Tackling Malicious Validators and Democratizing MEV on Solana

Context

Maximal Extractable Value (MEV) represents the value that can be extracted from transaction sequencing, a fundamental aspect of blockchain systems. MEV is both a challenge and an opportunity. On the one hand, it can optimize liquidity, improve price discovery, and reward validators, thereby enhancing network efficiency. On the other hand, unchecked MEV can result in negative user experiences, such as front-running, sandwich attacks, and centralized control, which undermines decentralization.

In the Solana ecosystem, the challenges around MEV have been amplified by the rise of private mempools controlled by a few entities. This development came after Jito Labs suspended their public mempool earlier this year to mitigate MEV’s harmful effects. However, this action inadvertently shifted the problem, concentrating MEV deal flow into centralized, opaque systems.

Marinade Labs believes in a balanced approach to MEV:

1. Mitigation and Reduction: Employ strategies at the protocol and application layers to reduce harmful MEV, improving user experience and network fairness.
2. Redistribution and Democratization: Acknowledge that some level of MEV is inevitable and focus on redistributing it as fairly as possible via open, permissionless markets.

This philosophy underpins Marinade’s stake auction marketplace, which enables validators to compete openly for delegation. While this system aligns with our principles, it also permits potentially malicious validators to participate. Addressing this and other MEV-related challenges requires collective action.

Proposals for Mitigating Malicious Validators and Democratizing MEV

1. Establish a Public Committee for Delegation Oversight

• Form a committee of trusted community members and experts to review the current validator set.
• Identify and blacklist malicious validators whose harmful actions are substantiated with clear evidence.
• Slash the PSR bond of these validators to recover the costs of redelegating their stake to more reliable validators.
• This one-time action would set a precedent for discouraging future malicious activity while upholding the integrity of the network.

2. Reopen the Public Mempool

• Advocate for reopening public mempool to democratize MEV access and prevent the centralization of deal flow in private mempools.
• Public mempool access enables a more equitable distribution of MEV opportunities, reducing power imbalances across the network.

3. Fund Solana MEV Research for Transparency and Data

• Allocate MNDE DAO treasury funds to a dedicated research initiative focused on understanding and addressing MEV on Solana.
• Objectives:
  • Analyze MEV trends, risks, and opportunities.
  • Explore strategies for mitigating harmful MEV at the protocol and application levels.
  • Develop tools to make MEV activity more transparent and inclusive.
• Utilize research findings to inform future governance decisions and ecosystem improvements.

The Marinade Labs Stance on MEV

At Marinade Labs, we recognize that while MEV cannot be eliminated, its impact can be managed, and its value can be distributed fairly. Our approach is built on two core pillars:

1. Mitigation and UX Improvement: By implementing MEV-reducing mechanisms at the protocol and application levels, we aim to improve the user experience and reduce negative externalities.
2. Open Market for MEV Redistribution: The remaining MEV should flow through a transparent and open market accessible to all participants, fostering fairness and decentralization.

These principles guide our commitment to tackling MEV’s negative effects while leveraging its potential to benefit the broader community.

Call to Action

The Marinade DAO has always stood for decentralization, transparency, and innovation. Addressing the challenges posed by malicious validators and MEV is crucial for the health and sustainability of the Solana ecosystem.

We invite all DAO members and community stakeholders to join this discussion, refine these proposals, and help chart a path forward. Together, we can uphold the values of fairness, openness, and resilience in the Solana ecosystem.

Next Steps:

1. Open forum discussions for community feedback.
2. Vote on implementing these measures.
3. Execute approved actions with input from all stakeholders.

Let us work together to ensure Solana remains a beacon of decentralization and innovation!

Your feedback matters—join the discussion below.

The best strategy Marinade had, which was aimed at supporting the network rather than maximizing profit (you understand the difference, right?), was before the idea of bonds for acquiring stake.

It’s 100% clear that, under current market conditions, to recover the costs of acquiring stake, some external income from that stake is required. And where could it come from other than the gray area of MEV activity?

In my opinion, Marinade needs to address the problem at its root rather than creating conditions for the problem and then attempting to find solutions.

A delegation program should be created that simply isn’t profitable for gray MEV activity. A race purely for APR and profits is meaningless.

We are just over complicating things. The problem arises because there is no equivalent of transaction signature for bundles. When someone submits a bundle there is no proof that he has authority to include those transactions in his bundle. If we solve that we have solved sandwiching.

The solution is dead simple. When creating a bundle we are able to generate the bundle id. Now we simply need to sign bundle id with private key used in each transaction. This list of signatures is submitted to jito in their send bundle API and they verify these signatures and reject invalid bundles. No changes required in network or validator, only jito needs to change its block engine API

If signing in realtime is a problem we can easily have something like a delegation. Basically a struct with a unix timestamp and a duration. Just sign this with your private key. This signature needs to be submitted with the bundle and serves as a proof that transaction signer has given authority to bundle submitter to include transaction in his bundle. This signature is shared with jito block engine so has very low risk of leaking and even if leaked worst someone could do is sandwich that users transactions , which is happening anyways.

this delegates some authority to a specific entity, it is being endorsed to include the transaction in the chain. it seems like there would be regulatory implications

I doubt there would be any regulatory concern, this is no different from signing a transaction. Even if there is regulatory concern, this interchange is between transaction owner and bundle submitter. It no way involves Jito, they only have to verify if valid signature was submitted. But doesn’t it solves sandwich attacks and front running completely? Only case remains is where leader node reorders transactions which is far smaller problem and is far easy to identify.