Dr. Anish Mohammed shares some knowledge on MEV, EIP1559 and DeFi
Dr. Anish Mohammed, co-founder and CTO at Panther Protocol was recently on the ‘End of Chain’ podcast and spoke about how Panther Protocol can solve some of the more pressing problems in DeFi, particularly creating the right economic incentives for privacy provision when set against a background of discussions around Miner Extractable Value (MEV) and the incoming implementation of Ethereum’s EIP1559.
Apple Podcasts | Spotify | Website
— — — — — — — — — — — — — — — — — — — —
First, I’ll give you the 20,000-foot view. The best example I can give is literally the scenario described in the book Flash Boys [by Michael Lewis, where the huge profits involved in high-frequency trading prompted wild construction schemes where every metre of fibre-optic cable and every millisecond of latency was the difference between multi-million profits or loss].
What we need to recognise is that a lot of the things that are happening in DeFi are like a replay of the things that have happened in traditional finance.
But humans tend to forget and history seems to repeat itself. And this is where we come to the Flash Boys 2.0 paper which describes how miners are able to look at the transactions in the block they submit and can see certain states and decide to do something with that information.
Let’s take a simple example: I figured out that Sam’s going to buy a car. And his upper bound for the price is X. And I know the car’s price in the current market is less than X. So before this transaction gets committed, I can buy the car myself and sell it back to Sam in the same block, because I have this information he doesn’t have.
This is a real-world example of front running.
There’s actually something called back running as well: this is where I’m making a big order. If one of these MEV extractors sees that the price is dislocated from somewhere else on the network or in a centralized exchange, they can back-run the order, which means that they already have the assets. And so they’re just selling it down to bring it back in line with the price elsewhere. It gets even more complicated when we start talking about sandwich attacks.
The approach of traditional finance is to regulate factors such as your location or the type of cable installation between you and the exchange so that you cannot gain an illegal advantage. But my question would be, what does “illegal” mean in this context?
Say you buy a data centre on the cheapest plot of land you can get, just to be closer to an exchange, or you build microwave towers to beam data backwards and forwards to gain an advantage of a millisecond or two — there are many ways of optimising processes and there is a question of how you apply governance here, when rather than someone doing something illegal, it’s just a question of information arbitrage.
There are more creative ways of tackling this, and it comes down to pricing. So you could invert this in the sense that you create a fee or a fine that is a function of the gain that has been made.
As an example, if you have two machine learning algorithms and one has a clear advantage over the other and manages to breach privacy regulation, then you can compare the two and see how much of a delta they have in terms of their machine learning abilities and calculate a fine or a fee based on the advantage they gained from the privacy breach.
You could do a similar thing for front running and calculate a fee based on the advantage gained. So this then becomes an economic mechanism rather than something that is binary: either legal or illegal. In other words, this becomes a governance mechanism
The difference between traditional finance and crypto is that in traditional finance, there needs to be an entity that’s outside of the game, looking at the frame of reference and saying, “OK, anybody who actually breaks the rules of this game needs to be fined.”
Whereas in crypto, no such entity exists and if you can get an advantage, then it is yours to take. In this sense, it’s a tragedy of the commons.
So what’s been happening with Ethereum, especially in a DeFi context, is that traders are going directly to the mining pools and they are paying the miners to insert their transaction into the block. So effectively there is collusion happening and it is not visible to other people observing the network.
A part of this will be fixed by EIP1559, but much of it won’t be. What EIP1559 means is that the gas fee that previously went to the miner will now go to the network itself (this is called the base fee), and will be algorithmically set. This means that the current zero-gas transactions where a fee is paid in a private transaction outside the main network that is not visible to outside observers will be constrained.
Miners are generally not happy about these changes because it is possible that a good fraction of miners might have possibly been leveraging MeV, by using arbitrage opportunities to their own advantage, it is likely that some — if not all — of their losses will be offset.
This is why I describe it as a tragedy of the commons: these misaligned economic incentives in the ecosystem are suboptimal. It can be problematic for people, no matter who you are.
