The idea behind blockchain technology is that we don't need any middle person we have to trust, thanks to transparency, permissionlessness, and decentralization. We put trust in the system. Like my students would say, "Trust the process," while facing uncertainty and a tremendous amount of ambiguity, we, folks in web3, say, "Trust the blockchain technology." We modify our gas limit to fit our financial means and urgency for the transactions to go through right now, sign, and wait for the green checkmark.
All transparent and decentralized, isn't it?
Sorry to burst your bubble, but it isn't.
First, decentralization and transparency aren't the same. A company or entity can be fully centralized and transparent. Transparency refers to actions and decisions being fully open. In my first job, salaries were fully transparent. You could just go to the shared folder and see how much the boss made.
On the other hand, a company can be fully decentralized but not transparent, as the system is chaotic and lacks an easily accessible and understandable documentation process. Ever looked at Etherscan and thought, "What the fuck is going on?" Onceupon.gg is an improvement, increasing the transparency by making it easier to decipher a transaction.
The apparent aspect that isn't decentralized in web3 is block creation. Most people don't have the hardware, skills, or time to run nodes. One solution to this problem is staking, either solo or via a pool staking. Decentralization is further helped through decentralized validator technology (DVT), a way for running a validator across several non-trusting nodes.
But everything is transparent, right? Right? Well, yes, and no. Once the block is produced and you see the sequence of transactions, then yes. But what happens between signing a transaction and the block being built? That's hidden from you.
But there is the potential for a lot to happen. Like in traditional finance, DeFi isn't immune to frontrunning of transactions. Frontrunning occurs when there is information asymmetry: When one party knows something another person doesn't, they can profit by inserting their transaction at the right spot.
If I know that you want to buy a limited supply asset, I can quickly go ahead and buy some at the current price. Now, fewer of that asset are in the market, which increases the price you will pay for it. I can go ahead and sell the asset to you for a higher price, cashing in the difference.
In other ways, people can benefit financially from the seconds between you signing a transaction and the transaction being included in a block. These financial benefits are called Miner or Maximum Extractable Value (MEV) and refer to the total financial gains someone (a miner or validator) can receive from creating a block, in addition to the default financial incentives already provided to miners
Ideally, block producers are honest and will do the right thing that benefits the ecosystem. But, assuming miners are rational human beings (which they aren't, because they are humans), once they notice that they are leaving money on the table by doing the right aka honest thing, we can expect them to change their behavior and do whatever it takes to get all the financial gains.
Even if miners are completely honest and always act in the best interest of the chain they serve, traders might not. And traders can create bots for their financial gain, to the detriment of everyone else.
The way out of this is to hide transactions from those trading-monsters so they are included in a block without being spotted. And then to hope and wait that more and more blocks are produced, making it increasingly less likely that past transactions will be reorganized and destabilizing the chain.
Enter Flashbots
Flashbots are our saviors in web3's dark forest. Web3 is a dark forest because we can safely assume that there will be at least one trader-Monster who, upon noticing a way to get richer, will do so without qualms or concerns about consensus-layer stability.
Flashbot is a research and development organization with the aim to illuminate the dark forest and democratize MEV extraction. By enabling everyone to squeeze the last drop of financial profit from block production, trading-monsters have less incentive to swoop in and destabilize a blockchain. A proof of this is the drop in gas prices while the use of Flashbots increased.
Flashbots and compromised wallets
The Flashbot organization offers white hat service to those unfortunate souls with compromised wallets. A common crypto scam is to put a sweeper or a drainer into someone's wallet.
How do you get the remaining assets in your wallet back under control? The sweeper will take your money if you transfer ETH to move them. Your way out is to ensure that your transaction to fund your compromised wallet is followed directly by the transactions transferring your assets to a new safe wallet. But if you do that open and transparent, the scammer will see it and get to your last assets before you.
If you "only" have a drainer, you can transfer funds to your compromised wallet, but when you create a transaction, the receiving wallet will be replaced by the drainer's wallet. MetaMasks interface isn't helping with spotting this. Check out the Pink Drainer, to read about the extent of this problem.
To circumvent sweepers or drainers, you need to create your own Flashbot. With this bot, you'll bundle your transactions and pass the bundle onto block creators, circumventing the mempool, the pool of pending blockchain transactions. That means your transactions are hidden from others, and - assuming you are paying enough gas - your transactions will be included in a block. Got a compromised wallet but can't code your own flashbot? Check our dark.florist tools and resources to get assets on Ethereum from your compromised wallet to a safe wallet.
Key Curated Resources
Crypto Thriller to save millions without awakening a trader-monster
dark.florist: Best set of tools for non-coders to move assets from a compromised wallet to a safe wallet. Also super useful to get more information about a transaction before signing it.
A Flashbot github repo: https://github.com/flashbots/searcher-minter