Crypto
2 min read

Sandwich Attack

An MEV strategy where a bot front-runs a victim’s trade by buying first, lets the victim’s trade push the price, then sells immediately after. Common on AMMs without slippage protection.

How sandwich attacks work

The mechanic:

  1. Bot monitors public mempool for pending transactions.
  2. Identifies vulnerable swap — one that will move price.
  3. Submits front-run transaction (with higher gas) to execute first, pushing price up.
  4. Victim's transaction executes at the new (worse) price.
  5. Bot's back-run transaction sells at the elevated price.
  6. Profit captured from the price spread.

The attack is enabled by AMM pricing dynamics and public mempool visibility.

Why this is a problem

Several effects:

  • Users get worse prices than they should.
  • Cumulative cost to users runs into millions per day at peak activity.
  • Most users don't realize they're being sandwiched.
  • Sophisticated bots capture value that should accrue to traders.

This is one form of MEV extraction.

Defenses

Several mitigations:

  • Slippage protection — set tight max slippage on swaps; trades revert if exceeded.
  • Private mempools — Flashbots Protect, MEV Blocker submit through private channels.
  • Intent-based DEXes — solver-based execution avoids public mempool.
  • Larger pools — sandwich profitability is lower against deep liquidity.
  • Limit orders — execute at specific prices rather than market.

Where sandwiching happens most

Vulnerable scenarios:

  • Large swaps on AMMs — bigger price impact = more profit.
  • Less-liquid token pairs — less depth means more impact.
  • Public mempool transactions — visible to all bots.
  • Time-pressure trades — users with poor slippage settings.

Major liquid pairs on deep pools are less vulnerable than long-tail tokens.

What individuals should know

For active DEX users:

  • Use slippage protection — set max slippage carefully.
  • Use private RPC — Flashbots Protect, MEV Blocker.
  • Trade liquid pairs when possible.
  • Use intent-based DEXes for routine swaps.

For broader awareness:

  • Sandwiching is endemic to public mempool DeFi.
  • Defense layers can significantly reduce exposure.
  • Sophisticated users routinely defend; casual users often don't.

Sandwich attacks are one of crypto's most-common forms of value extraction. They affect users mostly invisibly. The combination of careful slippage settings and private mempool usage provides meaningful protection for most users.