Cryptology ePrint Archive: Report 2022/155

FairTraDEX: A Decentralised Exchange Preventing Value Extraction

Conor McMenamin and Vanesa Daza and Matthias Fitzi

Abstract: An idealised decentralised exchange (DEX) provides a medium in which players wishing to exchange one token for another can interact with other such players and liquidity providers at a price which reflects the true exchange rate, without the need for a trusted third-party. Unfortunately, extractable value is an inherent flaw in existing blockchain-based DEX implementations. This extractable value takes the form of monetizable opportunities that allow blockchain participants to extract money from a DEX without adding demand or liquidity to the DEX, the two functions for which DEXs are intended. This money is taken directly from the intended DEX participants. As a result, the cost of participation in existing DEXs is much larger than the upfront fees required to post a transaction on a blockchain and/or into a smart contract. We present FairTraDEX, a decentralised variant of a frequent batch auction (FBA), a DEX protocol which provides formal game-theoretic guarantees against extractable value. FBAs when run by a trusted third-party provide unique game-theoretic optimal strategies which ensure players are shown prices equal to the liquidity provider's fair price, excluding explicit, pre-determined fees. FairTraDEX replicates the key features of an FBA that provide these game-theoretic guarantees using a combination of set-membership in zero-knowledge protocols and an escrow-enforced commit-reveal protocol. We extend the results of FBAs to handle monopolistic and/or malicious liquidity providers, and provide a detailed pseudo-code implementation of FairTraDEX based on existing mainstream blockchain protocols.

Category / Keywords: applications / Decentralized Exchange, Blockchain, Zero Knowledge

Date: received 10 Feb 2022

Contact author: conor mcmenamin at upf edu

Available format(s): PDF | BibTeX Citation

Version: 20220212:065057 (All versions of this report)

Short URL: ia.cr/2022/155


[ Cryptology ePrint archive ]