MEV Committee -- December Report

Background

The MEV Committee is a grants-funded initiative to help the community enforce a social mitigation strategy against malicious block proposers. The committee was assigned to actively monitor, analyze, and report any potential MEV activity, so that the community may respond appropriately to bad actors.

Monthly reports are shared with the community, offering insights into our on-chain findings, actions taken to address any issues, and improvements to our workflows. In case of malicious activity, these reports also detail the incident, the parties involved, and provide recommendations for any retroactive measures the community should consider. We welcome any feedback or questions on the report!

New Dashboard

In December, we launched a new metrics dashboard (https://dydxdashboard.streamlit.app/). This dashboard, updated weekly, builds on existing tools like Observatory by adding key metrics that we believe are valuable for the community. These include:

• Total daily order book discrepancy (sourced from the Observatory Dashboard API).
• Daily trading volume (from the Lenses Dashboard by Numia).
• Percentage of daily order book discrepancy relative to daily volume.
• Additional metrics developed over recent months (average discrepancy per block, moving averages, empty blocks).

The dashboard allows users to filter by validator and compare individual metrics to the average metrics of other validators. Given that the data requires manual extraction, data refreshment will occur weekly. We use this dashboard for our own analysis, but are sharing it with the community as well in case anyone is interested in monitoring.

December Activity

In December, we observed no significant high-discrepancy events compared to prior months. This allowed us to focus on building the new dashboard and refining insights for future use. However, we did identify a new trend among a few validators that warrants community attention.

Through ongoing collaboration with validators, we investigated their configurations and setups to better understand these deviations. The findings stemmed not from isolated outlier blocks caused by market volatility but from consistent deviations in average metrics by certain validators compared to the overall network averages. These results align with our observations regarding ignored canceled orders, which will be discussed in this report.

Order Book Discrepancy and Ignored Canceled Orders

The key issue we uncovered is an increasing rate of average order book discrepancy per block among specific validators and instances where canceled orders were still matched.

1. Ignored Canceled Orders

• Instances were identified where orders were canceled (via msgCancelOrder) before a block proposal but were still matched within the same block.
• Analysis focused on blocks within a 240-second (4-minute) window to minimize noise from potential shared order IDs.

2. Metric Calculation

• Total blocks with matches proposed by each validator during the period were analyzed.
• Blocks where canceled orders were included in matches were identified.
• The percentage of these problematic blocks (canceled orders included/total blocks proposed) was calculated and correlated with validator voting power rankings (see images below).

3. Suspected Linkages

• Validators displaying these trends also showed tendencies not to match certain orders from specific market makers.
• This raises concerns about intentional or unintentional biases in order handling.

These findings are being actively discussed with the affected validators to address the issues identified.

1600×441 151 KB

1600×1256 220 KB

1600×1207 215 KB

The metric can be summarized as “percentage of blocks with orders that were matched despite being canceled.

On top of that, there has been an additional relevant metric we have detected. Following the work displayed in the October/November report, where we identified a couple of validators which were not including orders in their matches coming from a specific market maker (dydx14dl…), we have detected the same this month by the same validators we’ve mentioned previously. We suspect that the three issues are linked with one another.

1000×800 75.2 KB

Since this has been detected throughout late december/early january, it is currently being iterated on and we will be in touch with the relevant validators to discuss further.

Research Background

The MEV committee has been in place for a year now. We’d like to take a step back to revisit the background research which supports all of our ongoing monitoring and analysis. Specifically, we’d like to review the research report published by Chorus One on different types of MEV.

The premise for all of our analysis is found in the following two functions:

530×132 3.88 KB

772×114 4.55 KB

As described in Chorus One’s report, “At a high level, the MEV of a proposed block can be defined as the sum of the absolute differences between the profit and loss (PNL) at the subaccount level based on the matched orders in the proposed block”. Here, N is the number of sub-accounts in v4, PNL_BP is the PNL of a sub-account based on the block proposer’s matched trades, and PNL_Vi is the PNL of a sub-account based on the block validator’s matched trades.

The second equation shows the calculation of the PNL of the subaccount “i”, where S is the number of trades the sub-account is involved on the sell side, B is the number of trades the sub-account is involved on the buy side, pi is the fill price of the trade, pmid is the mid price of the validator’s resulting order book at the end of the block after applying a block proposer’s matches and the cancels they’ve seen, ni is the size of the trade, and f are the fees the sub-account pays based on the list of matched trades.

This PNL for each subaccount is calculated on a per block basis and displayed in the Observatory dashboard, and part of our work at the committee is to pull the logs for different blocks and look at the proposed matches to further investigate the discrepancies.

In their report, Chorus One outline different types of MEV which may be at risk for the dYdX Chain. We’d like to revisit each one with the goal of determining whether these have been identified so far.

• Cross-chain validator driven MEV

In this case, MEV would be a result of validators operating, and conducting malicious activity, on the dYdX Chain and other Cosmos chains. In other words, validators operating on two chains, one of which would include the dYdX Chain, might be able to propose two individual blocks at the same time such that they manipulate conditions for profit on either, or both chains. This type of activity would be harder to track as it would not be visible on just dYdX, but would require analyzing other chains as well. However, as already stated in the research article, the DEX volume on other Cosmos chains at the time the article was written has not increased significantly, and at that time it was concluded that the potential for cross-chain value extraction was not sufficient to incentivize this kind of MEV. We can therefore assume that this is not a legitimate concern today.

• Stop Limit Order or Liquidation Cascade

In this scenario, a malicious validator might identify a large amount of open limit orders or liquidation triggers within near proximity of the current price, and manipulate the price such that these orders are matched. This could result in a large price movement at the next block, profiting some trading strategy they’ve employed. We have witnessed a number of large liquidation events occur due to high volatility market conditions, but have seen no sign of market manipulation to trigger the liquidation cascade. Block discrepancies should also reflect this behavior since the validator would be matching orders unexpectedly to move the price.

• Capturing the spread, “Stale Order Snipe, cancel ignored”, Capturing the slippage (sandwiching market orders)

This is the activity we expect to see for most malicious actors – whereby validators use their matching capabilities to profit directly from stale orders or large orders with high slippage. Again, block discrepancies were created with the specific goal of capturing this type of behavior, so we would expect to have identified any such behavior. As of today, we still don’t suspect that this malicious behavior is ongoing on the dYdX Chain.

Future outlook

The committee will continue refining its ability to detect discrepancies, engage with validators, and develop new metrics to uncover underlying issues. Feedback and collaboration from the community are vital as we work towards a more secure and equitable dYdX ecosystem.