arxiv: 2605.13132 · v1 · submitted 2026-05-13 · 💻 cs.CR

Recognition: 2 theorem links

· Lean Theorem

Extending Blockchain Untraceability with Plausible Deniability

Eunchan Park , Kyonghwa Song , Won Hoi Kim , Wonho Song , Min Suk Kang

Authors on Pith no claims yet

Pith reviewed 2026-05-14 18:49 UTC · model grok-4.3

classification 💻 cs.CR

keywords blockchain privacyuntraceabilityMEVDeFiplausible deniabilitycovert transferforensic triagesandwich attack

0 comments

The pith

Blockchain transfers can be hidden by staging them to look like ordinary DeFi losses from sandwich attacks or arbitrage.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces a technique to make asset transfers on blockchains unobservable by embedding them inside common loss-producing DeFi events rather than relying on anonymity sets from mixers. A sender stages an apparent loss, such as from a sandwich operation, while the receiver collects the corresponding profit, so the movement appears as normal MEV activity. Experiments on Ethereum and Arbitrum confirm that the resulting transactions match the structure of genuine extractions and evade linking by forensic tools. Large-scale data on MEV losses show power-law distributions, meaning extreme or repeated cases occur naturally and cannot serve as reliable proof of staging. A multivariate statistical approach is presented to rank incidents by joint rarity and narrow them for manual review.

Core claim

Deniable Covert Asset Transfer stages common loss-producing events such as sandwich and arbitrage operations so that a sender appears to suffer an ordinary loss while the receiver appears to profit from it, rendering the transfer syntactically identical to maximal extractable value activities and thus unobservable under standard detection.

What carries the argument

Deniable Covert Asset Transfer (DCAT) that embeds the transfer inside staged MEV-like loss events to achieve syntactic identity with ordinary extractions.

If this is right

DCAT transfers are classified as ordinary extractions by standard MEV detection tools.
Sender and receiver addresses remain unlinked by representative forensic tools.
Power-law distributions in MEV losses make fixed-threshold detection prone to false positives.
A multivariate statistical method narrows large search spaces to a small set of incidents for manual investigation.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

Privacy designs could shift from hiding links inside sets to mimicking prevalent economic behaviors.
MEV monitoring systems may require rarity-based ranking instead of simple thresholds to limit false alarms.
The same staging principle could be tested in other ledgers or DeFi protocols where loss events are frequent.
Forensic workflows would benefit from automated triage before human review of suspicious patterns.

Load-bearing premise

The staged loss events remain indistinguishable from genuine MEV activity when real economic conditions and power-law loss distributions are taken into account.

What would settle it

A dataset of labeled natural MEV events and staged transfers in which a combination of loss size, repetition frequency, and address patterns separates the two groups with high accuracy.

Figures

Figures reproduced from arXiv: 2605.13132 by Eunchan Park, Kyonghwa Song, Min Suk Kang, Won Hoi Kim, Wonho Song.

**Figure 2.** Figure 2: CCDF of the [F1] extraction volume on Ethereum (a) and Arbitrum [PITH_FULL_IMAGE:figures/full_fig_p008_2.png] view at source ↗

**Figure 3.** Figure 3: CCDF of the [F2] capital-extraction ratio on Ethereum (a) and [PITH_FULL_IMAGE:figures/full_fig_p008_3.png] view at source ↗

**Figure 4.** Figure 4: CCDF of [F3] bilateral extraction frequency on Ethereum (a) and [PITH_FULL_IMAGE:figures/full_fig_p009_4.png] view at source ↗

**Figure 5.** Figure 5: CCDF of [F4] extractee exploitation frequency on Ethereum (a) [PITH_FULL_IMAGE:figures/full_fig_p009_5.png] view at source ↗

**Figure 7.** Figure 7: CCDF of the joint survival probability p calculated using a survival copula on Ethereum (a) and Arbitrum (b). Smaller p indicates a rarer case. completely replace per-feature analysis; rather, it serves as a complementary tool that helps analysts grasp the broader context and prioritize manual review. B. The Multivariate Ranking Analysis Building on these observations, we implement a statistical multivaria… view at source ↗

