More to Extract: Discovering MEV by Token Contract Analysis

Imagine the blockchain as a giant, public auction house where people trade digital assets (tokens). In this auction, the order in which bids are placed matters immensely. If you can sneak your bid in right before a big purchase, you might buy something cheap and sell it immediately for a profit. This is called MEV (Maximal Extractable Value).

For a long time, researchers and "searchers" (profit-hunting bots) have been looking for these opportunities by watching the auction rules (the exchange contracts) or the traders themselves. They thought, "If I can predict how the price changes when someone swaps tokens, I can make money."

But this paper says: "You're looking at the wrong thing!"

The authors discovered a hidden source of profit that everyone else ignored: the tokens themselves.

The Core Idea: The "Magic Money Printer"

Most tokens are like standard dollars: if you have 100 dollars, you have 100 dollars. If you give 50 to a friend, you have 50 left.

But some tokens are like magic money printers. They have a special function (called a Rebase) that can suddenly change how many tokens everyone holds without anyone actually buying or selling them.

The Magic: If the token supply expands by 10%, everyone's balance suddenly jumps by 10%. If you had 100 tokens, you now have 110. If the pool had 1,000, it now has 1,100.

The New Strategy: The "Price-Insensitive" Trap

The paper introduces a new type of MEV called tMEV (Token-based MEV). Here is the analogy of how it works:

Imagine a Vending Machine (the Exchange) and a Magic Wallet (the Token).

The Setup: You find a vending machine that sells "Magic Tokens" for "Real Cash." Crucially, this machine is dumb. It calculates the price based on a fixed formula, not on how many tokens are currently inside the machine. It doesn't care if the machine suddenly gets 1,000 extra tokens dumped into it; it keeps the price the same.
The Trigger: A "victim" (or a random event) triggers the Magic Wallet to print more tokens for everyone. Suddenly, you and the vending machine both have more tokens.
The Profit: Because the vending machine is "dumb" (price-insensitive), it doesn't realize the supply has changed. It still thinks the price is low.
- You quickly buy more tokens from the machine at the old, low price.
- Because the machine didn't adjust the price, you get more tokens than you should have.
- You then sell those extra tokens back to the machine (or another machine) for a profit.

The Catch: If the vending machine was "smart" (price-sensitive), it would see the extra tokens, realize the supply increased, and raise the price immediately, killing your profit. But because the machine is "dumb," you get free money.

How the Paper Solves the Problem

The authors built a two-part robot system to find these opportunities:

tSCAN (The Detective):
- This tool scans thousands of token contracts like a detective looking for "suspects."
- It ignores the usual suspects (standard transfers) and looks specifically for the Magic Money Printer functions (the non-standard supply controls).
- It asks: "Does this token have a function that changes everyone's balance at once?"
tSEARCH (The Hunter):
- Once the detective finds a "Magic Token," the hunter looks for a "Dumb Vending Machine" (a price-insensitive exchange) that trades with it.
- It watches the live auction house for any transaction that triggers the "Magic Printer."
- The moment it sees the trigger, it calculates the perfect sequence of trades to squeeze out the profit before the market realizes what happened.

Why This Matters

The Blind Spot: Previous tools were like security guards looking only at the traders or the vending machines. They completely missed the fact that the tokens themselves could be rigged.
The Result: The authors tested their system and found that their bot could make 10 times more profit than the bots currently running on the Ethereum network.
The Impact: This reveals a massive, hidden layer of risk in the crypto world. If you are a liquidity provider (someone who puts money into these "dumb" vending machines), you might be losing money to these hidden tricks without even knowing it.

Summary in One Sentence

This paper discovered that some digital tokens can magically change their own supply, and if you trade them on exchanges that don't notice this change, you can print free money—a trick that current security tools are completely blind to.

Here is a detailed technical summary of the paper "More to Extract: Discovering MEV by Token Contract Analysis".

1. Problem Statement

The paper addresses a significant gap in Maximal Extractable Value (MEV) research: the discovery of MEV opportunities arising specifically from Token Smart Contracts, rather than just application-layer contracts (like DEX pools) or attacker contracts.

The Gap: Existing MEV discovery tools (e.g., Nyx, Foray, DeFiTainter) focus on application-layer logic or standard token functions (like transfer). They often fail to detect MEV opportunities generated by non-standard token supply control (TSC) mechanisms (e.g., rebase, mint, burn) when combined with price-insensitive exchanges.
The Core Issue: Many tokens (like AMPL) adjust supply via functions that update balances across all holders simultaneously. When these tokens interact with exchanges where the price is determined by internal reserves rather than current token balances (price-insensitive), a profit opportunity arises that current searchers miss.
Motivating Example: A "Sandwich" attack where a victim triggers a rebase (increasing token supply). If the exchange price is insensitive to the pool's balance change, the attacker can swap tokens before the rebase, benefit from the supply increase, and swap back after the rebase at the same price, netting a profit. Existing tools fail to detect this because the dependency spans across layers (token contract $\to$ pool contract) and manifests only at runtime.

