What Is MEV? Ethereum's Invisible Tax Explained
Alongside scaling and hacks, MEV is arguably the most serious issue Ethereum and similar smart contract blockchains face today.
- MEV stands for "Miner Extractable Value" or "Maximal Extractable Value."
- It refers to the extraction of value from Ethereum users by reordering, inserting, and censoring transactions within blocks.
- MEV is one of Ethereum's biggest issues, with more than $689 million extracted from users of the network year-to-date.
Share this article
By leveraging their discretionary power to sequence transactions within blocks, miners and validators can extract value from decentralized application users on Ethereum, greatly diminishing user experience and threatening the stability of the network.
MEV, the Invisible Tax on Ethereum Users
MEV is an abbreviation of “Miner Extractable Value” or “Maximal Extractable Value.” It refers to profits that can be made by extracting value from Ethereum users by reordering, inserting, or censoring transactions within blocks being produced. It typically affects decentralized finance (DeFi) protocol users interacting with automated market makers and other apps.
Interestingly, the problem of MEV in Ethereum was first identified in 2014—a year before Ethereum launched—by an analyst coder and long-time algorithmic trader operating under the pseudonym Pmcgoohan.
Horrified by what happened in 2008 and the aftermath of the global financial crisis, Pmcgoohan became enamored when he first heard about Ethereum and the idea of a programmable blockchain promising distributed and equitable markets. To use his own words, it “blew his mind.” He was “so excited about it,” but when he looked at Ethereum’s pre-Genesis draft documents, he found a critical flaw. Pcgoohan recognized that miners had total control of the transaction inclusion and ordering process, which meant that they could leverage this power to extract value from unsuspecting users of the protocol when it went live.
Pmcgoohan was, unfortunately, ahead of his time, and his warning fell largely on deaf ears. But in 2019, a group of researchers highlighted the same issue by publishing a paper called Flash Boys 2.0, where the term “MEV” was coined to describe the problem Pmcgoohan had unearthed years earlier.
Subsequently, Georgios Konstantopoulos’ and Dan Robinson’s Ethereum is a Dark Forest, and Samczsun’s Escaping the Dark Forest, published in August and September 2020 respectively, cemented MEV as a fundamental concept in crypto-economics and highlighted its importance as one of the most challenging and pressing issues the Ethereum research community faces today.
These articles revealed that MEV was not merely a theoretical issue, but a real phenomenon already occurring at a significant scale with concerning consequences for Ethereum users.
Why MEV Occurs
Before Ethereum transitioned from Proof-of-Work to Proof-of-Stake (an event now known as the “Merge” in the crypto space), miners were responsible for selecting and aggregating transactions into blocks. Crucially, they had complete autonomy in deciding which transactions from the mempool—an off-chain space where pending transactions await confirmation—they’d include in the blocks they mined.
As miners and sequencers optimized for profit, they used to select and order transactions by the highest gas price or transaction fees. However, the protocol did not require transactions to be ordered according to fees. Miners could leverage their discretionary ability to reorder transactions to extract additional profits from users. This “irregular” stream of revenue is MEV.
Although MEV is most frequently associated with Ethereum miners, it is neither a Proof-of-Work nor an Ethereum-exclusive issue. Moreover, “miner extractable value” is a somewhat misleading term. In reality, most MEV extraction pre-Merge was done by so-called “searchers”—usually arbitrage traders and bot operators—that actively sought and identified MEV opportunities on-chain and captured them in different ways. In contrast, miners only indirectly profited from these traders’ transaction fees. MEV exists on all smart contract-enabled blockchains with a party responsible for transaction ordering.
MEV: How it Worked on Proof-of-Work Ethereum
The best way to understand the MEV game pre-Merge is to look at it through the lens of its key players, including miners, searchers, users, decentralized applications, and protocol developers.
The miners or block producers were responsible for sequencing transactions and deciding which transactions to include in blocks and in what order. Miners could profit from the MEV game in two ways: first, by selling scarce block space to non-miner MEV extractors through so-called Priority Gas Auctions (PGA) in exchange for exorbitant transaction fees; second, by capturing MEV directly through reordering, including, or censoring transactions to profit from on-chain liquidation or arbitrage opportunities for themselves.
MEV also involves end-users, such as people taking out on-chain loans or trading on decentralized exchanges. Under Proof-of-Work, users were the most exploited party in this game as they emitted some amount of value that miners and non-miner MEV extractors could capture without giving anything back.
