User Interactions (MUI)

This metric captures the requirement for a user, other than the attacker, to participate (e.g. execute a transaction or any other action) in the successful compromise. This metric determines whether the vulnerability can be exploited solely at the will of the attacker or whether a separate user (or user-initiated process) must participate in some manner. The Score is highest when no user interaction is required.

An example of an attack type requiring user interaction can be front-run attacks. The attackers need an initiated transaction from a user in order to front-run it.