Ankr: How to protect RPC users from data breaches and MEV.

Source: Ankr

Rampant data abuse is an important factor in the birth and development of Web3. For the Web3 ecosystem, any business model related to user data and value should be abandoned. However, in reality, there are still some Web3 service providers who are wavering between business interests and user needs.

Ankr is committed to providing services that prioritize users in terms of pricing, products, and privacy, while achieving outstanding products and results based on compliance with Web3 best practices. This article will share how Ankr protects user data and maintains its role as a key player in providing blockchain connectivity by refusing to execute MEV.

Ankr Solution Overview

· Privacy policy overview of concise and non-intrusive methods for user data

· Only collect relevant personal identity information of paying users, and do not associate wallet transactions with IP addresses.· Resolutely reject MEV transactions executed by users submitted through Ankr RPC endpoints.

· Clear stance, malicious MEV may potentially harm the Web3 ecosystem and should not be executed by trusted providers.

Adhere to the principle of user privacy first

As a Web3 service provider, we should adhere to the principle of putting user privacy first. Ankr is proud to maintain the highest standards in protecting user privacy and security.

· Data Privacy: Ankr employs powerful security measures and protocols to protect the confidentiality of user data.

· Service Data Security: Ankr has implemented powerful security measures to protect users' personal information from unauthorized access, use, alteration, and disclosure. All information provided by users is stored in a secure format on secure servers behind firewalls, and measures are taken to limit the number of people authorized to access this information.

· Data Retention and Lifecycle: Ankr minimizes the retention time of user data to optimize the performance of its services and platform. The Ankr RPC system automatically deletes all temporary activity data within 30 days.

For the purpose of service delivery, Ankr needs to temporarily record IP addresses to set usage restrictions and monitor denial-of-service attacks against Ankr infrastructure. Except for advanced data on transaction success rates through RPC that must be viewed, Ankr does not associate wallet transactions conducted through infrastructure with the IP addresses that issue RPC requests.

That is to say, Ankr will not store, use, or share any personal identity information (PII), including wallet addresses. In addition, unlike other RPC providers in the market, we believe it is necessary to clarify that Ankr will not perform any type of MEV from our RPC service in any way.

Ankr never uses RPC services to execute MEV

Some RPC providers monetize pending transactions by front-running and back-running user transactions. This is a very negative experience for the Web3 ecosystem and stakeholders, and may lead to widespread manipulation and distrust. Therefore, Ankr never executes MEV on endpoints.

What is MEV?

MEV (Miner Extractable Value), formerly known as Miner Extractable Value, has now been expanded to Maximum Extractable Value, as it has been proven to also affect Proof of Stake networks. Despite the differences in block validation and consensus mechanisms between PoS and PoW, opportunities for validators and full (RPC) node operators to extract value from transactions still exist.

When we talk about Web3 RPC service providers, MEV generally refers to the strategic manipulation of the order and inclusion of transactions in the blockchain, or the use of pre-obtained information to make or automate transaction decisions in advance. MEV stems from the fact that miners, validators, and even RPC service providers have the power to decide which transactions are included in a block and in what order they appear.

MEV's negative impact: Manipulating Web3 experience

For example, we can think of RPC service providers as dealers in a card game. Normally, the dealer should shuffle the cards fairly and deal them to the players (RPC users, dApps, protocols), without knowing what cards each player holds. However, if the dealer starts looking at all the cards received by each player and uses this information to gain an advantage, things will quickly become unfair. For instance, if the dealer has a deep understanding of what is going to happen beforehand and bets on it (front-running), or arranges the cards in a timely manner based on interests (tailgating), the game will be manipulated.

Drawbacks of executing MEV through RPC

· Unfairness: Providing RPC providers (or collaborators) with unfair advantages over ordinary users of Web3 and DeFi protocols. They can manipulate transactions to benefit themselves or stakeholders, which may lead to a loss of trust in the community and potentially hinder developer and user participation in the ecosystem.

· Price manipulation: Web3 RPC service providers have the potential to manipulate the prices of tokens and assets in decentralized trading platforms, which could lead to market instability and cause ordinary users to lose trust in the platform.

· Network security is reduced: This is mainly because it will encourage miners and validators to collude with Web3 RPC service providers. This may lead to easier attacks on the network or compromise its integrity.

· Service inefficiency: Allowing Web3 RPC service providers to conduct front-running and tailing transactions may lead to low market efficiency and inaccurate price reflection of supply and demand. Additionally, it may result in higher transaction fees, longer confirmation times, and reduced overall efficiency of the ecosystem.

· Negative Reputation: The utilization of MEV by Web3 RPC service providers may have a negative impact on the reputation of the entire Web3 ecosystem. It may cause potential users to question the fairness and security of the platform, leading to a slowdown in the adoption of decentralized technology.

How do some RPC providers execute MEV?

抢先交易（Front-Running）

Front-Running refers to the practice of entering into a trade with advance knowledge of a large upcoming transaction that will influence the price of the underlying asset.

Preemptive trading is very similar to the concept of "insider trading" in traditional markets. Full nodes and RPC providers can indirectly take advantage of preemptive trading by monitoring the transaction pool. The main process is:

· Memory Pool Monitoring: Continuously monitor profit opportunities in the memory pool, such as large orders on decentralized trading platforms.

· Seize the opportunity to create new transactions: When a profitable transaction is identified, create a new transaction that takes advantage of the expected changes caused by the original transaction.

· Set higher Gas limit: To prioritize processing of high-priority transactions by increasing the Gas limit, in order to incentivize miners or validators.

· Broadcast Preemptive Trading: Hoping it is included in the block before the original transaction.

· Sell and Profit: After the original transaction is executed, if the asset price rises, sell at a higher price to make a profit.

尾随交易（Back-Running）

Back-Running

In tailing trading strategy, someone places a trade immediately after another trade to take advantage of the changes caused by the initial trade. Although full nodes and RPC providers cannot directly control transaction inclusion and block creation, they can still attempt to indirectly exploit tailing opportunities by monitoring the transaction pool. The main process is:

· Memory Pool Monitoring: Continuously monitor the memory pool to identify potential profitable trades. For example, large transactions on decentralized exchanges (DEX), liquidations on lending platforms, or other behaviors that may have a significant impact on asset prices or market dynamics.

· Create trailing transactions: After identifying a potentially profitable trade, create a new transaction. For example, if the initial transaction involves a large number of sell orders, this will depress the price of the asset, so the trailing transaction may involve buying the asset at a lower price in anticipation of a rebound.

· Set higher Gas: To increase the likelihood of executing trailing transactions immediately after the original transaction, set higher Gas for the transaction, incentivizing miners or validators to prioritize trailing transactions over other pending transactions.

· Broadcast tailing transaction: Broadcast the tailing transaction to the network. Ideally, miners or validators will include the original transaction and the tailing transaction in the same block or subsequent blocks.

· Profit: Once the original transaction is executed and the market experiences the expected changes, profits can be gained from trailing operations. Assets may be sold at a higher price or other actions may be taken to take advantage of the expected price changes.

Final Thoughts

As an RPC service provider, executing malicious MEV is detrimental to Web3 and goes against the collaborative spirit of the Web3 ecosystem. Ankr is committed to providing users with secure and private services while always prioritizing the best interests of the community.

This article is from a submission and does not represent the views of BlockBeats.

Welcome to join the official BlockBeats community:

Telegram Subscription Group: https://t.me/theblockbeats

Telegram Discussion Group: https://t.me/BlockBeats_App

Official Twitter Account: https://twitter.com/BlockBeatsAsia