Decentralized applications and protocol developers play an auxiliary role here. The former create MEV opportunities through their design and the incentives they produce, while the latter establish the game’s base rules, such as giving block producers the power to sequence transactions, making MEV possible.
Finally, central to the MEV game were the searchers or the bot operators who sought to identify MEV opportunities and capture them in different ways. The two primary ways searchers participated in the MEV game were by bidding exorbitant gas prices in on-chain PGAs to have their transactions strategically placed at specific positions within blocks by miners and by expressing transaction ordering preferences to miners off-chain using novel MEV extraction tools like Flashbots.
The Searchers’ Typical MEV Extraction Process
In Proof-of-Work Ethereum, searchers began their MEV journey by monitoring the Ethereum blockchain using bots and automation tools for potential profit extraction opportunities.
After spotting an opportunity, they would analyze the logic behind the trade, conceptualize the attack vector, and create a bundle—one or more transactions grouped and executed in the order they’re provided—designed to materialize their MEV extraction goals when mined. Searchers’ transaction bundles could refer to other users’ pending transactions in the mempool and target specific blocks for inclusion.
Once searchers created a bundle, they would usually send it to a miner using off-chain networks like Flashbots’ MEV-Geth. This allowed them to avoid the public transaction pool and express their transaction ordering preferences fast and risk-free (they save on gas fees when their transactions are rejected) directly to miners.
Because searchers in aggregate would submit a huge amount of bundles and block space is limited, miners auctioned their block space through a Flashbots Auction—an off-chain first-price sealed-bid auction where searchers could privately communicate their bid and granular transaction order preference directly to the miners without paying for failed bids—and only include the most profitable transactions in their block.
When miners included a searcher’s bundle or a transaction in their block, the MEV extraction process was completed. The searcher’s transaction was confirmed on-chain, and if the MEV strategy was well-designed, the searcher would have extracted some value from other traders on Ethereum.
The Most Common Attacks
Front-running involves getting a transaction first in line in the execution queue ahead of a known pending transaction. On Ethereum, searchers run specialized front-running bots that scan the network for large orders on decentralized exchanges and submit competing transactions with higher gas fees to get them mined before the victim’s transaction.
A sandwich attack is a variation of front-running whereby a predatory trader places two transactions, one before and another right after a pending victim transaction. Searchers typically use sandwich attacks to extract MEV from unsuspecting traders on decentralized exchanges by manipulating the price of an asset. For example, a trader can identify a token a victim is about to buy and make a trade to push the price up, then sell the token straight after the victim’s buy order has further increased the price.
Back-running is the practice of getting a transaction ordered second in line or immediately after a known pending target transaction. Searchers typically employ back-running bots to monitor the mempool for new token pair listings or liquidity pools created on decentralized exchanges like Uniswap. When a bot finds a new token pair listing, it can place a transaction order immediately after the initial liquidity and buys as many tokens as possible, leaving only a small amount for other traders to buy later. The bot can then wait for the price to go up after other traders have purchased the tokens and sell at a higher price for a profit.
Liquidators are searchers that specialize in extracting MEV through liquidations of over-collateralized loans on decentralized on-chain protocols like Compound, Maker, Aave, and dYdX. Liquidators run specialized bots to monitor the network for transactions presenting liquidation opportunities and act to either front-run or back-run transactions to be the first to liquidate a loan. Liquidators extract MEV from unsuspecting borrowers by liquidating their loans before they can repay the debt, then profit by selling the borrowers’ collateral.
Time-bandit attacks are a novel type of attack only miners can execute that retroactively reorganize blocks to capture MEV opportunities in previously mined blocks. When MEV is high enough compared to block rewards, it can be rational for miners to destabilize the consensus to capture MEV in older blocks. For example, suppose a miner with significant mining power spots a $20,000 arbitrage opportunity in block 100 that is three blocks deep. Instead of mining the latest block to earn a much smaller block reward, they may decide to re-mine block 100, as well as blocks 101 and 102, to capture the arbitrage opportunity and have a longer chain than the miner who originally mined the block.
MEV on Proof-of-Stake Ethereum: What Has Changed?
The fundamental change brought forth by Ethereum’s transition to Proof-of-Stake is that validators now occupy the role previously held by miners. Instead of miners expanding vast amounts of electricity to sequence and validate transactions and embed blocks to the blockchain, the same task is now done by validators running much lighter hardware and staking ETH in smart contracts.
