Written by: Lao Bai, ABCDE Investment Research Partner, Research Consultant at Amber Group

This article will introduce trends in MEV and privacy.

MEV is a technical topic that has become increasingly complex, especially after Ethereum's transition to POS. There are non-user roles involved in MEV such as Searcher, Builder, relayer, Validator, and Proposer, which can be overwhelming for those not familiar with the technology. There are various lengthy articles online explaining the principles of MEV, so I won't reiterate those here; instead, I will simply discuss the current state and technological trends.

Current State of MEV

MEV sandwich bots (also known as malicious MEV) often earn more than reasonable MEV (arbitrage and liquidation) and are a major source of income for many MEV participants. However, a recent incident involving a malicious Validator exploiting a relay vulnerability to replace sandwich bot transactions, resulting in a loss of $25 million for the bots, has caused quite a stir in the community and has led many bots to become more cautious.

In summary, most of the profits from MEV have gone to Searchers and Builders, while those developing MEV protocols or technologies have struggled to make money. Flashbots reportedly has not turned a profit with MEV-Boost (though Flashbots is a non-profit organization). Over the past few months, I have looked at at least 4 or 5 companies specializing in MEV, each with different technical approaches, but we haven't invested in any of them because, to be honest, I don't believe they can achieve stable profits (like the early Eden).

Current Technological Trends in MEV

1. Smart Slippage Management: This primarily targets cross-chain MEV, with projects working on it to save users from manually setting slippage and preventing sandwich attacks.

2. Threshold Encryption: This is something the Cosmos ecosystem excels at. Currently, Penumbra and Osmosis are likely working on it, where transactions entering the mempool are encrypted, effectively rendering MEV nearly useless.

3. Delayed Encryption: This uses a multi-signature style for threshold encryption, where 2/3 of validators decrypt the information. If deemed still insecure (due to the security assumptions of the validator committee), delayed encryption can be used to set encrypted information to automatically decrypt after a certain time. This mainly applies VDF technology, which is still in its early stages and reportedly has poor performance.

4. SGX Encryption: Similar to the previous two, but utilizes trusted hardware, primarily being developed by Flashbots' SUAVE.

5. Fair Sequencing Service (FSS): Outsourcing the sequencing task to a trusted entity to prevent MEV, currently being developed by Chainlink.

6. MEV Auction: A method proposed by people from OP, which Vitalik Buterin reportedly likes. It may be used in the future as a solution for Optimism's decentralized sequencer.

7. MEV-Share: Sharing MEV profits with users, a recent initiative by Flashbots. If it had been implemented earlier, the sandwich bot that lost $25 million could have potentially recovered about $18 million…

8. Mev-Blocker: Developed by Cowswap, it allows Searchers to bid to backrun your transactions (ultimately sharing 90% of the profits with you). Backrunning (primarily arbitrage and liquidation) is relatively mild within MEV, allowing users to avoid the more harmful FrontRunning and Sandwich Attacks.

9. PBS at the Ethereum Protocol Level: Separation of proposers and builders at the Ethereum protocol level, which, according to the Ethereum Foundation's usual style, is likely to happen after 2025…

Privacy has always been a sector I personally view with skepticism from an investment perspective, from the early Zcash to the later Tornado Cash and now Aleo and Iron Fish. The reason is simple: while it may be politically correct, it is not a necessity for 99% of users. Who cares about a transaction on Uniswap for a meme coin, borrowing on AAVE, or staking on Lido, except for hackers and a few institutions and whales?

Even if privacy is genuinely needed, it should be in the form of plugins like Aztec's Aztec-connect, serving mainstream DeFi protocols rather than building a "privacy public chain" from scratch. With the shutdown of Aztec Connect (possibly due to fears of SEC scrutiny or simply because it wasn't profitable), my bearish sentiment towards the privacy sector has intensified.

Currently, I have seen the following two new privacy designs in the primary market

The first type is based on Tornado Cash. Tornado's frontend has been banned, and its design has sparked controversy for helping hackers launder money while maintaining "political correctness." However, 80% of the funds in Tornado Cash are clean, with only about 10-20% being from hacker laundering, as there are indeed whales and institutions that need similar services to ensure privacy. Vitalik himself has used it.

Thus, I have seen multiple projects attempting to combine Tornado Cash with KYC. If there are concerns about hackers laundering money, wouldn't it be okay to ensure that incoming funds are clean through KYC and whitelisting?

However, this effectively shifts the regulatory risk to KYC providers, and KYC can theoretically be easily forged or purchased. If hackers use this "KYC-enabled Tornado Cash," once they pass KYC, it may actually facilitate illegal activities even more.

The second type is a design similar to Namada in Cosmos, called Multi-Asset Shielded Pool (MASP), where multiple privacy-protected assets share an anonymous set. Coupled with IBC's powerful interoperability, it can theoretically provide shielding protection for all mainstream assets on the Cosmos chain. For example, if you want to privately swap Osmo and Atom, it can be implemented in a manner similar to the diagram below.

I have also seen attempts to use homomorphic encryption for privacy, but homomorphic encryption is still too early in its development, with performance and operability not reaching a "truly usable" stage. It feels somewhat like ZK around 2017, and it will likely take another 5-10 years to develop to a usable state.

That's all for today. In the next issue, I will discuss new trends in the three major components of DeFi: Dex, lending, and stablecoins.