使用時間序列方法提升對預言機操作價格攻擊的抵抗力

蕭年葳; Nien-Wei Hsiao

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/96104

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	廖世偉	zh_TW
dc.contributor.advisor	Shi-Wei Liao	en
dc.contributor.author	蕭年葳	zh_TW
dc.contributor.author	Nien-Wei Hsiao	en
dc.date.accessioned	2024-10-15T16:05:28Z	-
dc.date.available	2024-10-16	-
dc.date.copyright	2024-10-15	-
dc.date.issued	2024	-
dc.date.submitted	2024-10-08	-
dc.identifier.citation	[1] Bzx - rekt, Feb 2020. https://rekt.news/bzx-rekt/. [2] G. Angeris and T. Chitra. Improved price oracles: Constant function market makers. In Proceedings of the 2nd ACM Conference on Advances in Financial Technologies, pages 80–91, 2020. [3] A. Azari. Bitcoin price prediction: An arima approach. arXiv preprint arXiv:1904.05315, 2019. Accessed: Apr 4, 2019. [4] Binance. Binance - cryptocurrency exchange, 2020, 2024. https://www.binance.com/en. [5] L. Breidenbach, C. Cachin, B. Chan, A. Coventry, S. Ellis, A. Juels, F. Koushan- far, A. Miller, B. Magauran, D. Moroz, S. Nazarov, A. Topliceanu, F. Zhang, and F. Tramèr. Chainlink 2.0: Next steps in the evolution of decentralized oracle net- works, April 2021. https://research.chain.link/whitepaper-v2.pdf. [6] G. Caldarelli. Understanding the blockchain oracle problem: A call for action. Information, 11(11), 2020. [7] Y. Cao, C. Zou, and X. Cheng. Flashot: a snapshot of flash loan attack on defi ecosystem. arXiv preprint arXiv:2102.00626, 2021. [8] C. Dannen. Introducing Ethereum and solidity, volume 1. Springer, 2017. [9] DefiLlama. Ethereum transaction volume, 2024. https://defillama.com. [10] S. Eskandari, M. Salehi, W. C. Gu, and J. Clark. Sok: Oracles from the ground truth to market manipulation. In Proceedings of the 3rd ACM Conference on Advances in Financial Technologies, pages 127–141, 2021. [11] ETH. Cancun-deneb (dencun), March 2024. https://ethereum.org/en/ roadmap/dencun/#dencun. [12] T. M. Govind Singh Bisht. Cryptocurrency price prediction using lstm, arima, and linear regression. International Research Journal of Modernization in Engineering Technology and Science, 2023. [13] C. R. Harvey, A. Ramachandran, and J. Santoro. DeFi and the Future of Finance. John Wiley & Sons, 2021. [14] Y. Hirai. Defining the ethereum virtual machine for interactive theorem provers. In Financial Cryptography and Data Security: FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Sliema, Malta, April 7, 2017, Revised Selected Papers 21, pages 520–535. Springer, 2017. [15] P. J. Kaufman. Trading Systems and Methods,+ Website, volume 591. John Wiley & Sons, 2013. [16] T. Mackinga, T. Nadahalli, and R. Wattenhofer. Twap oracle attacks: Easier done than said? In 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), pages 1–8, 2022. [17] T. Mackinga, T. Nadahalli, and R. Wattenhofer. Twap oracle attacks: Easier done than said?, 2022. https://eprint.iacr.org/2022/445.pdf. [18] S. Malamud and M. Rostek. Decentralized exchange. American Economic Review, 107(11):3320–3362, 2017. [19] C. Nightingale. Woofi exploit \| hack analysis, May 2024. https://www.cyfrin. io/blog/hack-analysis-into-woofi-exploit. [20] A. Park. The conceptual flaws of constant product automated market making. Available at SSRN, 3805750, 2021. [21] PeckShield. Balancer hacks: Root cause and loss analysis, 2020. https://peckshield.medium.com/ balancer-hacks-root-cause-and-loss-analysis-4916f7f0fff5. [22] SharkTeam. Grim finance -flash loan and reentry, March 2022. https:// learnblockchain.cn/article/3628. [23] SharkTeam. Analysis