Because operating validator nodes in post-Merge Ethereum is significantly simpler than running a mining operation on the previous version of the network, there has been a significant influx of new entrants participating in Ethereum’s core protocol operations that lack the skills and resources to build MEV-optimized and profitable blocks the same way that miners could. For this reason, the Merge has created conditions for a new approach to MEV to emerge called Protocol/Builder Separation (PBS).
What is Protocol/Builder Separation?
PBS splits the responsibilities of Proof-of-Stake validators into two roles: block building and block proposing. It is currently implemented by protocols like Flashbots and Manifold and will soon likely be implemented on the core protocol level of Ethereum.
Block builders are specialized entities that accept transactions from users and searchers and compete to build the most profitable blocks possible from those transactions. On the other hand, block proposers are the validators that will simply pick the highest-bid blocks proposed by the block builders and validate them or embed them in the blockchain. Because block proposers can’t directly accept and evaluate the highest-bid blocks from block builders until PBS is implemented directly on Ethereum, they must currently rely on centralized third parties, called “relays,” which are responsible for aggregating blocks from builders, figuring out which are the most profitable, and then relaying them to the validators for signing.
The PBS approach is set to be implemented on Ethereum because MEV extraction has heavily centralizing effects in Proof-of-Stake systems. Namely, dominant validators (those staking the most ETH and running the most validator nodes) are often able to propose the most blocks on the network and therefore extract the most MEV, allowing them to earn more money and then stake more ETH to become even more dominant validators. If left unchecked, this flywheel effect could lead to a couple or, even worse, a single validator capturing almost all MEV opportunities on Ethereum.
To optimize for decentralization, Ethereum plans to separate the role of block building—a competitive game requiring sophisticated hardware, algorithms, and information to win—from simple validating or staking that should ideally be accessible to all network users. By introducing block builders as new entities, Ethereum aims to abstract away the centralizing forces produced by MEV capture to another “sub-protocol” level that won’t damage the network’s decentralization prospects.
How PBS Could Change The MEV Landscape
Introducing block builders as separate block construction entities involves novel forms of game theory, the effects of which remain largely unexplored. For example, the new standard for block building under Proof-of-Stake could introduce new block proposals that entirely exclude malicious types of MEV, like sandwich attacks. These blocks would, by default, be less profitable for block builders and validators from an MEV point of view, potentially leading the latter to censor them or not embed them in the blockchain.
However, once users become aware of this practice, they could begin to question why specific validators are choosing blocks that seek to exploit them over those that actively protect them. As a result, Ethereum users, which in large part could be stakers themselves, could decide to retaliate against these validators through some form of socially organized slashing or by delegating their stakes to benevolent validators, making the latter more dominant.
Block builders could also choose only to build blocks that reward network participants by redistributing the MEV captured from the transactions back to the users. This could lead to users prioritizing validators that only accept blocks from these types of benevolent block builders. However, in Proof-of-Stake systems, there’s typically a significant overlap between normal network users and stakers, which creates a relatively strong dichotomy. Namely, the same person could prefer validators that don’t optimize for MEV capture from a user’s point of view, yet prefer delegating their ETH stakes to validators generating the highest yield precisely through MEV capture from a staker’s point of view.
Another interesting unaccounted externality is that some centralized validator services could decide to censor blocks coming from block builders that include sanctioned or otherwise risky transactions. If that becomes the case, users that strongly favor decentralization could start using specialized RPCs that relay transactions only to block builders that don’t censor transactions based on arbitrary regulatory requirements. This could lead to regulated validators like Coinbase or Kraken becoming even less dominant.
What Does PBS Mean for Post-Merge Ethereum Stakers?
Aside from the heavily reduced electricity consumption and ETH token emissions, another good thing for network users about Ethereum’s transition to Proof-of-Stake is that they can now easily earn validator rewards and capture the profits made by MEV extraction themselves.
While the exact value of MEV captured by validators as opposed to other network participants like block builders, relays, Layer 2 sequencers, applications, and users remains unclear, most subject matter experts believe it will be significant. According to the leading institutional staking service provider Figment, MEV extraction could boost validator rewards by around 50%.
On the other hand, an anonymous Ethereum researcher going under the name pintail has calculated that if the MEV returns remained the same as the last year of the pre-Merge era, the median staking of validator returns would come at around 6.1%. This means that the profits from MEV capture alone could account for around one-fourth of staking returns, considering the current annualized yield for running an Ethereum validator of around 4.64%. However, since MEV extraction is a very competitive game requiring distinct know-how, some validators could employ much more profitable strategies than others and generate yields that are significantly greater than the median for stakers.
