Dianxiang Sun,Wei Ma,Liming Nie,Yang Liu

2024-03-24

Abstract:Rug pulls pose a grave threat to the cryptocurrency ecosystem, leading to substantial financial loss and undermining trust in decentralized finance (DeFi) projects. With the emergence of new rug pull patterns, research on rug pull is out of state. To fill this gap, we first conducted an extensive analysis of the literature review, encompassing both scholarly and industry sources. By examining existing academic articles and industrial discussions on rug pull projects, we present a taxonomy inclusive of 34 root causes, introducing six new categories inspired by industry sources: burn, hidden owner, ownership transfer, unverified contract, external call, and fake LP lock. Based on the developed taxonomy, we evaluated current rug pull datasets and explored the effectiveness and limitations of existing detection mechanisms. Our evaluation indicates that the existing datasets, which document 2,448 instances, address only 7 of the 34 root causes, amounting to a mere 20% coverage. It indicates that existing open-source datasets need to be improved to study rug pulls. In response, we have constructed a more comprehensive dataset containing 2,360 instances, expanding the coverage to 54% with the best effort. In addition, the examination of 14 detection tools showed that they can identify 25 of the 34 root causes, achieving a coverage of 73.5%. There are nine root causes (Fake LP Lock, Hidden Fee, and Destroy Token, Fake Money Transfer, Ownership Transfer, Liquidity Pool Block, Freeze Account, Wash-Trading, Hedge) that the existing tools cannot cover. Our work indicates that there is a significant gap between current research and detection tools, and the actual situation of rug pulls.

Software Engineering

Jintao Huang,Ningyu He,Kai Ma,Jiang Xiao,Haoyu Wang

DOI: https://doi.org/10.48550/arxiv.2305.06108

2023-01-01

Abstract:NFT rug pull is one of the most prominent type of scam that the developers of a project abandon it and then run away with investors' funds. Although they have drawn attention from our community, to the best of our knowledge, the NFT rug pulls have not been systematically explored. To fill the void, this paper presents the first in-depth study of NFT rug pulls. Specifically, we first compile a list of 253 known NFT rug pulls as our initial ground truth, based on which we perform a pilot study, highlighting the key symptoms of NFT rug pulls. Then, we enforce a strict rule-based method to flag more rug pulled NFT projects in the wild, and have labelled 7,487 NFT rug pulls as our extended ground truth. Atop it, we have investigated the art of NFT rug pulls, with kinds of tricks including explicit ones that are embedded with backdoors, and implicit ones that manipulate the market. To release the expansion of the scam, we further design a prediction model to proactively identify the potential rug pull projects in an early stage ahead of the scam happens. We have implemented a prototype system deployed in the real-world setting for over 5 months. Our system has raised alarms for 7,821 NFT projects, by the time of this writing, which can work as a whistle blower that pinpoints rug pull scams timely, thus mitigating the impacts.

Trishie Sharma,Rachit Agarwal,Sandeep Kumar Shukla

DOI: https://doi.org/10.48550/arXiv.2304.07598

2023-04-16

Abstract:The explosive growth of non-fungible tokens (NFTs) on Web3 has created a new frontier for digital art and collectibles, but also an emerging space for fraudulent activities. This study provides an in-depth analysis of NFT rug pulls, which are fraudulent schemes aimed at stealing investors' funds. Using data from 758 rug pulls across 10 NFT marketplaces, we examine the structural and behavioral properties of these schemes, identify the characteristics and motivations of rug-pullers, and classify NFT projects into groups based on creators' association with their accounts. Our findings reveal that repeated rug pulls account for a significant proportion of the rise in NFT-related cryptocurrency crimes, with one NFT collection attempting 37 rug pulls within three months. Additionally, we identify the largest group of creators influencing the majority of rug pulls, and demonstrate the connection between rug-pullers of different NFT projects through the use of the same wallets to store and move money. Our study contributes to the understanding of NFT market risks and provides insights for designing preventative strategies to mitigate future losses.

