Frontrunning Block Attack in PoA Clique: A Case Study

As a fundamental technology of decentralized finance (DeFi), blockchain's ability to maintain a distributed fair ledger is threatened by manipulation of block/transaction order. In this paper, we propose a frontrunning block attack against the Clique-based Proof of Authority (PoA) algorithms. Our attack can frontrun blocks from honest in-turn sealers by breaking the proper order of leader selection. By falsifying the priority parameters (both \textit{difficulty} and \textit{delay time}), a malicious out-of-turn sealer can always successfully occupy the leader position and produce advantageous blocks that may contain profitable transactions. As a typical instance, we apply our attack to a mature Clique-engined project, HPB (\$3,058,901, as of April 2022). Experimental results demonstrate the effectiveness and feasibility. Then, we further recommend fixes that make identity checks effective. Our investigation and suggestion have been submitted to its official team and got their approval. We believe this work can act as, at least, a warning case for Clique variants to avoid repeating these design mistakes.