Maxime Reynouard
Presenter: Maxime Reynouard
Paris Dauphine University and Nomadic Labs


Most blockchain protocols prescribe that multiple agents run costly block verification. If agents are selfish, they may rely on others to complete the verification, causing a potential failure of the blockchain. This is known as the Verifier’s dilemma. We study it in a classical quorum-based consensus protocol with three types of agents: (B) the Byzantine, who can deviate arbitrarily from the protocol, (A) the Altruistic, who automatically follow the protocol, and (S) the Selfish, who maximize their payoff. We introduce a novel BAS-robust equilibrium notion and show that: (i) the honest behavior is not a BAS-robust equilibrium; (ii) all BAS-robust equilibria cause blockchain failure; and (iii) a recently proposed correlated equilibrium solution to the Verifier’s dilemma is not BAS-robust. Finally, we design a quorum-based mechanism where following the protocol is BAS-robust and optimal in the sense of [Ittai Abraham et al., 2011, Distributed computing meets game theory: Combining insights from two fields].

Martina Fraschini
Presenter: Martina Fraschini
University of Luxembourg and Bank of England


A Central Bank Digital Currency (CBDC) would reduce commercial bank deposits and provide households with a new payment technology. We develop a structural model of the banking sector, calibrate it, and introduce a CBDC to run counterfactual analyses. We find that, if the central bank compensates the commercial banks for the loss in deposits, then banks optimally push households towards the CBDC. This allows them to capture the consumer surplus stemming from the new technology and increase their profit margin. The design of the compensation mechanism can mitigate this effect.

Olga Gorelkina
Presenter: Olga Gorelkina
University of Liverpool Management School


This paper offers a model of blockchain governance based on a virtually efficient mechanism. Agents’ preference reports and betting on the reports made in the future determine the welfare maximizing allocation. To induce truth telling, the mechanism implements two part transfers with a VCG component and a betting reward that depends on how accurately the prior updated upon the agent’s report predicts reports observed in the next period. The mechanism satisfies participation constraints and generates no deficit after any reported history.

Fayçal Drissi
Presenter: Fayçal Drissi
University of Oxford and Université Paris 1 Panthéon-Sorbonne


We introduce a new comprehensive metric of predictable loss (PL) for liquidity providers in constant function automated market makers and derive an optimal liquidity provision strategy. PL compares the value of the LP’s holdings in the liquidity pool (assuming no fee revenue) with that of a self-financing portfolio that replicates the LP’s holdings and invests in a risk-free account. We provide closed-form formulae for PL, and show that the losses stem from two sources: the convexity cost, which depends on liquidity taking activity and the convexity of the pool’s trading function; the opportunity cost, which is due to locking the LP’s assets in the pool. For LPs in constant product market makers with concentrated liquidity, we derive a closed-form strategy that dynamically adjusts the range around the exchange rate as a function of market trend, volatility, and liquidity taking activity in the pool. We prove that the profitability of liquidity provision depends on the tradeoff between PL and fee income. Finally, we use Uniswap v3 data to show that LPs have traded at a significant loss, and to show that the out-of-sample performance of our strategy is considerably superior to the historical performance of LPs in the pool we consider.

Ulysse Pavloff
Presenter: Ulysse Pavloff


Ethereum has undergone a recent change called the Merge, which made Ethereum a Proof-of-Stake blockchain shifting closer to BFT consensus. Ethereum, which wished to keep the best of the two protocols designs (BFT and Nakomoto-style), now has an involved consensus protocol as its core. The result is a blockchain being possibly produced in a tree-like form while participants try to finalize blocks. Several attacks jeopardizing liveness have been found in this new setting. The Ethereum community has responded by creating a patch. We discovered a new attack on the patched protocol. To support our analysis, we propose a new formalization of the properties of liveness and availability of the Ethereum blockchain, and we provide a pseudo-code. We believe this formalization to be helpful for other analyses as well. Our results yield that the Ethereum Proof-of-Stake has probabilistic liveness, influenced by the parameter describing the time frame allowed for validators to change their mind about the current main chain.

