三明治攻击：加密交易者的详细指南

三明治攻击是一种市场操纵形式，它针对用户进行分散交流，从而利用价格变动来从受害者的贸易中获利。

A sandwich attack is a type of front-running exploit in which an attacker places two orders around a victim’s trade in a way that profits from price slippage.

三明治攻击是一种前进的漏洞，其中攻击者在受害者的贸易周围下达了两个订单，从而从价格滑倒中获利。

In a typical sandwich attack, a malicious actor watches the transaction mempool for large trades that might affect the price of a cryptocurrency. 

在典型的三明治袭击中，恶意演员观看了可能影响加密货币价格的大型交易的交易Mempool。

After being identified, the attacker executes a “back-running trade” by placing a “sell” order immediately following the victim’s trade and a “buy” order just before it.

在被确定后，攻击者通过在受害者交易后立即下达“卖出”订单，并在其之前下达“买入”订单，从而执行“后交易”。

The victim’s trade contributes to the manipulated price, which is intentionally inflated or deflated to their benefit. The attacker makes money by selling their coins once the victim’s transaction is completed.

受害人的贸易有助于操纵价格，该价格有意膨胀或放气。受害者的交易完成后，攻击者通过出售硬币来赚钱。

Why sandwich attacks matter for crypto traders

为什么三明治攻击对加密交易者很重要

Sandwich attacks matter significantly for crypto traders, especially beginners, due to their impact on maximal extractable value (MEV).

三明治攻击对加密货币交易者，尤其是初学者而言至关重要，因为它们对最大可提取价值（MEV）的影响。

MEV refers to the additional value that can be extracted from block production beyond standard block rewards. In essence, it allows miners or validators to strategically order transactions within a block to maximize their own profits.

MEV是指超出标准块奖励以外的块生产中可以提取的其他值。从本质上讲，它允许矿工或验证者在块内策略性地订购交易，以最大化自己的利润。

Sandwich attacks are a prime example of MEV exploitation. By manipulating transaction order, attackers capitalize on the public nature of the blockchain to front-run and back-run trades, profiting from the price slippage they induce.

三明治攻击是MEV开发的一个典型例子。通过操纵交易订单，攻击者利用区块链的公共性质到前进和后运行的交易，从他们诱发的价格滑倒中获利。

Here’s how these attacks impact traders:

这些攻击是如何影响交易者的：

Due to these concerns, the crypto community actively explores solutions to mitigate the negative impacts of MEV, such as:

由于这些担忧，加密货币社区积极探索解决方案，以减轻MEV的负面影响，例如：

Did you know? Maximal extractable value was once called miner extractable value. First introduced in the 2019 research paper “Flash Boys 2.0 Frontrunning, Transaction Reordering, and Consensus Instability in Decentralized Exchanges” by Phil Daian and others, the term was later changed to reflect the growing value that could be extracted through these strategies as the DeFi ecosystem expanded.

你可知道？最大可提取值曾经称为矿工可提取值。菲尔·戴安（Phil Daian）和其他人在2019年的研究论文“ Flash Boys 2.0 Frontrunt，交易重新订购和分散交流中的共识不稳定”中首次引入，后来更改了该术语，以反映可以通过这些策略提取的增长价值作为Defi Ecosystem的增长价值。扩展。

How sandwich attacks work: A step-by-step example

三明治攻击的工作方式：一个逐步的例子

The mechanics of a sandwich attack involve manipulating the price of an asset before and after a victim’s trade, using buy and sell orders strategically placed in the transaction queue.

三明治攻击的机制涉及处理受害者交易前后资产的价格，使用在交易队列中策略性地放置的买卖订单。

Let’s break down how a sandwich attack happens, using a simple example.

让我们用一个简单的示例分解三明治攻击是如何发生的。

Imagine you’re a crypto trader looking to buy 100 Ether (ETH) on a decentralized exchange (DEX) like Uniswap. Your large order will likely move the market and raise the price of ETH temporarily. An attacker who has been monitoring the network sees your trade. 

想象一下，您是一名加密货币交易者，希望在分散的交易所（DEX）（例如UNISWAP）上购买100 ETHER（ETH）。您的大订单可能会推动市场并暂时提高ETH的价格。一直在监视网络的攻击者看到您的交易。

But how does an attacker predict a large incoming order?

