Sandwich Attack

What Is a Sandwich Attack?

A sandwich attack is a form of market manipulation on decentralized exchanges where an attacker places two transactions around a victim's pending trade — one immediately before and one immediately after — to extract profit from the resulting price movement. The attacker buys the target asset just before the victim's swap executes (pushing the price up), then sells immediately after the victim's trade (profiting from the inflated price). Sandwich attacks are one of the most common forms of MEV (Maximal Extractable Value) extraction in DeFi, costing everyday users millions of dollars in worse execution prices.

Anatomy of a Sandwich Attack

Understanding a sandwich attack requires knowing how automated market makers work. AMMs price assets along a mathematical curve, where each trade shifts the price proportionally to its size relative to the pool's liquidity. When a user submits a swap, the expected output is calculated at the current pool state, but the actual execution price depends on the pool state at the moment the transaction is confirmed on-chain.

Here is how the attack unfolds step by step:

1. Detection: A user submits a swap on a DEX. This transaction enters the mempool — a public waiting area for unconfirmed transactions — where its details, including the token pair, amount, and slippage tolerance, are visible to anyone monitoring.

2. Front-run: The attacker detects the pending transaction and immediately submits a buy order for the same token, paying a higher gas fee to ensure their transaction is processed first. This buy shifts the AMM's price curve upward.

3. Victim execution: The victim's original swap executes at the now-inflated price, receiving fewer tokens than they expected. As long as the final price falls within the victim's slippage tolerance, the transaction goes through.

4. Back-run: The attacker submits a sell order immediately after the victim's trade, selling the tokens they bought in step 2 at the price elevated by the victim's purchase. The attacker captures the difference as profit.

The entire sequence settles within a single block, typically taking just seconds. The attacker's profit comes directly from the victim's worse execution price.

Why Sandwich Attacks Are Possible

Sandwich attacks exploit two fundamental properties of public blockchains:

Mempool Transparency

On most blockchains, pending transactions are publicly visible in the mempool before they are included in a block. This transparency, while valuable for network openness, gives attackers advance knowledge of upcoming trades, including the exact token amounts and slippage tolerances.

Transaction Ordering by Gas Price

Block producers (miners or validators) typically order transactions by gas price, with higher-paying transactions processed first. Attackers exploit this by paying premium gas fees to position their transactions precisely around the victim's trade. Some MEV searchers even collaborate with block builders through systems like Flashbots to guarantee precise transaction ordering.

AMM Price Mechanics

The deterministic pricing formula of AMMs means the attacker can calculate exactly how much the victim's trade will move the price and size their front-running trade to maximize profit while staying within the victim's slippage tolerance.

Real-World Scale of Sandwich Attacks

Sandwich attacks are not a theoretical concern — they occur on every major DEX, every day. Research has shown that sandwich bots have extracted hundreds of millions of dollars from DEX traders since the rise of DeFi. On Ethereum mainnet alone, sandwich attacks have been documented on Uniswap, SushiSwap, and virtually every other AMM-based exchange. The problem extends to other EVM-compatible chains as well, wherever public mempools and AMM-style trading coexist.

How to Protect Yourself from Sandwich Attacks

Set Tight Slippage Tolerances

The most straightforward defense is to reduce your slippage tolerance. A lower tolerance means your transaction will revert if the price moves too far from your expectation, making the sandwich unprofitable for the attacker. However, setting slippage too low can cause your transaction to fail during periods of normal market volatility.

Use Private Transaction Relays

Services like Flashbots Protect, MEV Blocker, and similar tools route your transaction through a private relay instead of the public mempool. Since attackers cannot see your pending trade, they cannot sandwich it. Many wallets and DEX interfaces now integrate private relay options by default.

Trade Through MEV-Protected Interfaces

Some DEX aggregators and frontends implement built-in MEV protection, routing trades through private channels or using batch auction mechanisms that eliminate the ordering advantage attackers rely on.

Use Limit Orders

Placing limit orders instead of market swaps eliminates sandwich risk entirely, since limit orders specify an exact price and are only filled if that price is available. Several DEX platforms now offer on-chain limit order functionality.

Break Up Large Trades

Larger trades are more attractive sandwich targets because they move the AMM price more, creating a bigger profit opportunity for the attacker. Splitting a large trade into smaller chunks across multiple blocks reduces the extractable value per transaction.

Sandwich Attacks vs. Other MEV Strategies

Sandwich attacks are distinct from other MEV strategies like pure front-running (which only involves placing a transaction before the victim) or arbitrage (which corrects price discrepancies across markets without directly harming a specific user). While arbitrage is generally considered beneficial for market efficiency, sandwich attacks are purely extractive — they provide no benefit to the ecosystem and directly transfer value from ordinary users to sophisticated bots.

The Evolving Defense Landscape

The DeFi ecosystem is actively developing solutions to mitigate sandwich attacks. Encrypted mempools, where transaction details remain hidden until block inclusion, would eliminate the attacker's information advantage. Order flow auctions allow users to capture some of the MEV their trades generate rather than losing it to bots. These innovations are gradually shifting the balance of power back toward everyday users, but until they are widely adopted, sandwich attacks remain a persistent cost of trading on public AMMs.