Sandwich Attacks: A Detailed Guide for Crypto Traders

Sandwich attacks are a form of market manipulation that targets users on decentralized exchanges, exploiting price movements to profit off of a victim's trade.

A sandwich attack is a type of front-running exploit in which an attacker places two orders around a victim’s trade in a way that profits from price slippage.

In a typical sandwich attack, a malicious actor watches the transaction mempool for large trades that might affect the price of a cryptocurrency. 

After being identified, the attacker executes a “back-running trade” by placing a “sell” order immediately following the victim’s trade and a “buy” order just before it.

The victim’s trade contributes to the manipulated price, which is intentionally inflated or deflated to their benefit. The attacker makes money by selling their coins once the victim’s transaction is completed.

Why sandwich attacks matter for crypto traders

Sandwich attacks matter significantly for crypto traders, especially beginners, due to their impact on maximal extractable value (MEV).

MEV refers to the additional value that can be extracted from block production beyond standard block rewards. In essence, it allows miners or validators to strategically order transactions within a block to maximize their own profits.

Sandwich attacks are a prime example of MEV exploitation. By manipulating transaction order, attackers capitalize on the public nature of the blockchain to front-run and back-run trades, profiting from the price slippage they induce.

Here’s how these attacks impact traders:

Due to these concerns, the crypto community actively explores solutions to mitigate the negative impacts of MEV, such as:

Did you know? Maximal extractable value was once called miner extractable value. First introduced in the 2019 research paper “Flash Boys 2.0 Frontrunning, Transaction Reordering, and Consensus Instability in Decentralized Exchanges” by Phil Daian and others, the term was later changed to reflect the growing value that could be extracted through these strategies as the DeFi ecosystem expanded.

How sandwich attacks work: A step-by-step example

The mechanics of a sandwich attack involve manipulating the price of an asset before and after a victim’s trade, using buy and sell orders strategically placed in the transaction queue.

Let’s break down how a sandwich attack happens, using a simple example.

Imagine you’re a crypto trader looking to buy 100 Ether (ETH) on a decentralized exchange (DEX) like Uniswap. Your large order will likely move the market and raise the price of ETH temporarily. An attacker who has been monitoring the network sees your trade. 

But how does an attacker predict a large incoming order?

Attackers predict large incoming orders by monitoring the mempool, a public waiting area for unconfirmed blockchain transactions. Every user’s transaction details — like the tokens being traded, amounts, and slippage tolerances — are visible here before being added to a block. 

Automated bots scan the mempool for large trades or high slippage tolerances, signaling opportunities for profit. Since transactions aren’t encrypted, attackers (via bots) analyze this data in real-time. 

If a transaction looks profitable to manipulate, the attacker can act on it by submitting their own transaction with a higher gas fee, ensuring it’s processed first and exploiting the user’s trade.

Now, let’s understand how the attack unfolds:

An example in the below image shows a bot spotting a large Saitama token purchase in the mempool and buying the token first, pushing the price up. 

The victim, who then purchases the token, ends up paying a higher price. The bot sells the token at this inflated price, earning over $200,000 in profit. The attack was made possible by delaying the victim’s transaction by over a minute.

Is MEV always negative?

No, MEV is not inherently negative.

While it can be exploited through malicious activities like sandwich attacks, it also has positive aspects. MEV can improve market efficiency by facilitating arbitrage and ensuring timely liquidations. It also provides an additional revenue stream for miners and validators, incentivizing their participation in the network. 

Furthermore, the pursuit of MEV has driven innovation in areas like blockspace auctions (the competitive process of securing space within a block for your transactions to be included and processed) and privacy-preserving technologies. However, it’s crucial to address the potential impact on traders (as discussed above) to ensure a balanced and sustainable crypto ecosystem.

How to prevent sandwich attacks in crypto

By using slippage tolerance settings, breaking down larger trades, using private transaction services and avoiding high-traffic periods, you can reduce your chances of falling victim to a sandwich attack.

Now that you understand how sandwich attacks work, here are some practical tips to avoid falling victim to them.

Did you know? Two researchers introduced a game-theoretic approach in their paper titled “Eliminating Sandwich Attacks with the Help of Game Theory,” offering an algorithm that significantly reduces the risk of sandwich attacks, outperforming the auto-slippage method used by major automated market makers like Uniswap. This algorithm effectively minimizes transaction costs while