Welcome to Obscura
Welcome to the official documentation for Obscura, a innovative product designed to enhance blockchain privacy and security. This guide will walk you through everything you need to know about Obscura.
Last updated
Welcome to the official documentation for Obscura, a innovative product designed to enhance blockchain privacy and security. This guide will walk you through everything you need to know about Obscura.
Last updated
Obscura is a innovative solution designed to enhance transaction privacy and mitigate MEV (Maximal Extractable Value) exploits in the solana ecosystem. By operating at the RPC (Remote Procedure Call) level, Obscura effectively safeguards transaction data from malicious activities such as front-running & back-running and sandwiching attacks.
Through the integration of zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge) and a custom encryption router, Obscura ensures that all transaction data remains encrypted until finalization, even in the presence of potentially compromised validators.
The solana ecosystem has witnessed significant advancements, but it remains vulnerable to sophisticated attacks like MEV (Maximal Extractable Value) exploits. These exploits, including front-running and sandwiching, capitalize on transaction visibility to manipulate markets and extract profits at the expense of users. In the recent ecosystem growth, this issue has become even more substantial.
One critical weakness lies in the ability of entities such as Jito validators to access so-called "private transactions" before they are finalized. Despite being labeled private, these transactions can be exposed during the validation process, creating opportunities for exploitation. This flaw undermines trust in blockchain systems, especially within decentralized finance (DeFi) and other sensitive applications.
Jito validators, designed to optimize transaction order for profitability, have direct access to transaction data, including so-called "private transactions," before they are finalized on the blockchain. While marketed as a feature to enhance blockchain efficiency, this visibility introduces significant vulnerabilities.
Private transactions are intended to remain confidential during their lifecycle. However, Jito validators, being integral to the validation process, can inspect the content of these transactions before they are finalized. This visibility undermines their privacy and opens the door to exploitation.
For example, when a user submits a private transaction to purchase tokens during a launch event, the details of the transaction—such as the token contract, quantity, and price—are visible to Jito validators. This creates an opportunity for malicious actors to back-run the transaction by:
Identifying lucrative transactions: Validators can identify profitable trades, such as early purchases of tokens in a highly anticipated launch.
Placing competing transactions: By using their privileged access, validators or third parties working with them can submit their own transactions to front-run or back-run the original transaction.
Manipulating transaction order: Validators can reorder transactions to ensure their own trades are processed first, driving up prices and leaving the original user with higher costs or failed transactions.
Back-running is a common MEV exploit where an attacker places a transaction immediately after a profitable user transaction. In the case of launch events:
A user submits a transaction to create a pump.fun token.
The validator observes the transaction and sends a buy trancaction for the token in the same block as the token creation transaction. This gives the validator an unfair advantage to aquire the token at the lowest possible price before anyone else has the chance to buy.
The validator’s transaction is processed first, causing the token price to increase.
The user’s transaction is executed at a higher price, or it fails due to insufficient funds or slippage limits.
This type of exploitation is detrimental to users and undermines trust in the solana ecosystem. It disproportionately benefits those with privileged access, eroding the principles of fairness and decentralization.