of the mechanism behind the bh flash loan attack, October 2023. https://learnblockchain.cn/article/6735. [24] SharkTeam. Analysis of the mechanism behind the jimbos finance attack incident, May 2023. https://learnblockchain.cn/article/5887. [25] SharkTeam. Analysis of the mechanism behind the platypus finance attack incident, October 2023. https://learnblockchain.cn/article/6741. [26] SharkTeam. Themis protocol price manipulation, June 2023. https:// learnblockchain.cn/article/6078. [27] SlowMist. Analysis of the uwu lend hack, June 2024. https://slowmist.medium. com/analysis-of-the-uwu-lend-hack-9502b2c06dbe. [28] Uniswap. Constant product market maker model, Mar 2018. https://ethresear. ch/t/improving-front-running-resistance-of-x-y-k-market-makers/ 1281. [29] uwulend. Welcome to uwu lend, Sep 2022. https://medium.com/uwu-lend/ welcome-to-uwu-lend-4f54ad5b055f. [30] T.-H. Wang. Improving the resistance of flash loan attack using time-weighted av- erage price model. 2020. [31] S. Werner, D. Perez, L. Gudgeon, A. Klages-Mundt, D. Harz, and W. Knottenbelt. Sok: Decentralized finance (defi). In Proceedings of the 4th ACM Conference on Advances in Financial Technologies, pages 30–46, 2022. [32] wow@aave.com. Aave protocol whitepaper v1. American Economic Review, 2020. [33] S. M. B. Xun Deng, Han Dau. Safeguarding defi smart contracts against oracle deviations. arXiv preprint arXiv:2401.06044, 2024. Accessed: Jan 11, 2024. [34] F. L. Zhiyang Chen, Sidi Mohamed Beillahi. Flashsyn: Flash loan attack synthe- sis via counter example driven approximation (extended version). arXiv preprint arXiv:2206.10708, 2024. Accessed: Jan 12, 2024. [35] G. Zhou and Y. Zhu. An equilibrium model of moving-average predictability and time-series momentum. Unpublished working paper, Washington University in St. Louis, 2013.	-
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/96104	-
dc.description.abstract	自從 Aave 在 2018 年引入閃電貸功能後，盡管提高了 DeFi 上資產的流動性，但也吸引了許多駭客利用此功能進行價格操縱並套利。到了 2024 年，這類攻擊仍屢見不鮮。本文設計了 ATR_AWMA(Average True Range_Adaptive Weighted Moving Average) 演算法，旨在為項目方在報價時提供額外參考和保護。我們對該算法進行了模擬回測，使用了過去（2020 年）的數據，因為當時發生過一起重大的操作價格攻擊，和近期數據，因為近期也同樣發生了重大的操作價格攻擊，並和前人的論文結果做比較，取得了顯著成果。結果表明，ATR_AWMA 能穩定預測趨勢，防止價格被不當操縱。	zh_TW
dc.description.abstract	Since Aave introduced flash loans in 2018, while increasing asset liquidity in DeFi, it has also attracted hackers exploiting this feature for price manipulation and arbitrage. By 2024, such attacks remain prevalent. This paper presents the ATR_AWMA(Average True Range_Adaptive Weighted Moving Average) algorithm, designed to provide additional reference and protection for projects during price quotation. We conducted backtesting using both historical (2020), because a significant price manipulation attack occurred at that time and recent data, because there is also a significant price manipulation attack occurred recently, comparing our results with previous studies. The findings indicate that ATR_AWMA can reliably predict trends and prevent improper price manipulation caomparing to some traditional methods	en
dc.description.provenance	Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2024-10-15T16:05:28Z No. of bitstreams: 0	en
dc.description.provenance	Made available in DSpace on 2024-10-15T16:05:28Z (GMT). No. of bitstreams: 0	en