Cryptography and Security

Zewei Lin,Jiachi Chen,Zibin Zheng,Jiajing Wu,Weizhe Zhang,Yongjuan Wang

2024-03-03

Abstract:In recent years, Decentralized Finance (DeFi) grows rapidly due to the development of blockchain technology and smart contracts. As of March 2023, the estimated global cryptocurrency market cap has reached approximately $949 billion. However, security incidents continue to plague the DeFi ecosystem, and one of the most notorious examples is the ``Rug Pull" scam. This type of cryptocurrency scam occurs when the developer of a particular token project intentionally abandons the project and disappears with investors' funds. Despite it only emerging in recent years, Rug Pull events have already caused significant financial losses. In this work, we manually collected and analyzed 103 real-world rug pull events, categorizing them based on their scam methods. Two primary categories were identified: Contract-related Rug Pull (through malicious functions in smart contracts) and Transaction-related Rug Pull (through cryptocurrency trading without utilizing malicious functions). Based on the analysis of rug pull events, we propose CRPWarner (short for Contract-related Rug Pull Risk Warner) to identify malicious functions in smart contracts and issue warnings regarding potential rug pulls. We evaluated CRPWarner on 69 open-source smart contracts related to rug pull events and achieved a 91.8% precision, 85.9% recall and 88.7% F1-score. Additionally, when evaluating CRPWarner on 13,484 real token contracts on Ethereum, it successfully detected 4168 smart contracts with malicious functions, including zero-day examples. The precision of large-scale experiment reach 84.9%.

Software Engineering

Jintao Huang,Ningyu He,Kai Ma,Jiang Xiao,Haoyu Wang

DOI: https://doi.org/10.1145/3626782

2024-01-01

ACM SIGMETRICS Performance Evaluation Review

Abstract:NFT rug pull is one of the most prominent type of NFT scam, whose definition is that the developers of an NFT project abandon it and run away with investors' funds. Although they have drawn attention from our community, to the best of our knowledge, the NFT rug pulls have not been systematically measured. To fill the void, this paper presents the first in-depth measurement study of NFT rug pulls. Specifically, we first compile a list of 253 known NFT rug pulls as our initial confirmed rug pulls (i.e., ground truth), based on which we perform a pilot study, highlighting the key symptoms of NFT rug pulls. Then, we design an effective rule-based detector to measure the prevalence of NFT rug pulls in the ecosystem. We have labelled 7,487 happened NFT rug pull projects which were not revealed by our community. To eliminate the potential damage brought by rug pull scams, we take a step further towards designing a real-time prediction model to proactively identify the potential rug pull projects in an early stage ahead of the scam happens. We have implemented a prototype system, and deployed it in the real-world setting for over 6 months. Our system has raised alarms for 5,557 new NFT projects by the time of this writing, which works as a whistle blower that pinpoints rug pull scams timely, thus mitigating the impacts.

Zheng Cao,Yi Zhen,Gang Fan,Sheng Gao

DOI: https://doi.org/10.48550/arxiv.2208.05168

2022-01-01

Abstract: The emergence of metaverse brings tremendous evolution to Non-Fungible Tokens (NFTs), which could certify the ownership the unique digital asset in the cyber world. The NFT market has garnered unprecedented attention from investors and created billions of dollars in transaction volume. Meanwhile, securing NFT is still a challenging issue. Recently, numerous incidents of NFT theft have been reported, leading to incalculable losses for holders. We propose a decentralized NFT anti-theft mechanism called TokenPatronus, which supports the general ERC-721 standard and provide the holders with strong property protection. TokenPatronus contains pre-event protection, in-event interruption, and post-event replevin enhancements for the complete NFTs transactions stages. Four modules are designed to make up the decentralized anti-theft mechanism, including the decentralized access control (DAC), the decentralized risk management (DRM), the decentralized arbitration system (DAS) and the ERC-721G standard smart contract. TokenPatronus is performing on the Turtlecase NFT project of Ethereum and will support more blockchains in the future.

Mingxi Ye,Xingwei Lin,Yuhong Nan,Jiajing Wu,Zibin Zheng

DOI: https://doi.org/10.1145/3650212.3680321

2024-01-01

Abstract:In the context of boosting smart contract applications, prioritizing their security becomes paramount. Smart contract exploits often result in notable financial losses. Ensuring their security is by no means trivial. Rather than resulting in program crashes, most attacks in on-chain smart contracts aim to induce financial loss, referred to as profitable exploits. By constructing seemingly innocuous inputs, profitable exploits try to extract extra profit or compromise the interests of others. However, due to the complexity of call chains in on-chain smart contracts and the need for effective oracles for profitable exploits, smart contract fuzzing suffers from low efficiency and low effectiveness in finding profitable exploits. In this paper, we present Midas, a novel feedback-driven fuzzing framework to mine profitable exploits in on-chain smart contracts effectively. Midas consists of two modules: diverse validity fuzzing and profitable transaction identification. The diverse validity fuzzing module applies two waypoints to efficiently generate valid transactions, addressing the complexity of on-chain smart contract call chains. The profitable transaction identification module applies differential analysis to effectively identify profitable exploits, addressing the limitation of ad-hoc oracles. Evaluation of Midas over on-chain smart contracts showed it effectively identified 40 real-world exploits with a precision of 80%, outperforming state-of-the-art tools (i.e., ItyFuzz and Slither) in both efficiency and effectiveness. Particularly, Midas effectively mines five unknown exploits in valuable smart contracts, and two of them have already been confirmed by their DApp developers.

