On Fixing the broken CryptoPunks Market
I don’t particularly think punk bidding is broken.
It’s just not explained correctly, in the context of how the blockchain works.
First, let’s understand where the problem is.
Think of a “bid” as a bid at an auction. When you submit a bid, just like with any auction, that bid is not final until settled, and you may be outbid. So far no problem there…
The problem, or the miscommunication, is in the accepting of the bids.
When you submit the “accept the bid” transaction, what is really happening is that the auction is still ongoing, even after you send the “accept bid” transaction.
The auction does not stop, and during that time, any other additional bid can come in, for as long as the “accept bid” transaction has not been settled on the blockchain.
This is not really a problem for the guy who accepted the bid, because if the auction is settled, then they will still get their ETH and sell their punk. This is only a problem if you and/or the seller had expectations that you were going to win the bid.
So, I think only the UI needs to be updated to manage the expectations. Bidders need to understand that a bid can be outbid even after the seller submitted the “acceptBidForPunk” transaction, due to the way settlement works on the blockchain.
Also, because the blockchain is decentralized, we cannot do things like check the time for when somebody submitted a transaction and reject any bid that was submitted after a deadline. (That’s because of the way transactions propagate before they are settled, as each node on the network may see the transactions on a different timeline. Only once they reach consensus about a shared timeline is when the transaction is settled.)
So, my recommendations would be:
1) On the seller’s side, the “accept bid” should be renamed to something like “Final Call” or “Proceed to settle auction”, or whatever communicates that their acceptBidForPunk may result in accepting a bid to a completely different buyer since the auction is still ongoing until the point where it is settled on the blockchain.
2) Things like flashbots may help. This is when the “accept bid” transaction is submitted directly to a block producer, bypassing the public mempool. Since bots will not be able to see the “accept bid” transactions, it would be more difficult for an opportunistic bot to snipe the auction. Using flashbots is as easy as changing the “RPC URL” setting in MetaMask. It does not solve the problem entirely, and the transaction may take longer to submit as not all blocks are built by flashbots.
3) Explain in simple English how the blockchain works, what is the mempool, how transactions are submitted and picked up, and finally how consensus is reached about a shared timeline, and what does this mean in the context of an auction.
4) Encourage users to use the offerPunkForSaleToAddress functionality when possible.
5) The UI should warn if the owner is about to accept a bid below the floor price, unless the user is using the offerPunkForSaleToAddress functionality