$25 million Ethereum MEV exploit puts ‘Code Is Law’ on trial

The trial of two brothers, Anton and James Peraire-Bueno, began yesterday at New York’s SDNY courthouse. The brothers, both in their twenties, were charged in May last year with “conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering.”

The charges relate to a $25 million exploit of maximal extractable value (MEV) bots on Ethereum which took place in April 2023.

The brothers are expected to argue that their actions were in line with the Ethereum’s “economic incentives” and all they did was “outsmart some ‘predatory’ automated trading bots,” Business Insider reports.

Yesterday’s jury selection was covered by Inner City Press’ Matthew Russell Lee who will continue to live-tweet the trial.

Read more: US indicts Ethereum validators for exploiting MEV trader

The charges

The complaint says the Peraire-Bueno brothers “fraudulently gained access to pending private transactions and used that access to alter certain transactions and obtain their victims’ cryptocurrency.

It adds that they “rejected requests to return the stolen cryptocurrency and took numerous steps to hide their ill-gotten gains.”

The document also points to the brothers’ educational background of “mathematics and computer science at one of the most prestigious universities in the country.”

Former Deputy Attorney General Lisa Monaco called their actions a “first-of-its kind wire fraud and money laundering scheme” at the time.

The exploit

The brothers’ actions targeted MEV bots on the Ethereum network. MEV bots analyze pending transactions looking for opportunities to profit, often at the expense of other users.

One classic example is of “sandwiching” other users’ transactions. MEV bots can insert their own transactions before and after a token swap to manipulate prices and make a profit where the initial user takes a loss.

A rogue validator on Flashbot seems to be exploiting MEV bots. Over 25m USD already stolen.

The validator takes a sandwich bundle from the MEV bot and replaces the victim transaction with it's own that exploits the MEV bot instead.

Here's how it works – pic.twitter.com/il3o9r41J1

— Mudit Gupta (@Mudit__Gupta) April 3, 2023

Read more: ‘Cryptographic performance art’ drains contract one block after launch

The highly technical April 2023 exploit took advantage of the first stage of such a “sandwich,” which is loss-making. It replaced the remainder of the MEV bots’ transaction bundle to capture the profit instead.

In exploiting Flashbots’ MEV-boost relay, the brothers’ validator sent a false signature, allowing a sneak peek at a block’s transactions.

This action incurred a slashing penalty of 1 ETH ($1,800 at the time), but led to $25 million of profit.

The argument

The “code is law” argument boils down to the idea that, if an autonomously executing, decentralized system allows a transaction to succeed, then that action should be deemed as falling within the rules of the system.

Business Insider, citing court documents, reports that the defence claims Ethereum has “no central authority” and that “economic incentives guide parties’ behavior.”

If those incentives are unable to prevent events like that of April 2023, it’s a systemic problem, not fraud. It also underlines the lack of a “promise to the victim” to class as fraud.

The brothers’ counsel appears keen to separate technical details from discussion of what should or shouldn’t be allowed on Ethereum.

In a letter submitted yesterday, they urge Judge Clarke to restrict Flashbots’ Bert Miller to his technical expertise only. They anticipate objecting to any mention of wider Ethereum “rules” or expectations for “‘honest’ validators.”

The problem

However, the complaint suggests that the brothers were well aware their plan would land them in trouble.

In spinning up the Ethereum validators necessary to conduct the exploit, they set up two companies in advance, and allegedly attempted to hide the profits after the fact.

Funds weren’t sent directly to the company exchange accounts, but first transferred across multiple wallets. During this process, $3 million was ordered frozen by foreign law enforcement.

The indictment also describes online searches for “how to wash crypto,” “cefi exchanges with no kyc,” “wire fraud statue [sic] of limitations,” and questions about extradition agreements.

The implication

The “code is law” theory has been brought up many times in the past. The hacker who stole $16 million from Indexed Finance in 2021 claimed to have simply outsmarted the protocol.

He later went on the run from Canadian law enforcement.

The following year, Avraham Eisenberg claimed to have executed a “highly profitable trading strategy” in draining lending platform Mango Markets of over $100 million.

Statement on recent events:

I was involved with a team that operated a highly profitable trading strategy last week.

— Avraham Eisenberg (@avi_eisen) October 15, 2022

Read more: What does Avraham Eisenberg’s ‘code is law’ defense mean for DeFi?

After asking “what are you gonna do, arrest me?” Eisenberg was arrested in Puerto Rico and found guilty last year. At trial, however, his defence opted to focus on a lack of evidence presented by prosecutors.

Although the decision was eventually overturned in May, Eisenberg remains in prison on separate charges. Child sexual abuse material was discovered during investigation of his devices in the Mango Markets case.

The Peraire-Bueno trial may prove the first major test of the “code is law” philosophy against the existing legal system.

Got a tip? Send us an email securely via Protos Leaks. For more informed news, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.