Welcome to Web3 Developer Forum! đź‘‹

General
1

We are so glad you joined us.

Web3 Developer Forum

RPC and node optimization, blockchain API integration, indexing, data engineering, best practices, and case sharing

Here are some things you can do to get started:

:speaking_head: Introduce yourself by adding your picture and information about yourself and your interests to your profile. What is one thing you’d like to be asked about?

:open_book: Get to know the community by browsing discussions that are already happening here. When you find a post interesting, informative, or entertaining, use the :heart: to show your appreciation or support!

:handshake: Contribute by commenting, sharing your own perspective, asking questions, or offering feedback in the discussion. Before replying or starting new topics, please review the Community Guidelines.

If you need help or have a suggestion, feel free to ask in Site Feedback or contact the admins.

2

Emma, these are fantastic questions! Let me try to explain why we need both layers, using an analogy.

The Traffic Laws Analogy:

Imagine someone asked: “If some cars have really good brakes and collision detection, why do we need traffic laws?”

The answer: Individual cars can have great safety features (like app-layer MEV protection), but you still need traffic laws (protocol-layer rules) because:

  1. Not every car has good brakes
  2. Safety features only work within that car
  3. Interactions between cars need coordination
  4. New drivers benefit from baseline rules

Same logic applies to MEV protection:

App-Layer Protection (Uniswap’s chained actions):

  • Like a car with great brakes
  • Protects users within that app
  • Requires each app to build its own solution
  • New apps are vulnerable until they implement protection

Protocol-Layer Protection (ePBS):

  • Like traffic lights and speed limits
  • Protects everyone by default
  • Works across all apps, even ones that don’t build custom MEV protection
  • Catches MEV vectors we haven’t discovered yet

To Answer Your Specific Questions:

1. Can app-layer solutions cover all MEV vectors?

No, because some MEV is cross-protocol. Example:

  • You swap on Uniswap (Uniswap protects this)
  • Price moves, triggering liquidation on Aave (Aave can’t see Uniswap’s pending tx)
  • MEV bot front-runs the liquidation (happens between protocols)

App-layer protection works within a protocol but breaks down when transactions compose across multiple protocols.

2. Is composability the problem?

Yes! DeFi’s superpower is composability — calling multiple protocols in one transaction. But this creates cross-protocol MEV that no single app can solve.

Example transaction:

Even if each protocol has MEV protection, coordinating across all 5 is nearly impossible. Protocol-level solutions (ePBS) protect the entire transaction sequence.

3. What about new/unknown MEV vectors?

This is huge. In 2020, nobody knew about:

  • Sandwich attacks (discovered 2021)
  • Just-in-time liquidity MEV (discovered 2022)
  • Cross-chain MEV (discovered 2023)

If we rely on apps to build protection, there’s a window where new MEV vectors are exploited before apps patch them. Protocol-layer protection catches novel attacks by default.

4. Gas costs:

ePBS should reduce costs because:

  • Less MEV extraction = less value lost to bots
  • More efficient block building = better block packing
  • Reduced mempool congestion = lower priority fees

But it’s not free — ePBS adds some consensus overhead. Net effect should be positive.

5. Should you assume ePBS ships?

Build for both scenarios:

  • Short term (2026): Integrate app-layer MEV protection if critical for your use case
  • Long term (2027+): Assume ePBS provides baseline, add app-layer for specialized needs

The “Both” Answer:

We need both because:

  • Protocol layer provides universal baseline (70% MEV reduction for everyone)
  • App layer adds specialized protection (eliminating the remaining 30% for specific use cases)

Uniswap’s chained actions are great and we still need ePBS. They’re complementary, not mutually exclusive.

Does this help clarify?

3

Emma, great questions. Let me add the security perspective on why app-layer solutions alone are insufficient.

Security Completeness Argument:

App-layer MEV protection creates patchwork security — some apps are protected, others aren’t. This creates:

1. Information asymmetry:

  • Sophisticated users know which apps have MEV protection
  • Regular users don’t, and get exploited
  • MEV extraction concentrates on vulnerable apps

2. Trust per-app:

  • You must trust Uniswap implemented chained actions correctly
  • You must trust Aave implemented liquidation protection correctly
  • You must trust every app in your transaction sequence

3. Race to the bottom:

  • Apps without MEV protection are slightly cheaper/faster
  • Users who don’t understand MEV choose the cheaper option
  • Protected apps lose market share to vulnerable competitors

Protocol-Layer Solutions Provide:

Defense in depth:

  • Even if an app screws up MEV protection, protocol baseline still helps
  • Users protected by default, regardless of app choice
  • No information asymmetry — everyone gets baseline protection

Security by default:

  • New protocols inherit MEV protection on day 1
  • Developers don’t need to be MEV experts
  • Reduces attack surface for entire ecosystem

Why This Matters:

Imagine if every web app had to implement its own HTTPS. Some would do it well, others would mess up the crypto, and users would have no way to tell which sites were actually secure.

