraction, some types of which might be  considered market manipulation in other contexts, is framed here as normative. In contrast, the exploit  that thwarts user expectations around norma system behavior, and relies on a “False Signature” is what constitutes fraud.

The Public or Private Nature of Transactions May Play a Role in Future Regulation

In its indictment, the DOJ characterized the exploited transactions within the initial block, the ones unbounded as part of the exploit, as “private”. The fact that they were intended to be private but then unmasked through a protocol vulnerability is a key pillar of the DOJ’s indictment.

Interested to learn more about the intricacies of staking and block-building? Get your copy of Solidus Labs' whitepaper: "Navigating Risks in the Block-Building and Staking Ecosystem"

Solidus Sync
Get our latest insights and analysis
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Loader Animation