Bowen He,Yuan Chen,Zhuo Chen,Xiaohui Hu,Yufeng Hu,Lei Wu,Rui Chang,Haoyu Wang,Yajin Zhou

DOI: https://doi.org/10.1145/3576915.3623210

2023-01-01

Abstract:The prosperity of Ethereum attracts many users to send transactions and trade crypto assets. However, this has also given rise to a new form of transaction-based phishing scam, named TXPHISH. Specifically, tempted by high profits, users are tricked into visiting fake websites and signing transactions that enable scammers to steal their crypto assets. The past year has witnessed 11 large-scale TXPHISH incidents causing a total loss of more than $70 million. In this paper, we conduct the first empirical study of TXPHISH on Ethereum, encompassing the process of a TXPHISH campaign and details of phishing transactions. To detect TXPHISH websites and extract phishing accounts automatically, we present TxPhishScope, which dynamically visits the suspicious websites, triggers transactions, and simulates results. Between November 25, 2022, and July 31, 2023, we successfully detected and reported 26,333 TXPHISH websites and 3,486 phishing accounts. Among all of documented TXPHISH websites, 78.9% of them were first reported by us, making TxPhishScope the largest TXPHISH website detection system. Moreover, we provided criminal evidence of four phishing accounts and their fund flow totaling $1.5 million to aid in the recovery of funds for the victims. In addition, we identified bugs in six Ethereum projects and received appreciation. Based on the detection results, we perform a comprehensive study of TXPHISH websites and phishing accounts. Our study reveals that TXPHISH websites have a short lifespan, low cost, and fast update frequency. Besides, Our analysis of phishing fund flow demonstrates that 54.0% of phishing funds ($43.7 million) flowed into centralized exchanges, where the identity of owners could be traced. Our research can serve as a valuable reference for Ethereum service providers to safeguard their users against TXPHISH and assist in the recovery of victims' crypto assets.

Christian Sechting,Philip Raschke

DOI: https://doi.org/10.1109/BRAINS63024.2024.10732222

2024-10-09

Abstract:Decentralized Finance is still a growing sector that locks in billions of USD and serves as a platform for scammers to defraud investors. The most common fraud is the so-called rug pull, which has been researched for years. This paper presents the proposed approaches to combat this scheme and proposes a taxonomy to categorize solutions according to their best application. Solutions can be applied at three different levels. The first is at the service level, where the data is freely available on the blockchain. The second is at the user level, by deploying smart contracts that consist of preventive measures; and lastly, at the verifier level, which can prevent malicious transactions in the same way they prevent double-spending. This paper contributes in three ways. It gives an overview of all published approaches to predict and prevent malicious transactions. It also presents a taxonomy to facilitate development for specific use cases. Finally, it reveals a gap in the current research landscape.

