Ethereum was founded on the principles of decentralization, transparency, and creating a level playing field. However, beneath its admirable ideals, a hidden issue has emerged—malicious Maximal Extractable Value (MEV). This is not a flaw found in some obscure part of the system; rather, it is a consequence of how transaction data is currently exposed.
Over $1.38 billion has already been extracted from users through front-running and sandwich attacks on Ethereum alone. These losses are not just theoretical; they represent real value taken from actual users, often without their awareness. As MEV strategies become more automated and sophisticated, this "hidden tax" continues to increase with every block produced.
This isn't just a problem for average users. Even high-profile figures with deep technical experience aren't immune. Recently, Changpeng Zhao (CZ)—the founder of Binance—was publicly sandwich-attacked when he attempted a simple token swap on a decentralized exchange. Despite his resources, reputation, and experience, CZ's transaction was exploited the same way any unsuspecting user might be: bots saw his pending trade in the public mempool and executed transactions before and after it to extract value. The attack was visible on-chain. The system worked exactly as designed—and that was the problem.
In July 2023, a significant failure occurred during the Curve Finance stablecoin pool exploit. As attackers began draining funds from vulnerable contracts, several white-hat rescuers tried to front-run the exploit and recover funds for users. However, they found themselves competing not only with malicious actors but also with MEV bots. These bots monitored the rescue attempts in the public mempool and inserted their own transactions to siphon off the remaining funds. In some instances, the bots even outbid the white-hat efforts, profiting from the chaos and resulting in the largest MEV block rewards in Ethereum's history. The outcome was millions of dollars lost—not solely due to a smart contract bug, but because the transaction supply chain enabled opportunistic extraction in real-time.
These cases highlight a harsh reality: if someone can see your transaction before it is finalized, they can either take action on it or block it.
Many proposed solutions aim to reduce this risk, such as private relays, filtered RPCs, and hardware level solutions. However, these solutions rely on a precarious assumption: that trusted parties will consistently act against their financial interests. This includes the belief that relay operators will safeguard your order flow, that sequencers won’t misuse their power, and that centralized infrastructure won’t falter when the potential rewards become significant enough.
But what happens when a transaction offers $100 million in extractable value?
The answer is simple: if something is visible, it will be taken.
All the most popular MEV mitigation tools used today do not resolve the issue; they merely shift it elsewhere, hoping the new visibility custodians will act more responsibly than the previous ones.
This should be an alarming realization for those reading this.
And this issue is why Shutter exists - to address the core cause of this problem, once and for all.
It offers a different approach. By encrypting transactions until they are irreversibly committed to a block, Shutter eliminates visibility, which also removes the possibility of exploitation. There is no need to trust a relay, sequencer, or mempool operator, as they cannot see any information in the first place.
In a system designed to remove trust, this is the only kind of protection that remains effective.
The Real Issue: Visibility and Power in the Transaction Supply Chain
Every Ethereum transaction follows a specific path: it is created by a user, passes through an RPC, lands in the mempool, and is eventually included in a block by a sequencer or validator.
This process is intentionally designed to be highly transparent, but this visibility comes with certain drawbacks. When all pending transactions are visible to everyone, it allows for potential exploitation. For instance, bots can place trades before yours (front-running), after yours (back-running), or even both (sandwiching). Additionally, sequencers have the ability to reorder or censor transactions. Infrastructure operators might selectively leak information or prioritize private order flows, further complicating the landscape.
At every step of the chain, visibility equals power.
And that power is only kept in check by soft promises: "We won't front-run," "We follow fair ordering," and "We don't leak your data."
But what happens when those promises are put to the test?
When the Pot Becomes Large Enough, Trust is Broken.
The uncomfortable truth about trust-based MEV protections is that they are effective—until they fail.
When the value at stake is low, individuals may act honestly. However, in systems where transparency creates an imbalance, opportunities may arise that are too significant to overlook.
Imagine an infrastructure operator—such as an RPC provider, a mempool relay, or a builder—who comes across a transaction that can be exploited for $100 million. They recognize that acting on this opportunity could severely damage their public credibility. However, for some, the immediate financial gain outweighs the potential harm to their reputation, especially considering that many teams and individuals in the space remain (pseudo)anonymous.
The transparency of transaction data can be exploited, revealing a critical weakness in any system that lacks encryption. In such systems, someone always has access to the data. When that access exists, the temptation to misuse the information becomes too strong to resist.
That is not just a hypothetical situation; it is a systemic failure mode. This risk increases as more value flows through Ethereum and other blockchains.
