Hi, I recently asked about encoding the data I am sending to my own intermediate contract, but the question was incorrect.
Now I want to rephrase that. I am creating an arbitration bot that works with PancakeSwap. Since there are many sandwich bots on the network, many of my transactions will be attacked, and I want to secure them. The first thing I do is I create an intermediate contract that will redirect the data to PacnakeSwap. When I send a transaction to PancakeSwap , in mempool all the sandwich bots view my transaction and can attack it, but if I send my transaction first to my contract and only then to PancakeSwap, not all the sandwich bots will view it, because they don't look at my intermediate contract. After that, they still have the option to find my contract address to view it and attack, they can analysis internal state of PacnakeSwap contract and find all call operation and find my intermediate contract. Imagine that one of the attackers finds my intermediate contract and tries to add my contract to his software for analysis. With bscscan, he will see all my transactions. Right now I am sending the transaction as follows: I create data for pancakeSwap using pancakeSwap abi(swapExactTokenForTokens(uint256 Amount, uint256 amountOutMin, address[] path, uint256 deadline, address to) ) and send them to the intermediate contract, and then my intermediate contract sends them to PacnakeSwap. And the data that is sent to the intermediate contract will look like this:
0x38ed17390000000000000000000000000000000000000000000000003f8f6dbbef4a00000000000000000000000000000000000000000000000000018db72e106705577800000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000f9ad75b5446d2ce9b4236a66cc0b06b3d277e4580000000000000000000000000000000000000000000000000000000064cb5ea70000000000000000000000000000000000000000000000000000000000000002000000000000000000000000ec1f55b5be7ee8c24ee26b6cc931ce4d7fd5955c00000000000000000000000055d398326f99059ff775485246999027b3197955
The above data is simple data for "swapExactTokenForTokens". An attacker can decrypt this data and easily add my contract to his software for analysis. In this case, I see only one solution - to encode the data that I am sending to the intermediate contract and decode it in the contract and call the "swapExactTokenForTokens" method of the PancakeSwap contract. Now I use "XOR" encoding for this, but this operation cost ~26000 gas. Is there a way to encode them correctly and cheaply?
Aug 3, 2023, 8:50 AM
all blockchain data is always public
they will be able to scan your "intermediate" contract, they will still be able to see that your contract has earnings
Aug 3, 2023, 9:51 AM
Yes, I know, but I want to make it difficult to scan
Aug 3, 2023, 9:52 AM
but its just matter of time until they will sandwich you
the call from your intermediate contract to PCS is totally transparent, they will see what coins you trade for how much, and how much profit you make
that the only thing they need
what you do before, and calling your intermediate contract is totally irrelevant for them anyway
Aug 3, 2023, 9:53 AM
Many of them, in view of the complexity, will miss my contract, so at least fewer sandwich bots will analyze me
Aug 3, 2023, 9:54 AM
You can encode it offchain to save gas...
Aug 3, 2023, 11:02 AM
I encode it off chain and decode in smart contract but XOR-decode cost a lot
Aug 3, 2023, 11:26 AM
Trying to prevent frontrunning bots from understanding your transaction is futile as long as you are sending the data via the mempool
Aug 15, 2023, 1:13 PM
Btw xor operation is not encoding, it's just a binary operation
Aug 15, 2023, 1:37 PM