Computer Science,Business,Law

Dabao Wang,Hang Feng,Siwei Wu,Yajin Zhou,Lei Wu,Xingliang Yuan

DOI: https://doi.org/10.1145/3545948.3545963

2022-01-01

Abstract:The prosperity of decentralized finance motivates many investors to profit via trading their crypto assets on decentralized applications (DApps for short) of the Ethereum ecosystem. Apart from Ether (the native cryptocurrency of Ethereum), many ERC20 (a widely used token standard on Ethereum) tokens obtain vast market value in the ecosystem. Specifically, the approval mechanism is used to delegate the privilege of spending users’ tokens to DApps. By doing so, the DApps can transfer these tokens to arbitrary receivers on behalf of the users. To increase the usability, unlimited approval is commonly adopted by DApps to reduce the required interaction between them and their users. However, as shown in existing security incidents, this mechanism can be abused to steal users’ tokens. In this paper, we present the first systematic study to quantify the risk of unlimited approval of ERC20 tokens on Ethereum. Specifically, by evaluating existing transactions up to 31st July 2021, we find that unlimited approval is prevalent (60%, 15.2M/25.4M) in the ecosystem, and 22% of users have a high risk of their approved tokens for stealing. After that, we investigate the security issues that are involved in interacting with the UIs of 22 representative DApps and 9 famous wallets to prepare the approval transactions. The result reveals the worrisome fact that all DApps request unlimited approval from the front-end users and only 10% (3/31) of UIs provide explanatory information for the approval mechanism. Meanwhile, only 16% (5/31) of UIs allow users to modify their approval amounts. Finally, we take a further step to characterize the user behavior into five modes and formalize the good practice, i.e., on-demand approval and timely spending, towards securely spending approved tokens. However, the evaluation result suggests that only 0.2% of users follow the good practice to mitigate the risk. Our study sheds light on the risk of unlimited approval and provides suggestions to secure the approval mechanism of the ERC20 tokens on Ethereum.

Siwei Wu,Zhou Yu,Dabao Wang,Yajin Zhou,Lei Wu,Haoyu Wang,Xingliang Yuan

DOI: https://doi.org/10.1109/tdsc.2023.3346888

2024-01-01

Abstract:The rapid growth of Decentralized Finance (DeFi) boosts the blockchain ecosystem. At the same time, attacks on DeFi applications (apps) are increasing. However, to the best of our knowledge, existing smart contract vulnerability detection tools cannot directly detect DeFi attacks. That's because they lack the capability to recover and understand high-level DeFi semantics, e.g., a user trades a token pair X and Y in a Decentralized EXchange (DEX). In this work, we focus on the detection of two new types of price manipulation attacks. To this end, we propose a platform-independent method to identify high-level DeFi semantics. Specifically, we first construct the Cash Flow Tree (CFT) from a raw transaction and then lifting the low-level semantics to high-level ones, including five advanced DeFi actions. Finally, we use patterns expressed with the recovered DeFi semantics to detect price manipulation attacks. We implemented a prototype named DeFiRanger that detected 14 zero-day security incidents. These findings were reported to affected parties or/and the community for the first time. Furthermore, the backtest experiment discovered 15 unknown historical security incidents. We further performed an attack analysis to shed light on the root causes of vulnerabilities incurring price manipulation attacks.

Pengcheng Xia,Haoyu wang,Bingyu Gao,Weihang Su,Zhou Yu,Xiapu Luo,Chao Zhang,Xusheng Xiao,Guoai Xu

DOI: https://doi.org/10.48550/arXiv.2109.00229

2021-11-11

Abstract:The prosperity of the cryptocurrency ecosystem drives the need for digital asset trading platforms. Beyond centralized exchanges (CEXs), decentralized exchanges (DEXs) are introduced to allow users to trade cryptocurrency without transferring the custody of their digital assets to the middlemen, thus eliminating the security and privacy issues of traditional CEX. Uniswap, as the most prominent cryptocurrency DEX, is continuing to attract scammers, with fraudulent cryptocurrencies flooding in the ecosystem. In this paper, we take the first step to detect and characterize scam tokens on Uniswap. We first collect all the transactions related to Uniswap V2 exchange and investigate the landscape of cryptocurrency trading on Uniswap from different perspectives. Then, we propose an accurate approach for flagging scam tokens on Uniswap based on a guilt-by-association heuristic and a machine-learning powered technique. We have identified over 10K scam tokens listed on Uniswap, which suggests that roughly 50% of the tokens listed on Uniswap are scam tokens. All the scam tokens and liquidity pools are created specialized for the "rug pull" scams, and some scam tokens have embedded tricks and backdoors in the smart contracts. We further observe that thousands of collusion addresses help carry out the scams in league with the scam token/pool creators. The scammers have gained a profit of at least \$16 million from 39,762 potential victims. Our observations in this paper suggest the urgency to identify and stop scams in the decentralized finance ecosystem, and our approach can act as a whistleblower that identifies scam tokens at their early stages.

