MEV Protection

MEV = Maximal Extractable Value

Attacks enabled by transaction ordering:

1. Sandwich Attack
   - Attacker sees user's DEX trade
   - Buys before user (raises price)
   - User buys at higher price
   - Attacker sells (profits)

2. Front-running
   - Attacker copies profitable transaction
   - Pays higher gas to execute first
   - Steals the profit

3. Back-running
   - Attacker executes immediately after
   - Exploits price impact of large trades

/// Transactions ordered by arrival time
/// Not by gas price
 
pub struct TransactionOrder {
    /// When validator received transaction
    arrival_time: u64,
 
    /// Transaction data
    tx: Transaction,
}
 
// Validators cannot reorder for profit
// Validator transactions go last

/// Large transactions automatically deferred
pub const MAX_DEFERRALS: u8 = 3;
 
fn should_defer(tx: &Transaction) -> bool {
    // Large DEX swaps get deferred
    if is_dex_swap(tx) && get_usd_value(tx) > 10_000 {
        return true;
    }
    false
}

pub struct SwapProtection {
    /// Max acceptable slippage (basis points)
    pub max_slippage_bps: u16,
 
    /// Minimum output amount
    pub min_output: u64,
 
    /// Price quote validity
    pub price_valid_until: u64,
}
 
fn check_slippage(swap: &Swap, actual_price: u64) -> Result<(), SwapError> {
    let expected = get_oracle_price(swap.pair);
    let slippage = (expected - actual_price) * 10000 / expected;
 
    if slippage > swap.protection.max_slippage_bps {
        return Err(SwapError::SlippageTooHigh);
    }
    Ok(())
}

/// Limit same-direction trades in single block
fn check_same_block_trades(pool: Address, direction: SwapDirection) -> bool {
    let trades = get_block_trades(pool);
    let same_dir = trades.iter()
        .filter(|t| t.direction == direction)
        .count();
 
    // Max 3 same-direction trades per block
    same_dir < 3
}

/// Threshold-encrypted transaction
pub struct EncryptedTransaction {
    /// Encrypted transaction data
    pub encrypted_data: Vec<u8>,
 
    /// Threshold key ID
    pub threshold_key_id: u64,
 
    /// Earliest execution block
    pub min_block: u64,
}
 
// Flow:
// 1. User encrypts tx with threshold public key
// 2. Tx enters encrypted mempool
// 3. After block finalized, validators decrypt
// 4. Execute in decrypted order
 
// Result: No one knows tx content before execution

/// Two-phase transaction
pub struct CommitRevealTx {
    /// Phase 1: Submit hash
    pub commit: Hash, // hash(tx_data + salt)
 
    /// Phase 2: Reveal
    pub reveal: Option<RevealData>,
}
 
// Block N:   User commits hash(swap + salt)
// Block N+1: User reveals full transaction
// Block N+1: Transaction executes
 
// Attackers can't front-run unknown content

/// Protected DEX swap
let swap = protected_swap(
    Swap {
        token_in: USDT,
        token_out: TOS,
        amount_in: 1000_00000000,
    },
    SwapProtection {
        max_slippage_bps: 100, // 1%
        min_output: 950_00000000,
        price_valid_until: now() + 60,
    },
)?;