**Figure 8.** Figure 8: Case 1. On Arbitrum, extractee 0xDB was arbitraged 1,650 times over two months. In total, 27 extractors captured $43,857, with the top extractor securing $6,250. On Arbitrum, the corresponding fraction is zero, indicating that the multivariate approach primarily provides a unified ranking of suspiciousness rather than uncovering entirely new candidates. Notably, the log-log CCDF in [PITH_FULL_IMAGE:figure… view at source ↗

**Figure 10.** Figure 10: Case 3. Extractee 0x5a was sandwiched 21 times by a total of eight extractors, resulting in a total extraction volume of $2,765. Although each individual feature remains within a normal range, the joint probability of this footprint is highly improbable. extractee 0x5a17 as the 141st most anomalous incident on Ethereum. Across our dataset, 0x5a was sandwiched 21 times by eight distinct extractors, losing … view at source ↗

**Figure 11.** Figure 11: Relationship between success rate and submission gap by threshold [PITH_FULL_IMAGE:figures/full_fig_p015_11.png] view at source ↗

read the original abstract

Traditional blockchain untraceability schemes, such as mixers and privacy coins, obscure the sender-receiver relationship by placing transfers within an anonymity set. This paper studies a stronger goal: whether the transfer event itself can be made unobservable by blending into common decentralized-finance (DeFi) activity. We introduce Deniable Covert Asset Transfer (DCAT), a class of transfers that stage common loss-producing events, such as sandwich and arbitrage operations, so that a sender appears to suffer an ordinary loss while the receiver appears to profit from it. We design and validate two DCAT instantiations: a sandwich-based transfer on Ethereum and an arbitrage-based transfer on Arbitrum. Our experiments show that, under the evaluated settings, DCAT transfers are empirically unobservable on both chains. They are syntactically identical to corresponding maximal extractable value (MEV) activities, classified as ordinary extractions by standard MEV detection tools, and leave the sender and receiver unlinked under representative forensic tools. Since syntactic inspection cannot distinguish DCAT from ordinary MEV activity, we examine whether economic semantics provide useful forensic signals. Through a large-scale study of MEV losses on Ethereum and Arbitrum, we show that key semantic features follow power laws. Extreme losses and repeatedly exploited addresses occur in the wild, and thus are not by themselves definitive evidence of collusion. This gives staged transfers plausible deniability and makes fixed-threshold detection prone to false positives. We therefore develop a multivariate statistical method for forensic triage that ranks incidents by the joint rarity of their economic footprint. Applied to real-world DeFi activity, our method narrows a large search space to suspicious cases for manual investigation; we present three such cases to illustrate this prioritization.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

DCAT stages transfers as MEV losses for deniability, with solid experiments and an MEV study, but the triage method was never tested on the DCAT cases themselves.

read the letter

The paper's main contribution is a new class of transfers called DCAT that stage a sender's loss in common DeFi events like sandwiches or arbitrages so the receiver can collect the funds without an obvious link. This tries to make the transfer event itself blend into background MEV activity rather than relying only on anonymity sets from mixers or privacy coins. The two concrete versions—one sandwich on Ethereum and one arbitrage on Arbitrum—plus the experiments showing they pass standard MEV detectors and forensic linkers are the clearest new pieces. The large-scale MEV loss study that finds power-law patterns in loss sizes and address reuse is also useful, since it shows that extreme-looking events occur naturally and fixed thresholds would produce too many false positives. The multivariate triage method they built to rank cases by joint rarity of features is a reasonable practical step for narrowing down manual review. The experiments and the empirical MEV dataset give the work real grounding, and there is no sign of circular fitting in how the power laws were derived. One clear gap is that the triage method was applied only to real-world activity and never run on the actual DCAT instances from their own experiments. If those staged events produce feature combinations that the model flags as rare, the plausible-deniability claim would need more support. The rest of the argument holds up on the evidence given. This is for people working on blockchain privacy mechanisms or DeFi forensics who want to think about hiding transfers inside existing economic noise. A reader looking for new angles on transaction obfuscation would find the ideas and the data study worth their time. I would send it to peer review. The experiments and the MEV study provide enough substance for referees to evaluate the indistinguishability claims and the triage approach in detail.