For example, when Vitalik Buterin donated more than $1 billion in Shiba Inu and Akita memecoins to charity, he started getting front run and having to increase his gas fees higher and higher, so that eventually he had to use Archer DAO which allowed him to pay and then insert his transaction to the block and actually get his trades done.
In an ideal world, you want to have a protocol where, when you create a transaction it’s secret, but it’s only available to be seen or understood after the actual transaction is done.
This is what happens in dark pools — and it’s also what we are doing at Panther: to bring about a situation where you make it difficult for other people to front-run but you have a selective reveal mechanism to make public what you want to — or what you need to, for compliance reasons. And in this way, you can use the pricing for these services as a crypto-economic mechanism to guide good behaviour.
At the moment, and even after EIP1559 is implemented, one of the big risks to the ecosystem is a 51% attack where the mining pools collude and carry out things like segmentation attacks, where they could do various things like a denial of service attack on anybody else in the network, that allows them to dictate what happens on the network.
Reducing the incentives to collude in this way is important — and privacy is part of this.
You can divide privacy into three main parts: privacy of identity, privacy of transaction and privacy of state. And there may even be a fourth part — things we don’t know we don’t know.
In order to implement this privacy, someone needs to do some extra work — and someone needs to pay for the cost of that. Privacy doesn’t come for free, and we have this efficient market thesis where we’re asking, can you have a large enough market where everyone in the market is incentivized to actually get privacy? If the answer to this is yes, then the cost of privacy comes down and it becomes a small proportion of the transaction.
The last two to three years have seen a real explosion of activity in privacy tech, and in zero-knowledge proofs in particular. We obviously have the Zero-Knowledge Proofs conference, and the size of the community itself has increased by at least two, three, four orders of magnitude.
So where does Panther fit in all of this?
Let’s talk for a minute about zero-knowledge proofs and how they work. Imagine a room. And if I’m the only person who is here, you have a high probability of discovering this person is me. But if I am in a stadium of 10,000 people, the chance becomes minimal. So you need to think about incentive design to get people into the stadium and use their presence to create privacy: in other words, we are using a combination of proofs and game theory to provide privacy.
We can think of users as being in two different classes: ordinary people who make some small transactions who care about privacy but not necessarily to the degree that we are willing to pay huge gas prices to do that; and on the other side, we have institutional clients.
If you have a small pool of institutional clients, it’s not going to be enough for them to trade with each other because of the small number of these users. So you have to have a mixture of institutional clients, with a much larger number of retail clients.
Effectively they will be our liquidity mining providers who will put their capital in and get returns that are higher than the traditional deal. But at the same time, they’re providing privacy for the whole set.
The idea of Panther is to create these pools where people can transact with privacy that are outside the normal public domain, without being front-run. We can’t, of course, completely rule out the possibility of an attack, but it is vastly minimised.
If the prices of different pools are different, the size of the pools will be different: for example, you might have a USDC pool and a WBTC pool, and now we’re talking about the possibility of mixing all those things together and having a single anonymous user. This is something that’s been proposed and we are looking at it.
Another important thing for Panther is privacy compliance and selective disclosure, where the user needs to disclose a particular piece of information about a transaction.
This is important because we are moving in a space where privacy coins are coming under more and more scrutiny, but at the same time, privacy is the basis of modern society. So we need to actually have mechanisms that actually provide privacy to ordinary users.
Zero-knowledge proofs allow you to have that privacy but with a full chain of custody. So you can prove those compliance requirements without disclosing any of your addresses or anything else.
Privacy is one of the most important things you can have as an individual, and Panther Protocol will allow everyone to benefit from this, at a fair price.
About Panther
Panther is a decentralized protocol that enables interoperable privacy in DeFi using zero-knowledge proofs.
Users can mint fully-collateralized, composable tokens called zAssets, which can be used to execute private, trusted DeFi transactions across multiple blockchains.
Panther helps investors protect their personal financial data and trading strategies, and provides financial institutions with a clear path to compliantly participate in DeFi.