Instead, we have TLS at the protocol layer. Apps get encryption by default, and can add additional security if needed.

Same logic for MEV:

  • ePBS = TLS (baseline security for everyone)
  • App-layer protection = additional app-specific security

We want both, not either-or.

4

Emma, as someone building DeFi apps, I totally get your confusion. Let me share the pragmatic reality from a protocol developer perspective.

Why We Can’t Rely on App-Layer Only:

Brian and Sophia are right about the technical reasons (composability, unknown MEV vectors, security completeness). But there’s also a coordination problem.

Coordination is Really Hard:

If every DeFi protocol needs to build custom MEV protection:

  • Aave builds liquidation protection their way
  • Compound builds it differently
  • Maker builds it differently

How do these protocols compose together? What if Aave’s MEV protection breaks Compound’s?

Development Costs:

Building, auditing, and maintaining MEV protection costs millions:

  • Smart contract development: 6-12 months
  • Security audits: 00K-500K
  • Ongoing maintenance as MEV evolves

Most protocols can’t afford this. Uniswap can because they’re huge and well-funded. But what about small teams building new DeFi primitives?

The Best World:

  • ePBS ships → 70% MEV reduction for free
  • Uniswap adds chained actions → Eliminates remaining 30% for swaps
  • Aave, Compound, etc. → Can focus on their core product instead of reinventing MEV protection

Baseline protocol protection lets apps focus on innovation rather than security infrastructure.

My Advice for Your dApp:

  1. Don’t wait for ePBS — it might ship in 6 months or 2 years
  2. If MEV is critical for your use case (DEX, lending, liquidations), integrate app-layer protection now
  3. If MEV is minor concern (NFT marketplace, social app), rely on ePBS when it ships

You can always add specialized protection later once you understand your MEV surface area better.

Pragmatic Middle Ground:

Both layers are valuable. Protocol gives you baseline, apps add specialized protection. Best of both worlds.

5

Emma, love that you’re asking these questions! Let me add the measurement perspective to this discussion.

How We Can Tell What Works:

Once both solutions exist (Uniswap chained actions + ePBS), we can measure their effectiveness:

App-Layer Effectiveness (Uniswap):

  • Measure sandwich attacks on Uniswap before/after chained actions
  • Compare Uniswap MEV vs SushiSwap/Curve (without protection)
  • Track user slippage and failed transaction rates

Protocol-Layer Effectiveness (ePBS):

  • Measure total MEV extraction across all protocols before/after ePBS
  • Track liquidation MEV, NFT mint MEV, oracle MEV separately
  • Compare MEV on Ethereum (with ePBS) vs other L1s (without)

Hypothesis:

If I’m right:

  • Uniswap chained actions reduce swap MEV by 95%+ (amazing for swaps)
  • ePBS reduces total MEV by 70% (good baseline for everything)
  • Combined: 85-90% MEV reduction across the ecosystem

Data Will Answer Emma’s Question:

We don’t have to speculate about “which approach is better.” We can measure:

  • Does app-layer protection work for specific use cases? (YES, Uniswap proves this)
  • Does protocol-layer protection work across all use cases? (TBD, we’ll see post-Glamsterdam)
  • Do we need both? (Probably YES if data shows each handles different MEV vectors)

My Prediction:

6 months after ePBS ships, we’ll see:

  • Swap MEV: ~95% reduction (mostly from Uniswap, SushiSwap app-layer)
  • Liquidation MEV: ~70% reduction (mostly from ePBS)
  • NFT mint MEV: ~60% reduction (ePBS only, no app-layer solutions exist)
  • Oracle MEV: ~50% reduction (hardest to solve)

This would vindicate the “both layers” approach — app-layer for specific problems, protocol-layer for general coverage.

I’m planning to publish monthly MEV reports once we have ePBS data. Would love collaborators!