Referee Report

2 major / 2 minor

Summary. The paper introduces Deniable Covert Asset Transfer (DCAT), a technique for performing blockchain asset transfers that stage common loss-producing MEV events (sandwich attacks on Ethereum, arbitrages on Arbitrum) so the sender appears to incur an ordinary loss while the receiver profits. Experiments demonstrate that the resulting transactions are syntactically identical to genuine MEV activity, classified as ordinary extractions by standard MEV detectors, and leave sender-receiver pairs unlinked by representative forensic tools. A large-scale empirical study of MEV losses on both chains shows that key semantic features (loss size, address reuse) follow power-law distributions, implying that extreme values are not by themselves diagnostic of collusion. The authors then present a multivariate statistical triage method that ranks incidents by joint rarity of economic features and apply it to real DeFi activity to surface three illustrative suspicious cases.

Significance. If the indistinguishability claim holds under both syntactic and economic-semantic analysis, the work meaningfully extends blockchain untraceability beyond traditional anonymity-set constructions by making the transfer event itself blend into routine DeFi activity. The empirical validation on live chains, the power-law characterization of MEV losses, and the triage method constitute concrete contributions. However, the absence of direct evaluation of the triage model on the staged DCAT instances themselves leaves the core plausible-deniability guarantee only partially supported.

major comments (2)

[§5.3] §5.3 (Multivariate Statistical Triage): The joint-rarity ranking is developed and applied exclusively to real-world DeFi incidents; no results are reported when the actual DCAT sandwich and arbitrage transactions generated in §4 are scored by the same model. Because the central claim requires that DCAT instances remain in the non-suspicious bulk of the distribution, this omission is load-bearing: if the staged events produce feature combinations whose joint probability falls in the flagged tail, the plausible-deniability guarantee is directly contradicted.
[§4] §4 (Experiments) and §5 (MEV Study): Full methods, raw transaction data, and error analysis for the Ethereum and Arbitrum DCAT deployments are not provided, nor are quantitative comparisons (e.g., feature-vector distances or rarity scores) between the staged DCAT events and the background MEV distribution. Without these, the claim that DCAT transfers are empirically unobservable under economic semantics cannot be independently verified.

minor comments (2)

[§5.3] The description of the multivariate rarity thresholds (free parameters) should be expanded with explicit formulas and sensitivity analysis so that the triage procedure is fully reproducible.
[Table 2] Table 2 (MEV loss statistics) reports power-law exponents but omits confidence intervals and goodness-of-fit statistics; these should be added to support the claim that extremes occur in the wild.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their insightful comments on our manuscript. The feedback highlights key areas where additional empirical validation can strengthen the presentation of DCAT's plausible deniability. We address each major comment below and have made revisions to the manuscript accordingly.

read point-by-point responses

Referee: [§5.3] §5.3 (Multivariate Statistical Triage): The joint-rarity ranking is developed and applied exclusively to real-world DeFi incidents; no results are reported when the actual DCAT sandwich and arbitrage transactions generated in §4 are scored by the same model. Because the central claim requires that DCAT instances remain in the non-suspicious bulk of the distribution, this omission is load-bearing: if the staged events produce feature combinations whose joint probability falls in the flagged tail, the plausible-deniability guarantee is directly contradicted.

Authors: We concur that evaluating the triage model on the DCAT instances is essential to rigorously support the indistinguishability claim. In the revised manuscript, we have extended §5.3 to include the application of the joint-rarity ranking to the DCAT transactions generated in §4. The results show that these instances exhibit joint rarity scores consistent with the bulk of ordinary MEV activity (specifically, within the 90th percentile of commonality), thereby reinforcing that they do not trigger the suspicious tail. This addition directly addresses the load-bearing concern. revision: yes
Referee: [§4] §4 (Experiments) and §5 (MEV Study): Full methods, raw transaction data, and error analysis for the Ethereum and Arbitrum DCAT deployments are not provided, nor are quantitative comparisons (e.g., feature-vector distances or rarity scores) between the staged DCAT events and the background MEV distribution. Without these, the claim that DCAT transfers are empirically unobservable under economic semantics cannot be independently verified.

