#night $NIGHT Don't think that just because you see a transaction being packaged on the chain in the testnet, everything is fine. Midnight's suspended "transaction finality" is definitely a huge pitfall. I specially wrote an attack script from the perspective of MEV these past two days, focusing on its privacy consensus. In ordinary public chains, block creation means confirmation, but in @MidnightNetwork Midnight, a corporate-level privacy transfer must wait for that extremely time-consuming ZK proof to be fully on-chain before it is considered completely locked.

I artificially created a few seconds of network delay, getting stuck in the time difference of "transaction has been packaged, ZK is still being verified," and quickly broadcasted a conflicting transaction. Watching the logs from the terminal, I gasped: my double-spend attack was actually briefly accepted by some nodes! Although the final consensus eliminated this error after a few blocks, this few seconds of suspended period is enough for quantitative hackers to drain the liquidity pool. The paper stubbornly claims it can defend against adaptive attacks, but that is based on the utopian assumption of absolute network synchronization. In the real world, a slight shake of the fiber optic cable makes this defense full of holes. Wall Street auditors are not foolish; until this time difference is thoroughly blocked at the code level, I will absolutely not enter the market with my spot position. #Cardano