Surviving in Dark Forest: Towards Evading the Attacks from Front-Running Bots in Application Layer

Blockchains face significant risks from front-running attacks, leading to multi-billion USD losses. These attacks are often executed by front-running bots, automated tools that operate at high speed to execute transactions, exacerbating the threat landscape. Consequently, it is crucial for blockchain developers to design strategies at the application layer to mitigate these attacks. Interestingly, real-world strategies for evading front-running remain under-explored in their taxonomy and distribution due to their covert nature. Understanding these evasion tactics is vital for assessing the resilience of the current blockchain application layer and identifying areas for potential enhancement, thereby strengthening the ecosystem. In this work, we take the first step to demystify evading strategies in Ethereum and BNB Smart Chain. We propose EVScope, a novel framework combining binary analysis and machine learning to detect known and unknown evading strategies. Using EVScope, we examine 6,761,186 arbitrage transactions and 71 significant attack transactions that evaded the front-running attacks from bots in the wild. Our findings uncover 32 refined strategies involving access control, profit control, execution split, and code obfuscation. 25/32 are first introduced in this work, and 28/32 are first applied in evading front-running, which fills a critical gap in the literature.