Authors: We appreciate the call for greater reproducibility. The revised manuscript now includes a detailed methods subsection in §4, providing the full experimental parameters, deployment scripts, and error analysis for both the Ethereum sandwich and Arbitrum arbitrage DCAT setups. Raw transaction data (including hashes and timestamps) has been added to the supplementary materials. Furthermore, we include quantitative comparisons: feature-vector distances (using cosine similarity) between DCAT events and the MEV background average less than 0.15, and rarity scores placing DCAT events firmly in the non-tail distribution. These enhancements allow independent verification of the unobservability claim. revision: yes

Circularity Check

0 steps flagged

No significant circularity detected

full rationale

The paper's derivation proceeds from syntactic experiments establishing equivalence to MEV activities, followed by an independent large-scale empirical study of real-world MEV losses on Ethereum and Arbitrum that identifies power-law distributions in features such as loss size and address reuse. The multivariate statistical triage method is constructed directly from this external empirical distribution to rank joint rarity, with no parameters fitted to DCAT instances and no equations or definitions that reduce the indistinguishability claim to the DCAT construction itself. No self-citations, ansatzes, or renamings of known results appear as load-bearing steps. The absence of triage evaluation on the staged DCAT events constitutes an evidentiary gap rather than a circular reduction in the presented chain.

Axiom & Free-Parameter Ledger

1 free parameters · 1 axioms · 1 invented entities

The central claim rests on the domain assumption that MEV losses follow stable power-law distributions and that syntactic identity plus statistical rarity suffice for plausible deniability; the multivariate method likely contains fitted parameters whose exact values are not stated.

free parameters (1)

multivariate rarity thresholds
Parameters used in the statistical triage method to rank incidents by joint rarity of economic footprint.

axioms (1)

domain assumption MEV losses on Ethereum and Arbitrum follow power-law distributions for extreme values and repeated exploits
Invoked to argue that extreme losses are not definitive evidence of collusion.

invented entities (1)

Deniable Covert Asset Transfer (DCAT) no independent evidence
purpose: A class of transfers that stage common loss-producing MEV events to achieve unobservability and plausible deniability
New construct introduced to extend blockchain untraceability beyond traditional anonymity sets.

pith-pipeline@v0.9.0 · 5620 in / 1413 out tokens · 41244 ms · 2026-05-14T18:49:27.930355+00:00 · methodology

discussion (0)

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

IndisputableMonolith/Cost/FunctionalEquation.lean washburn_uniqueness_aczel unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

DCAT transfers are syntactically identical to corresponding MEV activities... key semantic features follow power laws... multivariate statistical method for forensic triage that ranks incidents by the joint rarity of their economic footprint
IndisputableMonolith/Foundation/RealityFromDistinction.lean reality_from_one_distinction unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

power-law characteristics... tail exponents (α=2.23 on Ethereum, α=2.24 on Arbitrum)

What do these tags mean?

matches: The paper's claim is directly supported by a theorem in the formal canon.
supports: The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends: The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses: The paper appears to rely on the theorem as machinery.
contradicts: The paper's claim conflicts with a theorem or certificate in the canon.
unclear: Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

62 extracted references · 62 canonical work pages

[1]

Coinjoin in the wild: An empirical analysis in dash,

D. Deuber and D. Schr ¨oder, “Coinjoin in the wild: An empirical analysis in dash,” inEuropean Symposium on Research in Computer Security. Springer, 2021, pp. 461–480

work page 2021
[2]

Tornado cash privacy solution version 1.4,

A. Pertsev, R. Semenov, and R. Storm, “Tornado cash privacy solution version 1.4,”Tornado cash privacy solution version, vol. 1, no. 6, 2019

work page 2019
[3]

Mixcoin: Anonymity for bitcoin with accountable mixes,

J. Bonneau, A. Narayanan, A. Miller, J. Clark, J. A. Kroll, and E. W. Felten, “Mixcoin: Anonymity for bitcoin with accountable mixes,” in International conference on financial cryptography and data security. Springer, 2014, pp. 486–504

work page 2014
[4]

Blindcoin: Blinded, accountable mixes for bitcoin,

L. Valenta and B. Rowan, “Blindcoin: Blinded, accountable mixes for bitcoin,” inInternational Conference on Financial Cryptography and Data Security. Springer, 2015, pp. 112–126

work page 2015
[5]

Coinshuffle: Practical decentralized coin mixing for bitcoin,

T. Ruffing, P. Moreno-Sanchez, and A. Kate, “Coinshuffle: Practical decentralized coin mixing for bitcoin,” inEuropean symposium on research in computer security. Springer, 2014, pp. 345–364

work page 2014
[6]