2. Methodology

The authors propose a two-stage pipeline: tSCAN (Static Analysis) and tSEARCH (Dynamic Search).

A. tSCAN: Static Token Contract Analysis

tSCAN is a static analysis tool designed to identify Token Supply Control (TSC) functions within token contracts.

Token Supply Control (TSC) Definition:
- Type-1: Functions that change the total circulating supply (e.g., mint, burn).
- Type-2: Functions that synchronously update balances across multiple accounts using the same formula (e.g., rebase where $Balance_{new} = Balance_{old} \times factor$ ).
Algorithm:
1. tSDG Construction: Builds a Token System Dependency Graph (tSDG) capturing intra-procedural control/data dependencies and inter-procedural data dependencies.
2. Path Discovery: Traces execution paths backward from balanceOf return statements to identify data sources that can trigger multi-account balance updates.
3. Output: Identifies reachable execution paths (tPath) that control token supply, which are then used to generate static constraints.

B. Identifying Price-Insensitive Exchanges (PITEX)

The system identifies exchanges where the spot price does not change when the pool's token balance changes (unless a specific swap function is called).

Examples:
- Lending Protocols (e.g., Aave): Borrowing/repaying at fixed rates.
- Uniswap V3/V4: Spot price is determined by internal reserves updated only via swap calls, not direct transfers. Adding liquidity to inactive ticks also acts as a fixed-price swap.

C. tSEARCH: Constraint-Centric MEV Searcher

tSEARCH is an online searcher that combines static analysis results with real-time blockchain data.

Workflow:
1. Offline Phase: Uses tSCAN to generate static constraints (symbolic) based on TSC functions and PITEX templates.
2. Online Phase: Monitors the mempool for unconfirmed transactions.
3. Constraint Instantiation: When a transaction triggering a TSC function is detected, tSEARCH instantiates the static constraints with runtime values (e.g., current reserves, block state).
4. Solving: Uses the Z3 SMT solver to solve the dynamic constraints and synthesize a profitable transaction sequence (e.g., a sandwich attack: Swap In $\to$ Victim TSC $\to$ Swap Out).

3. Key Contributions

New Problem Definition: Defined TMEV (Token-based MEV), focusing on the composition of non-standard token supply controls and price-insensitive exchanges.
Novel Tooling:
- tSCAN: The first static analysis tool specifically for detecting non-standard TSC functions in token contracts.
- tSEARCH: A searcher capable of tracking multiple victim transactions and solving cross-layer constraints to find TMEV.
Formal Definitions: Formally defined TSC functions (Type-1 and Type-2) and Price-Insensitive Token Exchanges (PITEX), providing a theoretical basis for TMEV.
Template Generation: Developed specific TMEV templates (e.g., D1+: Sandwiching positive TSC with a price-insensitive pool) that capture profitable patterns previously overlooked.

4. Results & Evaluation

The authors evaluated their system on Ethereum Mainnet data:

Profitability: The proposed tSEARCH extracted 10 $\times$ more profit ($2.28 \times 10^6$) than observed MEV activity on the same 7,030 deployed pools.
Discovery: Identified 5,434 TSC tokens out of 22,279 analyzed token contracts, revealing a wide variety of mechanisms (explicit triggers, implicit state changes).
Accuracy:
- False Positive Rate: 1.8% (1/53).
- False Negative Rate: 0.40% (1/247).
Comparison with State-of-the-Art:
- Nyx: Failed to detect the profitable D1+ case (False Negative) because it relies on single-layer static analysis and cannot capture cross-layer runtime dependencies.
- Foray: Failed because it relies on standard token operations and cycle detection, missing non-cyclic TSC patterns.
- SmartCAT: Inapplicable as it only analyzes attacker contracts, whereas TMEV requires interleaving attacker and victim transactions.

5. Significance

Security Implications: The paper reveals that liquidity providers in price-insensitive pools (like Uniswap V3) and lending protocols are exposed to new, structural security risks via TMEV.
Market Efficiency: It highlights that a significant portion of potential MEV on Ethereum remains unextracted due to the lack of tools capable of analyzing token-layer logic.
Future Research: The work shifts the focus of MEV discovery from purely application-layer analysis to a compositional approach that includes token contract semantics.
Ethical Handling: The authors conducted simulations on historical data, did not release exploit code, and responsibly disclosed findings to the Uniswap community to improve protocol safety.

In summary, this paper demonstrates that Token Contracts are a fertile ground for MEV, and by analyzing them statically and combining them with price-insensitive exchange models, searchers can unlock substantial, previously invisible profits.