dc.description.tableofcontents	Acknowledgements i 摘要 i Abstract ii Contents iii List of Figures vi List of Tables vii Chapter 1 Introduction 1 1.1 Research Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 Research Contributions . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.3 Research Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Chapter 2 Background 4 2.1 DeFi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.2 Constant Product Market Maker Model . . . . . . . . . . . . . . . . 5 2.3 Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.4 Flash Loan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.5 Time-Weighted Average Price (TWAP) and Related Models . . . . . 8 2.6 WMA_KAI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.7 VWAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.8 Comparison of TWAP and VWAP in DeFi Security Research . . . . . 12 Chapter 3 Design and Experiment 15 3.1 Detailed Analysis of the UwU Attack Event . . . . . . . . . . . . . . 15 3.1.1 Attack Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 3.1.2 Attack Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.2 Introduction to ATR_AWMA Algorithm . . . . . . . . . . . . . . . . 17 3.2.1 ATR_AWMA Price Processing Formula Design . . . . . . . . . . . 17 3.2.2 Design Principle . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 3.2.3 Calculation Formula . . . . . . . . . . . . . . . . . . . . . . . . . . 22 3.2.4 Dynamic Weight Adjustment Mechanism . . . . . . . . . . . . . . 23 3.2.5 Advantages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 3.2.6 Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 3.2.7 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.3 Introduction to ATR Algorithm . . . . . . . . . . . . . . . . . . . . 25 3.3.1 Design Principle . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.3.2 Calculation Formula . . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.3.3 ATR_AWMA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 3.3.4 Advantages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 3.3.5 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Chapter 4 Evaluation and Discussion 29 4.1 Evaluation of ATR_AWMA Algorithm . . . . . . . . . . . . . . . . 29 4.2 Results Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 4.2.1 Data Comparison . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 4.2.1.1 Using data from 2020/01~2020/04 . . . . . . . . . . . 31 4.2.1.2 Using data from 2024/04 ~2024/06 . . . . . . . . . . . 38 4.3 Resistance to Price Manipulation during Flash Loan Attacks . . . . . 46 Chapter 5 Conclusion and Future Work 48 5.1 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 5.2 Future work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 References 51	-
dc.language.iso	en	-
dc.title	使用時間序列方法提升對預言機操作價格攻擊的抵抗力	zh_TW
dc.title	Enhancing Resistance to Oracle Price Manipulation Attacks Using Time Series Methods	en
dc.type	Thesis	-
dc.date.schoolyear	113-1	-
dc.description.degree	碩士	-
dc.contributor.oralexamcommittee	傅楸善;黃敬群;盧瑞山;李逸元	zh_TW
dc.contributor.oralexamcommittee	Chiou-Shann Fuh;Ching-Chun Huang;Ruei-Shan Lu;Yi-Yuan Lee	en
dc.subject.keyword	閃電貸攻擊,去中心化金融（DeFi）,價格預言機,自動化做市商（AMM）,時間加權平均價格,	zh_TW
dc.subject.keyword	Flash Loan Attack,Decentralized Finance (DeFi),Price Oracle,Automated Market Maker (AMM),Time Weighted Average Price Model(TWMA),	en
dc.relation.page	54	-
dc.identifier.doi	10.6342/NTU202404456	-
dc.rights.note	同意授權(限校園內公開)	-
dc.date.accepted	2024-10-08	-
dc.contributor.author-college	電機資訊學院	-
dc.contributor.author-dept	資訊網路與多媒體研究所	-
dc.date.embargo-lift	2029-10-08	-
顯示於系所單位：	資訊網路與多媒體研究所

文件中的檔案：

檔案	大小	格式
ntu-113-1.pdf 目前未授權公開取用	2.97 MB	Adobe PDF	檢視/開啟

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。