The Curious Case of the Missing Stablecoins: Mishap or Money Laundering?
Just last week, a keen-eyed decentralized finance (DeFi) researcher named Michael Nadeau brought attention to a puzzling transaction. Someone attempted to swap $221,000 price of USDC stablecoins for Tether but ended up with a meager $5,000. What went flawed? Was this a fat-finger error or something more suspicious, like money laundering?
Understanding DeFi Transactions
When you make a transaction through online banking, you are often prompted to approve the foreign exchange rate. If you hesitate too long, the speed might shift. DeFi automated market makers (AMMs), nevertheless, handle things in another way. They ensure that you answer all of the pertinent questions ahead of time. Instead of asking for rate approval, they need to understand how much slippage you are okay with when swapping one cryptocurrency for one more.
For instance, if you happen to’re cool with 1% slippage, you’d accept receiving 99 cents in Tether for each $1 in USDC. But if you happen to can only handle 0.01% slippage, your transaction may not undergo, forcing you to try again.
Uniswap’s interface has a built-in safety net, capping slippage at 1% to guard traders. But if you happen to’re coding your transactions using their API, you’ve more leeway. Unfortunately, this particular trader neglected to set a minimum acceptable amount for his or her swap.
The Role of Liquidity Pools
Granted, that oversight alone wasn’t sufficient to cause such an enormous loss. AMMs depend on liquidity pools and algorithms to set exchange rates. These rates are influenced by the balance of funds between the 2 cryptocurrencies. If one currency is low on supply, the speed can turn out to be skewed.
MEV and Front Running: A Sneak Peek
This is where things get much more tangled. An Ethereum block builder executed a front-running transaction. Despite the Uniswap liquidity pool for USDC to Tether having about $35 million, the builder skewed the pool, depleting USDC and creating an unbalanced rate, leaving our trader shortchanged. This complex front-running maneuver involved interacting with a Curve pool and Aave.
What’s MEV and Block Building?
Since Ethereum’s transition to Proof of Stake, block builders create transaction blocks and present them to dam proposers (validators). Block builders can see pending transactions, allowing them to perform Maximum Extractable Value (MEV) operations like front running, sandwich attacks, or back running. Front running and sandwich attacks are more exploitive, while back running is less so.
After the transaction that seemingly lost $216,000, a follow-up transaction almost reversed the damage. Yet, this reversal paid the block builder, bob-the-builder, over $200k in ETH.
Upon examining bob-the-builder’s activities, March 12 emerged as a standout day, with profits far exceeding the previous month’s gains. Besides the $200k transaction, there have been five others netting around $440k. The previous month yielded smaller returns, with occasional $4k transactions and just a few hitting $25k.
Could It Be Money Laundering?
Some observers on social media speculated these transactions could be money laundering. Among them was a co-founder of DeFi Llama. Why? The funds originated from mixer-like addresses, and a few wallets were used just once. A trader savvy enough to execute such a serious transaction likely would not make a mistake of this magnitude.
Uniswap’s API documentation suggests safeguarding against such mishaps by setting a minimum expected amount, say $219,000 on this scenario, as a substitute of only a slippage percentage.
“amountOutMinimum: we are setting to zero, but this is a significant risk in production. For a real deployment, this value should be calculated using our SDK or an onchain price oracle – this helps protect against getting an unusually bad price for a trade due to a front running sandwich or another type of price manipulation.”
Yet, the counterargument to this being money laundering is its very public nature. If it’s indeed laundering, it doesn’t justify avoiding permissionless blockchains for institutions. By that logic, nobody would bank.
In Other News: OKX Suspends DEX Aggregator
This morning, regulated crypto exchange OKX halted its DEX aggregator service. OKX offers each centralized trading and decentralized exchange aggregation across multiple blockchains, enabling non-custodial trading. The suspension followed detection of activities by North Korea’s Lazarus group, with plans for further upgrades, including hacker tracking features. This voluntary suspension was done in consultation with regulators. OKX is registered in Malta under the EU’s MiCA regulations.
Meanwhile, the New York Federal Reserve examined block constructing, noting that the majority builders comply with sanctions. It observed that builders who didn’t comply often earned lower fees, suggesting it was more a matter of principle.
Update: Added OKX DEX aggregator suspension information.
Image Credit: www.ledgerinsights.com