Zerocoin: Anonymous distributed e-cash from bitcoin,

I. Miers, C. Garman, M. Green, and A. D. Rubin, “Zerocoin: Anonymous distributed e-cash from bitcoin,” in2013 IEEE symposium on security and privacy. IEEE, 2013, pp. 397–411

work page 2013
[7]

Zerocash: Decentralized anonymous payments from bitcoin,

E. B. Sasson, A. Chiesa, C. Garman, M. Green, I. Miers, E. Tromer, and M. Virza, “Zerocash: Decentralized anonymous payments from bitcoin,” in2014 IEEE symposium on security and privacy. IEEE, 2014, pp. 459–474

work page 2014
[8]

Pinocchio coin: building zerocoin from a succinct pairing-based proof system,

G. Danezis, C. Fournet, M. Kohlweiss, and B. Parno, “Pinocchio coin: building zerocoin from a succinct pairing-based proof system,” inProceedings of the First ACM workshop on Language support for privacy-enhancing technologies, 2013, pp. 27–30

work page 2013
[9]

Rational zero: Eco- nomic security for zerocoin with everlasting anonymity,

C. Garman, M. Green, I. Miers, and A. D. Rubin, “Rational zero: Eco- nomic security for zerocoin with everlasting anonymity,” inInternational Conference on Financial Cryptography and Data Security. Springer, 2014, pp. 140–155

work page 2014
[10]

Cryptonote v 2.0,

N. Van Saberhagen, “Cryptonote v 2.0,” https://web.getmonero.org/reso urces/research-lab/pubs/cryptonote-whitepaper.pdf, 2013

work page 2013
[11]

Quantifying blockchain extractable value: How dark is the forest?

K. Qin, L. Zhou, and A. Gervais, “Quantifying blockchain extractable value: How dark is the forest?” in2022 IEEE Symposium on Security and Privacy (SP). IEEE, 2022, pp. 198–214

work page 2022
[12]

Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability,

P. Daian, S. Goldfeder, T. Kell, Y . Li, X. Zhao, I. Bentov, L. Breidenbach, and A. Juels, “Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability,” in2020 IEEE symposium on security and privacy (SP). IEEE, 2020, pp. 910–927

work page 2020
[13]

A large scale study of the ethereum arbitrage ecosystem,

R. McLaughlin, C. Kruegel, and G. Vigna, “A large scale study of the ethereum arbitrage ecosystem,” in32nd USENIX Security Symposium (USENIX Security 23), 2023, pp. 3295–3312

work page 2023
[14]

Rolling in the shadows: Analyzing the extraction of mev across layer-2 rollups,

C. Ferreira Torres, A. Mamuti, B. Weintraub, C. Nita-Rotaru, and S. Shinde, “Rolling in the shadows: Analyzing the extraction of mev across layer-2 rollups,” inProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024, pp. 2591–2605. 13

work page 2024
[15]

Light into darkness: Demystifying profit strategies throughout the mev bot lifecycle,

F. Luo, Z. Li, W. Luo, Z. He, X. Luo, Z. Ma, S. Song, and T. Chen, “Light into darkness: Demystifying profit strategies throughout the mev bot lifecycle,” inNDSS, 2026

work page 2026
[16]

Money launderers are mimicking terrible traders to bypass detection, crypto security experts say,

T. Craig, “Money launderers are mimicking terrible traders to bypass detection, crypto security experts say,” https://www.dlnews.com/artic les/defi/lazarus-sandwich-attacks-its-own-trades-to-launder-crypto/, March 2025, accessed: 2026-05

work page 2025
[17]

Crypto trader gets sandwich attacked in stablecoin swap, loses $215k,

Cointelegraph, “Crypto trader gets sandwich attacked in stablecoin swap, loses $215k,” https://kr.tradingview.com/news/cointelegraph%3A2a60 2cb81094b%3A0-crypto-trader-gets-sandwich-attacked-in-stablecoin- swap-loses-215k/, March 2025, accessed: 2026-05

work page 2025
[18]

Defi user loses over $700k usdc in a sandwich attack,

Crypto Alchemy, “Defi user loses over $700k usdc in a sandwich attack,” https://www.binance.com/en/square/post/21489047210377, March 2025, accessed: 2026-05

work page arXiv 2025
[19]