Cryptography and Security

Philipp Stangl,Christoph P. Neumann

2024-05-30

Abstract:Current methods to prevent crypto asset fraud are based on the analysis of transaction graphs within blockchain networks. While effective for identifying transaction patterns indicative of fraud, it does not capture the semantics of transactions and is constrained to blockchain data. Consequently, preventive methods based on transaction graphs are inherently limited. In response to these limitations, we propose the Kosmosis approach, which aims to incrementally construct a knowledge graph as new blockchain and social media data become available. During construction, it aims to extract the semantics of transactions and connect blockchain addresses to their real-world entities by fusing blockchain and social media data in a knowledge graph. This enables novel preventive methods against rug pulls as a form of crypto asset fraud. To demonstrate the effectiveness and practical applicability of the Kosmosis approach, we examine a series of real-world rug pulls from 2021. Through this case, we illustrate how Kosmosis can aid in identifying and preventing such fraudulent activities by leveraging the insights from the constructed knowledge graph.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Fuchen Ma,Meng Ren,Lerong Ouyang,Yuanliang Chen,Juan Zhu,Ting Chen,Yingli Zheng,Xiao Dai,Yu Jiang,Jiaguang Sun

DOI: https://doi.org/10.1145/3560264

IF: 3.685

2023-01-01

ACM Transactions on Software Engineering and Methodology

Abstract:With the development of decentralized networks, smart contracts, especially those for ERC tokens, are attracting more and more Dapp users to implement their applications. There are some functions in ERC token contracts that only a specific group of accounts could invoke. Among those functions, some even can influence other accounts or the whole system without prior notice or permission. These functions are referred to as contract backdoors. Once exploited by an attacker, they can cause property losses and harm users' privacy. In this work, we propose Pied-Piper, a hybrid analysis method that integrates datalog analysis and directed fuzzing to detect backdoor threats in Ethereum ERC token contracts. First, datalog analysis is applied to abstract the data structures and identification rules related to the threats for preliminary static detection. Then, directed fuzzing is applied to eliminate false positives caused by the static analysis. We first evaluated PiedPiper on 200 smart contracts, which are injected with different types of backdoors. It reported all problems without false positives, and none of the injected problems was missed. Then, we applied Pied-Piper on 13,484 real token contracts deployed on Ethereum. Pied-Piper reported 189 confirmed problems, four of which have been assigned unique CVE ids while others are still in the review process. Each contract takes 8.03 seconds for datalog analysis on average, and the fuzzing engine can eliminate the false positives within one minute.

Mingpei Cao,Yueze Zhang,Zhenxuan Feng,Jiahao Hu,Yuesheng Zhu

DOI: https://doi.org/10.1109/qrs57517.2022.00071

2022-01-01

Abstract:Decentralized cryptocurrencies are influential smart contract applications in the blockchain, drawing interest from industry and academia. The capacity to govern and manage token behavior provided by the token smart contract adds to thriving decentralized applications. However, token smart contracts face security challenges in technology weakness and manipulation risks. In this work, we briefly describe the manipulation risk and propose TokenAuditor, a fuzzing framework detecting those risks in token smart contracts. TokenAuditor constructs basic blocks based on the contract bytecodes and adopts the rarity selection and mutation strategy to generate test cases. The main idea is to select the test cases that have hit rare basic blocks since the fuzzing started as candidates and perform mutation operations on them. In our evaluation, TokenAudiotr discovered 664 manipulation risks of four types in 4021 real-world token contracts.

Federico Cernera,Massimo La Morgia,Alessandro Mei,Francesco Sassi

2024-09-02

Abstract:In this work, we perform a longitudinal analysis of the BNB Smart Chain and Ethereum blockchain from their inception to March 2022. We study the ecosystem of the tokens and liquidity pools, highlighting analogies and differences between the two blockchains. We discover that about 60% of tokens are active for less than one day. Moreover, we find that 1% of addresses create an anomalous number of tokens (between 20% and 25%). We discover that these tokens are used as disposable tokens to perform a particular type of rug pull, which we call 1-day rug pull. We quantify the presence of this operation on both blockchains discovering its prevalence on the BNB Smart Chain. We estimate that 1-day rug pulls generated $240 million in profits. Finally, we present sniper bots, a new kind of trader bot involved in these activities, and we detect their presence and quantify their activity in the rug pull operations.