How Others Attempt to Provide Protection—and Where They Often Fall Short
Over the years, various MEV mitigation strategies have been developed to reduce the risk of malicious MEV. However, each one ultimately depends on whom you are willing to trust—and how much.
Centralized Infrastructure: The Same Risk in a Different Wrapper
Many popular MEV protection tools—such as Flashbots Protect, MEV-Boost, and RPC-based services like Eden Network or Blocknative—claim to protect your transactions from front running by routing them through private, trusted channels. These systems promise to handle your transaction data responsibly, ensuring that it will not be leaked or exploited.
Here's the catch: you have to trust what they say.
These relays and private RPCs operate as closed systems, meaning users cannot see what happens within them. If a multi-million-dollar MEV opportunity arises, there’s no guarantee that the operator won’t take advantage of it—and there is no way to prove whether they did. Essentially, you are still placing your trust in a centralized party that has privileged access to sensitive information. While the branding may have changed, the underlying trust model remains the same.
Sequencers: A Single Gatekeeper with Too Much Power
On Layer 2 solutions and rollups such as Optimism, Arbitrum, and Base, sequencers have the crucial role of determining the order in which transactions are included in blocks. While some rollups apply fair ordering rules, it’s important to note that sequencers typically have advance visibility of all transactions and can choose how to arrange them.
One actor—who may not be decentralized or transparent—can potentially reorder, delay, or censor transactions for financial gain. Additionally, there is no real-time audit trail for users. The higher the MEV potential, the more powerful and risky this centralized role becomes.
Hardware-Based Solutions: Trusting the Black Box
Some MEV mitigation strategies involve the use of specialized hardware, such as Trusted Execution Environments (TEEs), which are most commonly associated with Intel SGX. These secure enclaves are designed to process data privately, even on compromised machines. The concept behind this approach is straightforward: you send your transaction to a TEE, it gets processed securely, and no one—including the operator—can view or manipulate the transaction.
But this, too, relies on a fragile trust model:
- You're trusting the hardware vendor—not the protocol—to act honestly and resist tampering.
- TEEs have been compromised in the past, and when they fail, they fail silently. Users have no way to know what happened inside the enclave.
- It's intentionally designed as a "black box"—opaque, centralized, and unverifiable.
Time-lock encryption is a related approach that utilizes tools such as Verifiable Delay Encryption (VDE) or Verifiable Delay Functions (VDFs) to conceal transaction contents until a specific amount of time has elapsed. While these methods are clever, they still depend on certain hardware assumptions and pose risks of early decryption if attackers possess specialized hardware.
In all these cases—whether it's a relay, a sequencer, or a hardware enclave—the pattern remains consistent: someone has early access to your transaction data, and you are trusting them not to misuse it.
Shutter: Remove the Temptation Entirely
Shutter employs a fundamentally different approach: an encrypted mempool. Instead of relying on trust in any single actor or system, it eliminates the incentive for malicious behavior by restricting access to the information entirely.
Here's how it works:
- Transactions are encrypted immediately upon creation and remain encrypted until they are included in a block.
- No validator, sequencer, RPC, or external observer can view the contents of transactions in advance.
- A distributed network of nodes known as Keypers collaboratively manages the decryption process through threshold encryption, ensuring that no single party possesses the key.
- Decryption occurs only after block commitment, ensuring transaction data is revealed only when it's too late to exploit.
In other words, there is nothing to see and, therefore, nothing to extract.
This model is not just theoretical; it is already operational on Gnosis Chain, has been piloted on OP Stack, and is being proposed for integration into Ethereum and Binance Smart Chain. It aligns directly with Ethereum's long-term objectives by supporting enshrined Proposer-Builder Separation (ePBS), Fork-Choice enforced Inclusion Lists (FOCIL), and promoting a future of credible neutrality.
While other systems depend on ethical behavior in high-pressure situations, Shutter eliminates the possibility of stealing from the users entirely.
Trust Is Not Necessary When You Use Encryption
Every MEV protection model presents a tradeoff. Most attempt to address the issue by restricting access to transaction data, but that access remains available somewhere for someone. Consequently, the system is reliant on trust.
However, trust, when subjected to billion-dollar incentives, often fails. Shutter provides an alternative: a route to encrypted and decentralized transaction flows where even the most powerful actors cannot exploit opportunities.
Shutter’s encrypted mempool is not only a better defense against malicious MEV, but it also aligns with the original promise of Ethereum: open systems, equal access, and a level playing field for all.
Join the Shutter Community
We’re passionate about finally ending malicious MEV across Ethereum and other chains. If you are too, we welcome you to join the Shutter Telegram community.