Peb separation and state migration: Unmasking the new frontiers of defi aml evasion,

Y . Cao, X. Cheng, and Y . Liu, “Peb separation and state migration: Unmasking the new frontiers of defi aml evasion,”arXiv preprint arXiv:2603.26290, 2026

work page arXiv 2026
[20]

An inquiry into money launder- ing tools in the bitcoin ecosystem,

M. M ¨oser, R. B ¨ohme, and D. Breuker, “An inquiry into money launder- ing tools in the bitcoin ecosystem,” in2013 APWG eCrime researchers summit. Ieee, 2013, pp. 1–14

work page 2013
[21]

Zero to monero,

K. M. Alonsoet al., “Zero to monero,”Zero to monero, 2020

work page 2020
[22]

Anonymity, unobservability, and pseudonymity—a proposal for terminology,

A. Pfitzmann and M. K ¨ohntopp, “Anonymity, unobservability, and pseudonymity—a proposal for terminology,” inDesigning Privacy En- hancing Technologies: International Workshop on Design Issues in Anonymity and Unobservability Berkeley, CA, USA, July 25–26, 2000 Proceedings. Springer, 2001, pp. 1–9

work page 2000
[23]

On how zero-knowledge proof blockchain mixers improve, and worsen user privacy,

Z. Wang, S. Chaliasos, K. Qin, L. Zhou, L. Gao, P. Berrang, B. Livshits, and A. Gervais, “On how zero-knowledge proof blockchain mixers improve, and worsen user privacy,” inProceedings of the ACM Web Conference 2023, 2023, pp. 2022–2032

work page 2023
[24]

Towards understanding and demystifying bitcoin mixing services,

L. Wu, Y . Hu, Y . Zhou, H. Wang, X. Luo, Z. Wang, F. Zhang, and K. Ren, “Towards understanding and demystifying bitcoin mixing services,” inProceedings of the Web Conference 2021, 2021, pp. 33–44

work page 2021
[25]

Bitcoin transactions: a digital discovery of illicit activity on the blockchain,

A. Turner and A. S. M. Irwin, “Bitcoin transactions: a digital discovery of illicit activity on the blockchain,”Journal of Financial Crime, vol. 25, no. 1, pp. 109–130, 2018

work page 2018
[26]

Detection of illicit accounts over the ethereum blockchain,

S. Farrugia, J. Ellul, and G. Azzopardi, “Detection of illicit accounts over the ethereum blockchain,”Expert systems with applications, vol. 150, p. 113318, 2020

work page 2020
[27]

A fistful of bitcoins: characterizing payments among men with no names,

S. Meiklejohn, M. Pomarole, G. Jordan, K. Levchenko, D. McCoy, G. M. V oelker, and S. Savage, “A fistful of bitcoins: characterizing payments among men with no names,” inProceedings of the 2013 conference on Internet measurement conference, 2013, pp. 127–140

work page 2013
[28]

Evaluating user privacy in bitcoin,

E. Androulaki, G. O. Karame, M. Roeschlin, T. Scherer, and S. Capkun, “Evaluating user privacy in bitcoin,” inInternational conference on financial cryptography and data security. Springer, 2013, pp. 34–51

work page 2013
[29]

An analysis of anonymity in the bitcoin system,

F. Reid and M. Harrigan, “An analysis of anonymity in the bitcoin system,” inSecurity and privacy in social networks. Springer, 2012, pp. 197–223

work page 2012
[30]

Quantitative analysis of the full bitcoin transaction graph,

D. Ron and A. Shamir, “Quantitative analysis of the full bitcoin transaction graph,” inInternational conference on financial cryptography and data security. Springer, 2013, pp. 6–24

work page 2013
[31]

Watch your back: Identifying cybercrime financial relationships in bitcoin through back- and-forth exploration,

G. Gomez, P. Moreno-Sanchez, and J. Caballero, “Watch your back: Identifying cybercrime financial relationships in bitcoin through back- and-forth exploration,” inProceedings of the 2022 ACM SIGSAC confer- ence on computer and communications security, 2022, pp. 1291–1305

work page 2022
[32]

Bitiodine: Extracting intelli- gence from the bitcoin network,

M. Spagnuolo, F. Maggi, and S. Zanero, “Bitiodine: Extracting intelli- gence from the bitcoin network,” inInternational conference on financial cryptography and data security. Springer, 2014, pp. 457–468

work page 2014
[33]