Computers and Society

Ru Ji,Ningyu He,Lei Wu,Haoyu Wang,Guangdong Bai,Yao Guo

DOI: https://doi.org/10.1109/iceccs51672.2020.00022

2020-01-01

Abstract:Cryptocurrency has seen an explosive growth in recent years, thanks to the evolvement of blockchain technology and its economic ecosystem. Besides Bitcoin, thousands of cryptocur-rencies have been distributed on blockchains, while hundreds of cryptocurrency exchanges are emerging to facilitate the trading of digital assets. At the same time, it also attracts the attentions of attackers. Fake deposit, as one of the most representative attacks (vulnerabilities) related to exchanges and tokens, has been frequently observed in the blockchain ecosystem, causing large financial losses. However, besides a few security reports, our community lacks the understanding of this vulnerability, for example its scale and the impacts. In this paper, we take the first step to demystify the fake deposit vulnerability. Based on the essential patterns we have summarized, we implement DEPOSafe, an automated tool to detect and verify (exploit) the fake deposit vulnerability in ERC-20 smart contracts. DEPOSafe incorporates several key techniques including symbolic execution based static analysis and behavior modeling based dynamic verification. By applying DEPOSafe to 176,000 ERC-20 smart contracts, we have identified over 7,000 vulnerable contracts that may suffer from two types of attacks. Our findings demonstrate the urgency to identify and prevent the fake deposit vulnerability.

Massimo La Morgia,Alessandro Mei,Francesco Sassi,Julinda Stefa

DOI: https://doi.org/10.1145/3561300

2024-09-02

Abstract:Cryptocurrencies are increasingly popular. Even people who are not experts have started to invest in these assets, and nowadays, cryptocurrency exchanges process transactions for over 100 billion US dollars per month. Despite this, many cryptocurrencies have low liquidity and are highly prone to market manipulation. This paper performs an in-depth analysis of two market manipulations organized by communities over the Internet: The pump and dump and the crowd pump. The pump and dump scheme is a fraud as old as the stock market. Now, it got new vitality in the loosely regulated market of cryptocurrencies. Groups of highly coordinated people systematically arrange this scam, usually on Telegram and Discord. We monitored these groups for more than 3 years detecting around 900 individual events. We report on three case studies related to pump and dump groups. We leverage our unique dataset of the verified pump and dumps to build a machine learning model able to detect a pump and dump in 25 seconds from the moment it starts, achieving the results of 94.5% of F1-score. Then, we move on to the crowd pump, a new phenomenon that hit the news in the first months of 2021, when a Reddit community inflates the price of the GameStop stocks (GME) by over 1,900% on Wall Street, the world's largest stock exchange. Later, other Reddit communities replicate the operation on the cryptocurrency markets. The targets were DogeCoin (DOGE) and Ripple (XRP). We reconstruct how these operations developed and discuss differences and analogies with the standard pump and dump. We believe this study helps understand a widespread phenomenon affecting cryptocurrency markets. The detection algorithms we develop effectively detect these events in real-time and help investors stay out of the market when these frauds are in action.

Computers and Society

Rundong Gan,Le Wang,Xiaodong Lin

DOI: https://doi.org/10.1145/3605768.3623546

2023-09-24

Abstract:Decentralized Exchanges (DEXs) are one of the most important infrastructures in the world of Decentralized Finance (DeFi) and are generally considered more reliable than centralized exchanges (CEXs). However, some well-known decentralized exchanges (e.g., Uniswap) allow the deployment of any unaudited ERC20 tokens, resulting in the creation of numerous honeypot traps designed to steal traders' assets: traders can exchange valuable assets (e.g., ETH) for fraudulent tokens in liquidity pools but are unable to exchange them back for the original assets. In this paper, we introduce honeypot traps on decentralized exchanges and provide a taxonomy for these traps according to the attack effect. For different types of traps, we design a detection scheme based on historical data analysis and transaction simulation. We randomly select 10,000 pools from Uniswap V2 \& V3, and then utilize our method to check these pools.Finally, we discover 8,443 abnormal pools, which shows that honeypot traps may exist widely in exchanges like Uniswap. Furthermore, we discuss possible mitigation and defense strategies to protect traders' assets.

Cryptography and Security

Xun Sun,Xi Xiao,Wentao Xiao,Bin Zhang,Guangwu Hu,Tian Wang

DOI: https://doi.org/10.1007/978-3-030-95391-1_31

2022-01-01

Abstract:Recently, with the development of blockchain, cryptocurrencies such as bitcoin are gaining popularity. However, at the same time, there are some problems such as lack of laws and supervision, leading to an endless stream of frauds and market manipulations, which seriously impacts the interests of investors and the development of the economic society. This paper studies Short and Distort, a new manipulation as opposed to Pump and Dump in the cryptocurrency market for the first time. By using the method of case study, Short and Distort is explained. Further, we mine three important patterns with ordinary least squares regression. That is, cryptocurrencies always show price reversal, abnormal trading volume, and widening of bid-ask spreads. Moreover, a model is constructed to detect Short and Distort. Thorough experiments show that our model is superior to the other four methods.