Proposal: MEV protected swaps


We propose to build an alternative/replacement for the current ETH / Token swap mechanism currently used in Nexus Mutual that will enable swapping arbitrary ERC20 pairs using Gnosis Protocol (CowSwap) to avoid sandwich attacks and other forms of MEV.


  1. If the protocol needs to make a relatively large claim payment/s in DAI then material amounts of ETH need to be swapped for DAI, at the moment the protocol would conduct this via Uniswap V2 only which doesn’t make use of the wider DEX liquidity.
  2. If the protocol wishes to swap assets for investments purposes, e.g. to sell stETH, then the same issues arise with the main difference being the time-sensitivity is likely much less than obtaining funds for claim payments.
  3. Existing asset swaps are quite highly exposed to MEV, in particular, sandwich attacks.

Project Description

The new implementation maintains the same security guarantees from the current design:

  • transactions can only be initiated from whitelisted accounts,
  • trades are only allowed in the correct price range using an onchain twap oracle,
  • and within certain thresholds previously established through governance.

The new solution could co-exist with the current Uniswap implementation, incrementing the total liquidity that is available for swaps.

Scope assumptions and constraints:

  • To reduce risk and scope, no changes will be made to the oracles that are currently in use by Nexus, this means the new implementation will not support new assets. The smart contract changes will focus on the CowSwapOperator and the required changes on the Pool contract to make it work.
  • To facilitate and make possible the correct accounting of assets, token allowances, and flow of assets between the pool and the swap operator contract, this implementation will support 1 swap operation at a time. This swap operation could be canceled and replaced by new ones if desired.
  • Both full and partial orders will be supported.
  • The implementation will target version 2 of Nexus smart contracts and will not be ported back to v1.


  1. Pull Request in Nexus GitHub repository with a set of smart contracts, tests, deployment scripts, and documentation that will deliver the desired solution.
  2. A client script or UI that will allow whitelisted users to configure, initiate and cancel the trades.
  3. We will also deploy and test the solution on a testnet of Nexus’ choice.

Development Roadmap

This project should take around 7 weeks of development and testing, with a gap period during the audit of the smart contracts.

Milestones 1: Prototype

Description: Complete the solution design and implement it. This includes smart contracts and the initial version of the client script
Deliverables: Pull Request in Nexus GitHub repository with solidity code, tests, and client scripts.
Duration: 5 weeks

Note: Extensive research and design of the solution has already been made and double-checked with engineers from the core team. This technical specification can be shared upon request.

Milestone 2: Integration and testing

Description: Deployment to testnet, manual testing, and integration. Additional work on client script or UI.
Deliverables: Working smart contracts in testnet, working client script or UI.
Duration: 1 week

Milestone 3: Production testing and hardening

Description: Our team will provide support during the Mainnet / production deployment to be performed via Nexus Governance.
Deliverables: none.
Duration: 1 week


We split the budget in 2 components:

  • To be paid in stable coins:
    • 16,800 USDC (or other stable coin).
    • 50% (8,400 USDC) as soon as the proposal is approved, 50% (8,400 USDC) once the code is delivered for review.
  • To be paid in tokens:
    • 2,300 wNXM
    • To be paid once the code is delivered for review.


  • During development
    • 1 Solidity Engineer: 5 weeks
    • 1 Full-stack Engineer: 2 weeks
    • 1 Part-time PM: 7 weeks
  • During scoping and research phase:
    • 1 Part-time Business Analyst
    • 1 Part-time Solidity Engineer


Contact Info

Email: [email protected]
Telegram: @leolower

Team Members

  • Manuel Garcia: Co-founder and CEO of BootNode
  • Leo Lower: Co-founder and CTO of BootNode
  • Gerardo Nardelli: Solidity engineer at BootNode
  • Armando Andini: Solidity engineer at BootNode

Relevant Experience

BootNode is a software engineering studio that specializes in decentralized infrastructure, protocols, applications, and ecosystems.

Founded by a team of engineers with an average of 10+ years of experience building and shipping highly available, highly-scalable software for many industries and 3+ years for the blockchain ecosystem in particular.

Our mission is to provide unique and scarce resources to organizations changing the future of humanity through decentralized technologies.

Our vision is to become an essential and critical partner that enables these organizations to fulfill their mission.

We have contributed to countless organizations developing their blockchain projects applications, from ideation to massive adoption, applying proven UI design to React dapps, from protocol and architecture design to Solidity smart-contracts, relayers, backends, subgraphs, and integrations. We work the full-stack and pay special attention to product development, not just application programming.

Our engineers have participated in some of the most popular DeFi platforms and this has exposed us to all the different money legos. We can help you build on top or integrate down to any of these protocols.


@leolower thanks to you and the rest of the Bootnode team for posting this!

I’m strongly in support of this proposal. One of the main bottlenecks Nexus has right now is developer resource and the core team are 100% focused on V2 development and release. The core team have been connected to Bootnode over the past month or so and have been discussing specific areas of the Nexus code base that are important but not urgent to enhance. This specific item is perfect as a starting point because it fits the criteria and is quite separate from the current V2 work.

The Bootnode team come highly recommended from various common supporters and during the completed scoping process have already demonstrated they have the skills to deliver. I am hopeful this engagement (if approved) can lead to an ongoing relationship to expand and diversify the engineering capabilities of Nexus.

One question is whether we should employ more developer resources in the core team vs outsourcing, I’m strongly of the opinion we need to do both. We have a large backlog of tasks that would all add material value to the mutual, from bundled tokens, to Layer 2, to governance to research work on the bonding curve as well as a long list of smaller items.

Looking forward to the communities views here, and very excited to work with the Bootnode team.


excellent idea!! and agree, cowswap execution on big eth trades is flawless


Looks like a great idea, in support!


This is a great proposal, very bullish on CowSwap as a meta-DEX aggregator that will facilitate most of the mainnet transaction volume in the future.

The MEV protection element is crucial for large transactions commonly executed by the Mutual, from claims to large swaps and treasury diversification activities.

Big +1


This topic was automatically closed after 7 days. New replies are no longer allowed.