Daniel Augot
Presenter: Daniel Augot
INRIA, CNRS and École polytechnique


Languages of the NP complexity class have instances with a proof of membership which can be checked in polynomial time. What about reading only a random part of such a proof? The +PCP (probabilistically checkable proofs) Theorem states that any language in NP has a verifier which checks a (PCP) proof of polynomial size, by reading only a constant number of random bits of it. Originally an astronomical theorem, 30 years of research have turned this result into practical algorithms and protocols. Actually they are so practical that companies implement and deploy such proof systems very successfully in the blockchain world. In this talk, the PCP theorem with be recalled. Then, the transition from complexity theory to cryptographic protocols is done with cryptographic hash functions. Central to this topic are error correcting codes. Finally, we will explain why such proofs are a useful for blockchains with low bandwidth.

Nassib Boueri
Presenter: Nassib Boueri


The presentation will introduce the problem of AMM arbitrage and discuss the architecture of arbitrage bots, focusing on how to implement a back-running algorithm on the Ethereum blockchain (pre-EIP 1559 02/2021).

Mikolaj Barczentewicz
Presenter: Mikolaj Barczentewicz
Law and Technology Hub, University of Surrey


In the “dark forest” of the Ethereum blockchain, novel strategies of maximal extractable value (“MEV”) extraction – such as validators or searchers running “sandwich attacks” on other crypto traders – are threatening to disrupt the market in cryptocurrencies. Such attacks can inflict substantial losses on other users. Nonetheless, MEV extraction has yet to receive any systematic discussion in the legal literature despite being a significant market phenomenon, estimated at $550-650 million since 2020, and despite suggestions that analogous actions to some forms of MEV extraction would have been illegal in traditional markets.

I’ve been investigating whether strategies like sandwich attacks should be classified as illegal “market manipulation” (in the U.S.) or “market abuse” (in the EU). While doing so, I realised that to answer such questions, we cannot simply rely on legal precedents or detailed written rules, but we need to look deeper into the economics of DeFi.

I would like to use this presentation as an invitation to economists and computer scientists to study some of the questions crucial to deciding how the law should approach MEV. Those questions include both individual-level considerations, e.g. what is the economic nature of a transaction with an Automated Market Maker / CFMM (including how should we conceptualise “slippage” settings). But they also include market efficiency (and more broadly: social welfare) considerations, e.g. whether MEV extraction - even if harmful to some individual market participants - is all-things-considered a net benefit to the market.

Quentin Bramas
Presenter: Quentin Bramas
Université de Strasbourg


The most famous Blockchain, Bitcoin, uses Proof-of-work to elect the next block. Proof-of-work is originally a puzzle-based anti-spam technique that is used to prove that some time has passed. Another puzzle-based anti-spam method called « network guided tour » has the same purpose but do not require the client to use its computational power. In this presentation, I will explain how this method can be adapted in the context of Blockchains to replace the Proof-of-work, in order to obtain a Blockchain protocol that does not consume an amount of electricity equivalent to a small country.

Engin Iyidogan
Presenter: Engin Iyidogan
SKEMA Business School


We consider blockchain adoption in a multiple firm market. The blockchain cost per firm decreases with the adoption rate as the cost of verification and recording is distributed among the adopters. We study the Nash equilibria of the adoption game and derive results on existence and uniqueness in terms of the cost structure. We characterize the gap between the social optimum and the Nash equilibrium for different blockchain cost structures, e.g. exponential, linear and quadratic.

We next set up a model for blockchain adoption by insurance firms in the presence of a reinsurer. We integrate the insurance specific contractual characteristics such as premiums and indemnities, and we account for the utility function of the parties. For exponential utility, we show that the problem reduces to a generic blockchain adoption problem, with modified cost structure, which is found in closed form depending on all the contractual characteristics and the risk aversion coefficients.

When the reinsurance firm acts as a social planner, the co-insurance premiums are optimally chosen depending on the insurers’ adoption decision. This serves as a mechanism to select an outcome with higher adoption rate.