With the rise of cryptocurrency transactions, merchants are prioritising security due to vulnerabilities in online transaction systems. Prof. Daniel Xiapu LUO, Associate Dean (Research) of Faculty of Computer and Mathematical Sciences and Professor of the Department of Computing at The Hong Kong Polytechnic University and his research team identified three double-spending attacks exploiting the rollback merchanisms. Their findings, reported to Arbitrum and Optimism, earned them a USD500K bug bounty for enhancing blockchain security. The corresponding paper was honored with the Distinguished Paper Award at ACM CCS 2024, a premier conference in cybersecurity. Subsequently, it earned the Best Practical Paper of Cybersecurity Award in 2025.
Ethereum's meteoric rise as the backbone of decentralised finance (DeFi) has brought both innovation and new security challenges. As transaction volumes soared, Layer-2 solutions such as optimistic rollups, most notably Arbitrum and Optimism, emerged to address scalability. Yet, the rapid adoption of these protocols has outpaced the scrutiny of their security models, leaving billions of dollars potentially exposed.
Through meticulous analysis and experimental validation, Prof. LUO’s research team uncovered three previously unknown double-spending attacks targeting Arbitrum's rollback mechanisms. These attacks, if left unaddressed, could have enabled malicious actors to steal funds from cross-chain applications, undermining the very trust that underpins the DeFi ecosystem. The generalisability of the findings was demonstrated by successfully adapting the attacks to target Optimism.
Prof. Luo's team systematically dissected Arbitrum's architecture, identifying three core mechanisms that could trigger state rollback:
1. Time Bound Mechanism
To prevent chain reorganisations and timestamp manipulation, Arbitrum enforces a time window (typically 24 hours) within which L2 transactions must be submitted to L1. If a transaction's finalisation is delayed beyond this window, the protocol corrects the timestamp and rolls back the affected soft-finalised transactions.
2. Liveness-Preservation Mechanism
Designed to ensure censorship resistance, this mechanism allows users to force the inclusion of their transactions via L1 if the sequencer becomes unresponsive. However, if a forced inclusion occurs after a delay, it can create inconsistencies between the L1 and L2 transaction queues, triggering a rollback of queued soft-finalised transactions.
3. Transaction (De)compression Mechanism
To reduce costs, Arbitrum compresses batches of transactions before submitting them to L1. However, if a batch decompresses to a size exceeding the protocol limit, the L2 node deems it invalid and rolls back all associated soft-finalised transactions.
Central to the success of the double-spending attacks is the "manipulable delay attack," a technique devised to inject arbitrary delays into the transaction rollup process.
Recognising the potential cost of such an attack, the team also devised a cost optimisation strategy. By manipulating the posting unit price and carefully controlling the transaction submission rate, it demonstrated that the attack could be executed at a reasonable or even constant cost. Notably, they revealed an implementation error in Arbitrum's fee adjustment logic, which could amplify the impact of such attacks, causing transaction fees for all users to skyrocket in the aftermath.
Besides this research on the security of optimistic rollups, Prof. LUO and his team also uncovered severe vulnerabilities in zero-knowledge rollups, another major layer-2 solution for scaling blockchain. Furthermore, they identified denial-of-service issues affecting both types of rollups. Their ongoing research continues to push the boundaries of blockchain security and performance. Notably, Prof. Luo's latest work explores the acceleration of smart contract fuzzing using GPUs. By transforming EVM bytecode and fuzzing logic into parallel GPU tasks, his prototype achieves up to 15.38 times higher throughput than existing tools, enabling the detection of more bugs and greater code coverage—an essential step towards more robust smart contract ecosystems.
Source: Innovation Digest
