# MEV Proofs This section looks at the potential of proving MEV stealing with the help of the beacon block root proposed in [EIP4788](https://eips.ethereum.org/EIPS/eip-4788). A relatively straight-forward approach would be to use merkle proofs against the beacon root to objectively determine when a node operator has stolen MEV according to some rule set and apply a penalty accordingly. However there are some challenges around what data the beacon root gives us access to and some limitations for what rules can be verified. ## State Proofs The beacon block root would give access to: - The `proposer_index` contained in the [BeaconBlock](https://eth2book.info/bellatrix/annotated-spec/#beaconblock) itself - `validators` in [BeaconState](https://eth2book.info/bellatrix/annotated-spec/#beaconstate) [linking](https://eth2book.info/bellatrix/part3/containers/dependencies/#validator) indices to `pubkey` and `withdrawal_credentials` - `fee_recipient`, `transactions`, and `state_root` contained in the [ExecutionPayload](https://eth2book.info/bellatrix/annotated-spec/#executionpayload) in [BeaconBlockBody](https://eth2book.info/bellatrix/annotated-spec/#beaconblockbody) So unfortunately, a pure state proof approach doesn't appear to be possible with the beacon root alone. For example it would be possible to prove that: - the node operator owning a specific minipool was opted in to the smoothing pool for a specific block (using the `state_root`) - the block was produced by a specific validator index (using the `proposer_index`) - the `fee_recipient` wasn't the smoothing pool - the last transaction in the block did not transfer ETH to the smoothing pool (using `transactions`) However, the crucial piece that is missing is linking the validator index to the minipool. When a minipool is created, only the pubkey, the withdrawal credentials, and the `deposit_count` of the Deposit Contract are known. The latter can not easily be linked to the validator index, because there can be more than one deposit for the same validator and deposits can be invalid. An area that should be further researched is using ZK proofs against the beacon chain state root to link validator index to pubkey . ## Ruleset The current plan for MEV is to eventually require MEV Boost in [Phase 3](https://docs.rocketpool.net/guides/node/mev.html#phase-3-required). With a trusted oracle, it would be possible to query relay APIs to determine if a MEV boost block was available for a certain slot and detect NOs that build their own blocks instead. With purely on chain data, it would not be possible to distinguish between a block that was legitimately built locally because no ME boost block was available and those that ignored relay blocks to sidechannel MEV. ### Loose Rule Set This is effectively the [Phase 2](https://docs.rocketpool.net/guides/node/mev.html#phase-2-opt-out) ruleset currently in place and the one suggested in the new [penalty system draft](https://github.com/rocket-pool/rocketpool-research/blob/master/Penalties/saturn-system-proposal.md): A block can come from one of the trusted relays or can be built locally as long as the correct fee recipient is used. This rule set could be implemented with the beacon root and a way to link validator indices to pubkeys: To show that a penalty should be applied, a proof could be provided that a block did not use the smoothing pool or the node or the node fee distributor and the last transaction in the block did not go there either. However this version is vulnerable to node operators running their own searcher and extracting MEV without sharing it. ### Strict Rule Set Only blocks from trusted relays are allowed. If none are available, the node operator must not propose a block. Locally built blocks that set the fee recipient to smoothing pool or node fee distributor are no longer allowed. Just as above, this one could be implemented on chain in a post EIP4788 world by providing a proof that the last transaction did not go to smoothing pool or node distributor. This version would introduce a strong dependency on MEV Boost and might lead to slightly lower returns because of missed blocks. Both the loose and the strict rule set are far from ideal. One approach would be to implement both and give the pDAO the ability to switch between the two with a settings change. We could start out with using the loose one and continue to monitor if anyone is exploiting the system and switch to the strict rule set if necessary. The ability to switch might serve as a deterrent in and of itself.