但是，攻击者如何预测庞大的传入秩序？

Attackers predict large incoming orders by monitoring the mempool, a public waiting area for unconfirmed blockchain transactions. Every user’s transaction details — like the tokens being traded, amounts, and slippage tolerances — are visible here before being added to a block. 

攻击者通过监视Mempool（未经证实的区块链交易的公共等候区）来预测大量传入订单。每个用户的交易详细信息（例如被交易的代币，金额和滑倒公差）在添加到块之前都可以看到。

Automated bots scan the mempool for large trades or high slippage tolerances, signaling opportunities for profit. Since transactions aren’t encrypted, attackers (via bots) analyze this data in real-time. 

自动机器人扫描Mempool的大型交易或高滑倒公差，这是盈利的信号。由于未加密交易，因此攻击者（通过机器人）实时分析了这些数据。

If a transaction looks profitable to manipulate, the attacker can act on it by submitting their own transaction with a higher gas fee, ensuring it’s processed first and exploiting the user’s trade.

如果交易看起来有利可图，则攻击者可以通过以较高的汽油费提交自己的交易来对其采取行动，从而确保首先处理并利用用户的交易。

Now, let’s understand how the attack unfolds:

现在，让我们了解攻击的发展方式：

An example in the below image shows a bot spotting a large Saitama token purchase in the mempool and buying the token first, pushing the price up. 

下图中的一个示例显示了一个机器人，发现了Mempool中购买的大型Saitama代币购买，并首先购买了代币，将价格推高。

The victim, who then purchases the token, ends up paying a higher price. The bot sells the token at this inflated price, earning over $200,000 in profit. The attack was made possible by delaying the victim’s transaction by over a minute.

然后购买令牌的受害者最终要支付更高的价格。该机器人以这个高昂的价格出售令牌，赚取了超过20万美元的利润。通过将受害者的交易延迟一分钟来使袭击成为可能。

Is MEV always negative?

梅夫总是负面的吗？

No, MEV is not inherently negative.

不，MEV并不是天生的负面。

While it can be exploited through malicious activities like sandwich attacks, it also has positive aspects. MEV can improve market efficiency by facilitating arbitrage and ensuring timely liquidations. It also provides an additional revenue stream for miners and validators, incentivizing their participation in the network. 

虽然可以通过诸如三明治攻击之类的恶意活动来利用它，但也有积极的方面。 MEV可以通过促进套利和确保及时清算来提高市场效率。它还为矿工和验证者提供了额外的收入来源，激励他们参与网络。

Furthermore, the pursuit of MEV has driven innovation in areas like blockspace auctions (the competitive process of securing space within a block for your transactions to be included and processed) and privacy-preserving technologies. However, it’s crucial to address the potential impact on traders (as discussed above) to ensure a balanced and sustainable crypto ecosystem.

此外，对MEV的追求驱动了诸如Blockspace拍卖等领域的创新（竞争过程的竞争过程，即包括您的交易，并处理您的交易）和保护隐私技术。但是，要解决对交易者的潜在影响（如上所述）至关重要，以确保平衡和可持续的加密生态系统。

How to prevent sandwich attacks in crypto

如何防止加密中的三明治攻击

By using slippage tolerance settings, breaking down larger trades, using private transaction services and avoiding high-traffic periods, you can reduce your chances of falling victim to a sandwich attack.

通过使用打滑的容忍设置，分解较大的交易，使用私人交易服务并避免人流时期，您可以减少陷入三明治攻击的受害者的机会。

Now that you understand how sandwich attacks work, here are some practical tips to avoid falling victim to them.

现在您了解了三明治攻击的工作原理，这里有一些实用的技巧，避免陷入困境。

Did you know? Two researchers introduced a game-theoretic approach in their paper titled “Eliminating Sandwich Attacks with the Help of Game Theory,” offering an algorithm that significantly reduces the risk of sandwich attacks, outperforming the auto-slippage method used by major automated market makers like Uniswap. This algorithm effectively minimizes transaction costs while

你可知道？两名研究人员在其论文中介绍了一种游戏理论方法，标题为“消除借助游戏理论来消除三明治攻击”，提供了一种算法，可显着降低三明治攻击的风险，胜过诸如UNISWAP之类的主要自动化营销商使用的自动脱落方法。该算法有效地最大程度地减少了交易成本