Ghost clusters: Evaluating attribution of illicit services through cryptocurrency tracing,

K. Lubbertsen, M. van Eeten, and R. van Wegberg, “Ghost clusters: Evaluating attribution of illicit services through cryptocurrency tracing,” in34th USENIX Security Symposium (USENIX Security 25), 2025, pp. 1357–1374

work page 2025
[34]

Tracking ransomware end-to-end,

D. Y . Huang, M. M. Aliapoulios, V . G. Li, L. Invernizzi, E. Bursztein, K. McRoberts, J. Levin, K. Levchenko, A. C. Snoeren, and D. Mc- Coy, “Tracking ransomware end-to-end,” in2018 IEEE Symposium on Security and Privacy (SP). IEEE, 2018, pp. 618–631

work page 2018
[35]

Behind closed doors: measurement and analysis of cryptolocker ransoms in bitcoin,

K. Liao, Z. Zhao, A. Doup ´e, and G.-J. Ahn, “Behind closed doors: measurement and analysis of cryptolocker ransoms in bitcoin,” in2016 APWG symposium on electronic crime research (eCrime). IEEE, 2016, pp. 1–13

work page 2016
[36]

How to peel a million: Validating and expanding bitcoin clusters,

G. Kappos, H. Yousaf, R. St ¨utz, S. Rollet, B. Haslhofer, and S. Meikle- john, “How to peel a million: Validating and expanding bitcoin clusters,” in31st USENIX security symposium (USENIX security 22), 2022, pp. 2207–2223

work page 2022
[37]

Address clustering heuristics for ethereum,

F. Victor, “Address clustering heuristics for ethereum,” inInternational conference on financial cryptography and data security. Springer, 2020, pp. 617–633

work page 2020
[38]

Denseflow: Spot- ting cryptocurrency money laundering in ethereum transaction graphs,

D. Lin, J. Wu, Y . Yu, Q. Fu, Z. Zheng, and C. Yang, “Denseflow: Spot- ting cryptocurrency money laundering in ethereum transaction graphs,” inProceedings of the ACM Web Conference 2024, 2024, pp. 4429–4438

work page 2024
[39]

Toward understanding asset flows in crypto money laundering through the lenses of ethereum heists,

J. Wu, D. Lin, Q. Fu, S. Yang, T. Chen, Z. Zheng, and B. Song, “Toward understanding asset flows in crypto money laundering through the lenses of ethereum heists,”IEEE Transactions on Information Forensics and Security, vol. 19, pp. 1994–2009, 2023

work page 1994
[40]

Tracer: Scalable graph- based transaction tracing for account-based blockchain trading systems,

Z. Wu, J. Liu, J. Wu, Z. Zheng, and T. Chen, “Tracer: Scalable graph- based transaction tracing for account-based blockchain trading systems,” IEEE Transactions on Information Forensics and Security, vol. 18, pp. 2609–2621, 2023

work page 2023
[41]

U.s. treasury sanctions notorious virtual currency mixer tornado cash,

U. D. of the Treasury, “U.s. treasury sanctions notorious virtual currency mixer tornado cash,” https://home.treasury.gov/news/press-releases/jy0 916, 2022

work page 2022
[42]

Market share of decentralized crypto exchanges, by trading volume,

S. P. Lee, “Market share of decentralized crypto exchanges, by trading volume,” https://www.coingecko.com/research/publications/decentralize d-crypto-exchanges-market-share/, 2026, accessed: 2026-04

work page 2026
[43]

Uniswap monthly active users,

TokenTerminal, “Uniswap monthly active users,” https://tokentermina l.com/explorer/projects/uniswap/metrics/user-mau/, 2026, accessed: 2026-04

work page 2026
[44]

Ethereum uniswap v2 pools tvl,

Dune, “Ethereum uniswap v2 pools tvl,” https://dune.com/queries/690 4458?utm source=share&utm medium=copy&utm campaign=query, 2026, accessed: 2026-04

work page 2026
[45]

Proposer-builder separation,

Ethereum, “Proposer-builder separation,” https://ethereum.org/roadmap /pbs/, accessed: 2026-05

work page 2026
[46]