Ethereum’s merge to Proof-of-Stake will also eventually give users more control over the processing of their transactions by allowing them to pick their preferred block builders and validators through specialized RPCs based on different criteria. If users end up favoring agents that refuse to censor transactions, this will make Ethereum more robust and resistant to regulatory capture. On the other hand, if they start favoring agents that optimize for higher MEV extraction, it would make the network more exploitative for on-chain traders but also more lucrative for retail stakers.
How Bad Is MEV?
According to Flashbots’ data, which only measures the lower bound of total extracted MEV and tracks only eight DeFi protocols, more than $675 million has been extracted from unsuspecting users of the Ethereum network since Jan. 1, 2020.
In addition to scaling and attacks, MEV was one of the biggest issues on the old Proof-of-Work-based Ethereum. Pmcgoohan argued that MEV auctions would kill the Ethereum network. While Pmcgoohan takes a pessimistic view, the negative implications of MEV extraction are many and varied. The biggest one is that MEV represents an invisible tax that validators, searchers, and block builders collect from users. Every dollar extracted through MEV is a dollar lost for regular users. Some would go as far as to describe it as theft.
While on-chain MEV extraction used to cause network congestion and put upward pressure on gas prices, this has been largely mitigated through MEV services like Flashbots that provide private relays for off-chain transaction bundles and block bidding. MEV also destabilizes Ethereum on a protocol level because it brings transaction finality and immutability into question. If MEV is bigger than the block rewards, validators are incentivized to destabilize consensus. If they can reorder transactions in previous blocks for profit, the entire premise of blockchains as secure, predictable, and permissionless ledgers falls apart.
In light of the recent debate concerning the implications of the U.S. Treasury’s sanctions on the smart contract-based decentralized privacy protocol Tornado Cash on staking service providers, the status of centralized block building, relay, and staking service providers as credibly neutral agents could come under increased scrutiny. This could theoretically lead to undesired enforcement actions over these entities, severely damaging the Ethereum network or pushing it toward even greater decentralization.
Is MEV Inevitable?
Most subject matter experts have concluded that MEV is inevitable. There are two schools of thought when it comes to this topic. The first school maintains that MEV is unavoidable, so the crypto community should try to alleviate the symptoms and subdue the negative externalities. The other school believes that the MEV problem is solvable, and hence the community should focus its efforts on trying to prevent it.
Flashbots, the leading research and development organization in the field, belongs to the first camp. It focuses on building tools such as MEV-Geth and MEV-boost that “democratize access to MEV revenue and bring transparency to MEV.” In that regard, MEV-Geth was effectively a product offering Front-running as a Service (FaaS) to miners and MEV extractors, while MEV-boost does the same for Proof-of-Stake validators.
Proponents of the first school argue that, given the inevitability of MEV, FaaS is net beneficial because it eliminates negative externalities such as high transaction fees and network congestion while making up for the lost revenue from Ethereum’s EIP-1559 fee burning update.
On the other hand, some believe that FaaS is theft. Cornell University researchers have long advocated for an alternative solution, while computer science professor Edward Felten has claimed that MEV auctions increase centralization and exacerbate the problem for Ethereum users. Pmcgoohan also identifies with the second camp, arguing that MEV can be avoided. Critiquing Flashbots’ approach, Pmcgoohan suggests that MEV could be solved if the community builds “a consensus view of the mempool ordering transactions by time where it is discoverable.”
In the second camp, researchers are already gaining ground in minimizing or removing MEV by designing protocols that order transactions fairly. Current application-level solutions include ChainLink’s Fair Sequencing Service, Offchain Labs’ Abritrum, and Automata Network’s Conveyor. Furthermore, the separation of block builders and block proposers reduces some of the negative externalities of MEV extraction, like validator centralization and excessive user exploitation.
While all of these protocols and methods approach the MEV problem in varying ways, they depend on DeFi applications, validators, and block builders implementing them on a case-by-case basis. An ultimate, protocol-level panacea is yet to be implemented.
Disclosure: At the time of writing, the author of this feature held ETH. This feature was updated on September 16, 2022, to reflect changes to the Ethereum ecosystem after its transition to a Proof-of-Stake consensus mechanism.