Lesson 3 — The transaction lifecycle: from eth_sendRawTransaction to inclusion

**Signing.** A transaction is a structured payload: nonce, gas price (or maxFeePerGas + maxPriorityFeePerGas under EIP-1559), gas limit, recipient, value, calldata, and chain ID. The user's wallet signs it with their private key using ECDSA over the secp256k1 curve, producing a `(r, s, v)` triple. The signature commits the sender to the exact byte content; any modification invalidates the signature. The signer's address is *derived from the signature* (no 'from' field is sent on the wire) — this is why a malformed signature with an invalid `v` value can produce a valid-looking transaction from an unintended address (a quirk most modern wallets handle correctly).

**Broadcasting and the mempool.** The signed transaction is sent via `eth_sendRawTransaction` to an Ethereum node. That node validates the signature, checks nonce ordering, gas-limit / gas-price feasibility, and adds the transaction to its local mempool, then gossips it to peer nodes. Within seconds the transaction is visible to most of the public mempool — including searchers, frontrunning bots, and MEV infrastructure. This visibility window is the source of frontrunning, sandwich attacks, and the entire MEV economy.

**Block building.** Validators select transactions from the mempool to include in their next block. Under proposer-builder separation (post-Merge, common on Ethereum mainnet), most validators delegate block-building to specialised builders via MEV-Boost. Builders construct blocks to maximise total transaction fees + MEV (frontrun + sandwich + arbitrage + liquidation profit). The selected block is proposed; if it gains attestations from a supermajority of validators, it's finalised after two epochs (~12 minutes).

**Mempool privacy and private order flow.** Because public-mempool visibility is hostile to certain transaction patterns (large swaps, sensitive DEX trades), private mempool / order-flow services have proliferated: Flashbots Protect, MEV Blocker, BloXroute private tx, Cowswap (RFQ + batch auction). These submit the transaction directly to selected builders without broadcasting it publicly first, eliminating sandwich-attack exposure. Reading audit reports written before ~2022 will often miss this — the assumption was 'all transactions are visible to all' and that's no longer fully true.

**Frontrunning, sandwich, and liquidation MEV.** With public-mempool visibility, an adversary watching new transactions can act on profitable opportunities before the original transaction confirms. (1) **Frontrunning**: sees a profitable trade, sends a copy with higher gas to confirm first. (2) **Sandwich**: sees a buy-then-confirm of token X, prepends an identical buy that pushes the price up + appends a sell at the higher price; user buys at the worst price, attacker pockets the difference. (3) **Liquidation racing**: when a DeFi loan becomes liquidatable, multiple bots race to be the first to call the liquidation function and capture the bounty. All three are well-studied; Flashbots research is the standard reference.

**The transaction-level invariants you can rely on.** Within a single transaction, all state changes are atomic — if any sub-call reverts, the entire transaction reverts. This is the property that makes flash loans possible (borrow + arbitrage + repay in one transaction; if any step fails, the loan is implicitly cancelled). It also means inter-call state is consistent at every observation point — you don't need to worry about concurrent mutation from another transaction *within the same transaction's execution* (you do need to worry about the *next* transaction in the same block, which an MEV bot will control).

**Block-timestamp manipulation.** Within MEV-boost block-building, the proposer has some discretion over `block.timestamp` (typically a few seconds, bounded by network synchronisation). Contracts that depend on tight timestamp windows for randomness or short auction periods are vulnerable. Use block numbers instead of timestamps where possible, or rely on commit-reveal / verifiable randomness for unpredictability.