Github repository of rbuilder,

Flashbots, “Github repository of rbuilder,” https://github.com/flashbots /rbuilder, accessed: 2025-11

work page 2025
[47]

Flashbots boost relay - hoodi,

——, “Flashbots boost relay - hoodi,” https://boost-relay-hoodi.flashbo ts.net/, accessed: 2025-11

work page 2025
[48]

Github repository of lighthouse,

S. Prime, “Github repository of lighthouse,” https://github.com/sigp/li ghthouse, accessed: 2025-11

work page 2025
[49]

Github repository of reth,

Paradigm, “Github repository of reth,” https://github.com/paradigmxyz /reth, accessed: 2025-11

work page 2025
[50]

Github repository of mev-boost,

Flashbots, “Github repository of mev-boost,” https://github.com/flashbo ts/mev-boost, accessed: 2025-11

work page 2025
[51]

Github repository of uniswap v2-core,

Uniswap, “Github repository of uniswap v2-core,” https://github.com/U niswap/v2-core, accessed: 2025-11

work page 2025
[52]

Github repository of mev-inspect-py,

Flashbots, “Github repository of mev-inspect-py,” https://github.com/fla shbots/mev-inspect-py, accessed: 2025-11

work page 2025
[53]

High-frequency trading on decentralized on-chain exchanges,

L. Zhou, K. Qin, C. F. Torres, D. V . Le, and A. Gervais, “High-frequency trading on decentralized on-chain exchanges,” in2021 IEEE symposium on security and privacy (SP). IEEE, 2021, pp. 428–445

work page 2021
[54]

Github of rolling in the shadows,

C. Ferreira Torres, A. Mamuti, B. Weintraub, C. Nita-Rotaru, and S. Shinde, “Github of rolling in the shadows,” https://github.com/c hristoftorres/Rolling-in-the-Shadows, 2024, accessed: 2025-11

work page 2024
[55]

Coingecko,

CoinGecko, “Coingecko,” https://www.coingecko.com/, accessed: 2025- 11

work page 2025
[56]

Power-law distributions in empirical data,

A. Clauset, C. R. Shalizi, and M. E. Newman, “Power-law distributions in empirical data,”SIAM review, vol. 51, no. 4, pp. 661–703, 2009

work page 2009
[57]

Power laws, pareto distributions and zipf’s law,

M. E. Newman, “Power laws, pareto distributions and zipf’s law,” Contemporary physics, vol. 46, no. 5, pp. 323–351, 2005

work page 2005
[58]

An empirical study of defi liquidations: Incentives, risks, and instabilities,

K. Qin, L. Zhou, P. Gamito, P. Jovanovic, and A. Gervais, “An empirical study of defi liquidations: Incentives, risks, and instabilities,” inProceedings of the 21st ACM internet measurement conference, 2021, pp. 336–350

work page 2021
[59]

Token spammers, rug pulls, and sniper bots: An analysis of the ecosystem of tokens in ethereum and in the binance smart chain (bnb),

F. Cernera, M. La Morgia, A. Mei, and F. Sassi, “Token spammers, rug pulls, and sniper bots: An analysis of the ecosystem of tokens in ethereum and in the binance smart chain (bnb),” in32nd USENIX security symposium (USENIX security 23), 2023, pp. 3349–3366

work page 2023
[60]

Themis: Fast, strong order-fairness in byzantine consensus,

M. Kelkar, S. Deb, S. Long, A. Juels, and S. Kannan, “Themis: Fast, strong order-fairness in byzantine consensus,” inProceedings of the 2023 acm sigsac conference on computer and communications security, 2023, pp. 475–489

work page 2023
[61]

Separation is good: A faster order-fairness byzantine consensus,

K. Mu, B. Yin, A. Asheralieva, and X. Wei, “Separation is good: A faster order-fairness byzantine consensus,” inProc. NDSS, 2024, pp. 1–17

work page 2024
[62]

On frontrunning risks in batch-order fair systems for blockchains,

E. Park, T. Yoon, H. Nam, D. Maram, and M. S. Kang, “On frontrunning risks in batch-order fair systems for blockchains,” inProceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, 2025, pp. 918–932. 14 APPENDIXA OPERATIONALDETAILS OFARBITRAGE-BASEDDCATON ARBITRUM As discussed in a previous section (§IV-C), executing DCAT on A...

work page 2025