Sandwich Attack
An MEV exploit where an attacker observes pending transactions and strategically places their own transactions before and after to profit from price movements.
Sandwich Attack refers to a form of MEV exploitation where a malicious actor monitors pending blockchain transactions and strategically positions their own trades immediately before and after a target transaction to extract profit from the resulting price movement. When a user submits a large swap on a decentralized exchange like Uniswap, an attacker can front-run by purchasing the same asset first, artificially inflating its price, then back-run by selling immediately after the victim's trade executes at the worse rate. This manipulation has become endemic across DeFi, with sandwich attacks extracting over $212 million from Ethereum users in 2024 alone (according to EigenPhi MEV data). The attack exploits the transparent nature of public mempools combined with the ability to pay higher gas fees for transaction priority. Understanding sandwich attacks and their prevention mechanisms has become essential knowledge for smart contract auditors, protocol designers, and MEV researchers, making it a frequently tested topic in Web3 security interviews.
Sandwich Attack Mechanics
Step-by-step:
1. Observe: Attacker sees Alice's pending swap in mempool.
2. Front-Run: Attacker submits buy transaction BEFORE Alice's swap, buying same asset, driving price up.
3. Victim Executes: Alice's swap executes at worse price (price already moved up by attacker's front-run).
4. Profit: Attacker's second transaction executes AFTER, selling at higher price, capturing difference.
5. Profit Calculation: Attacker profits from price movement caused by sandwich.
Sandwich attacks are MEV extraction through transaction ordering.
Sandwich Attack Example
Concrete example:
ETH/USDC pool: 100 ETH, 200,000 USDC. ETH price = $2,000.
Alice wants to buy 10 ETH (should pay ~$20,000 USDC).
Attacker:
- Buys 5 ETH (pays ~$9,804 USDC). Pool now: 95 ETH, 209,804 USDC. Price: $2,208.
- Alice buys 10 ETH (pays ~$20,735 USDC). Pool now: 85 ETH, 230,539 USDC. Price: $2,712.
- Attacker sells 5 ETH (receives ~$13,560 USDC). Pool now: 90 ETH, 216,979 USDC.
Attacker profit: $13,560 - $9,804 = $3,756. Alice loss: $20,735 - $20,000 = $735.
Attacker profits at Alice's expense.
Sandwich Attack Scale
Real impact:
Daily Cost: Billions annually lost to sandwich attacks and MEV.
User Loss: Average user loses small amount per transaction.
Whale Impact: Large trades lose more (higher slippage).
Protocol Impact: Some protocols lose significant revenue to sandwich attacks.
Sandwich attacks are massive economic problem in DeFi.
Sandwich Attack Vulnerabilities
Where attacks occur:
Public Mempools: Bitcoin and Ethereum expose pending transactions. Obvious target.
DEXs: Any DEX with public mempool vulnerable.
Auctions: Batch auctions vulnerable if transactions visible before batching.
Bridges: Some bridge transactions vulnerable.
Most DeFi transactions vulnerable to sandwich attacks.
Sandwich Attack Defenses
Mitigation strategies:
Private Mempools: Hide pending transactions from public. Flashbots Relay model.
MEV-Burn: Require attackers to burn MEV extraction profits.
Intent-Based: Users specify intents not transactions. Solvers execute, preventing sandwich ordering.
Encrypted Mempools: Encrypt transactions until after ordering.
Threshold Encryption: Encrypt until threshold reached, deterministic ordering.
Slippage Protection: Fail transaction if price worse than threshold (prevents extreme sandwich).
Different defenses have different tradeoffs.
Career Opportunities
MEV creates roles:
MEV Researchers studying attack patterns earn $130,000-$320,000+.
Security Engineers building MEV defenses earn $120,000-$300,000+.
Protocol Designers creating sandwich-resistant protocols earn $130,000-$320,000+.
Searchers finding profitable MEV opportunities earn $100,000-$500,000+ (variable).
Flashbots Engineers building MEV infrastructure earn $130,000-$320,000+.
Best Practices
Protecting against sandwich attacks:
Slippage Limits: Set strict slippage limits preventing extreme overpayment.
Private Transactions: Use private relay (Flashbots) preventing public mempool exposure.
Batch Swaps: Split large swaps into smaller chunks reducing MEV.
Off-Peak Trading: Trade during lower MEV periods when fewer searchers active.
Intent Markets: Use intent-based systems when available.
The Future of Sandwich Attacks
Evolution:
Better Defenses: More protocols implementing MEV-resistant mechanisms.
Encrypted Execution: Encrypted execution engines preventing sandwich attacks.
Intent-Based Dominance: Shift toward intent-based systems reducing ordering attacks.
Encrypted Mempools: More chains moving toward encrypted mempools.
MEV Redistribution: Fair MEV distribution mechanisms benefiting users.
Prevent Sandwich Exploitation
Sandwich attacks are serious MEV problem affecting DeFi users. Understanding sandwich attacks helps you protect your transactions. If you're interested in MEV or DeFi security, explore MEV careers at Flashbots and protocol teams. These roles focus on building fair, sandwich-resistant trading.
Find Sandwich Attack Jobs
Explore positions at companies working with Sandwich Attack technology
Browse open roles