How does a sandwich attack work?

In a sandwich attack, a searcher spots a pending large trade in the mempool, places a buy order just before it (front-running) to push the price up, lets the victim's trade execute at the now-inflated price, then immediately sells (back-running) at the higher price. The victim receives fewer tokens than expected, and the attacker profits from the artificially created price difference. This all happens within the same block.

Can MEV affect my Bitcoin-backed lending transactions?

Yes, MEV can affect DeFi lending operations. When you interact with lending protocols on Ethereum or EVM chains, transaction ordering manipulation can impact collateral deposits, loan repayments, and especially liquidations. Liquidation MEV is a significant category — searchers compete to execute profitable liquidations, which can affect the timing and terms of liquidations on your positions. Using MEV-protected RPC endpoints can help mitigate these risks.

What tools and strategies exist to protect against MEV?

Several protection strategies are available: private transaction pools like Flashbots Protect that hide your transactions from the public mempool, MEV-aware DEX aggregators that route trades through MEV-resistant pathways, limit orders instead of market swaps to avoid slippage exploitation, and protocol-level features like commit-reveal schemes. Using lower slippage tolerances and timing transactions during periods of lower network activity can also reduce exposure.

Is MEV a problem that will eventually be solved?

MEV is unlikely to be fully eliminated because it is inherent to systems where someone must order transactions. However, the DeFi ecosystem is making significant progress on mitigating its harmful effects. Solutions like encrypted mempools, fair ordering protocols, MEV-redistribution mechanisms (where extracted value is returned to users or protocols), and improved order flow auctions are reducing the negative impact on regular users. The goal is not zero MEV but equitable MEV — ensuring users are not unfairly disadvantaged.

MEV and Its Effects on DeFi Users

Learn how Maximal Extractable Value (MEV) works, how it affects DeFi users through front-running and sandwich attacks, and strategies to protect your transactions.

13 min read

Understanding Maximal Extractable Value

Maximal Extractable Value — commonly known as MEV — is one of the most consequential and least understood dynamics in decentralized finance. At its core, MEV represents the additional profit that can be captured by controlling the order in which transactions are included in a block. While originally termed "Miner Extractable Value" in the proof-of-work era, the concept was renamed to "Maximal Extractable Value" after Ethereum's transition to proof-of-stake, since validators now serve the role previously held by miners.

Every time you submit a transaction on Ethereum or another EVM-compatible blockchain, that transaction enters a waiting area called the mempool before being included in a block. During this window, the transaction is visible to anyone monitoring the network. Sophisticated actors known as "searchers" scan the mempool continuously, looking for profitable opportunities created by pending transactions. When they find one, they pay validators to order transactions in specific ways that extract value — often at the expense of the original user.

The Scale of MEV

The scale of MEV extraction is staggering. Since the inception of Flashbots' MEV tracking in early 2020, billions of dollars in MEV have been extracted on Ethereum alone. This represents real value that has been redirected from regular users and protocols toward searchers and validators. Understanding MEV is not an academic exercise — it directly impacts the costs and outcomes of every on-chain transaction.

How MEV Extraction Works

MEV extraction relies on the fundamental principle that transaction ordering within a block is not fixed until the block is produced. Validators have discretion over which transactions to include and in what order. This creates a marketplace for transaction positioning.

The Mempool: A Transparent Waiting Room

When you submit a transaction — whether a token swap, a loan repayment, or a collateral deposit — it enters the mempool in an unencrypted, readable format. Searchers run sophisticated monitoring infrastructure that parses every pending transaction in real time, simulating its effects to identify profitable ordering opportunities.

This transparency is a design feature of public blockchains, enabling decentralization and verifiability. But it also means that every user's intentions are broadcast to the network before being executed, creating an information asymmetry that searchers exploit.

Searchers, Builders, and Validators

The modern MEV supply chain involves three key roles:

Searchers: Automated bots that identify MEV opportunities by analyzing mempool transactions. They construct "bundles" of transactions designed to extract value.
Block builders: Entities that assemble optimal blocks by combining user transactions with searcher bundles. They auction block space to maximize total value.
Validators: The entities that ultimately propose blocks. Under proposer-builder separation (PBS), validators select the most valuable block from competing builders.

This supply chain has become highly professionalized, with searchers investing millions in infrastructure to identify and capture MEV opportunities milliseconds faster than competitors.

Common MEV Attack Vectors

Several distinct MEV strategies directly impact DeFi users. Understanding these patterns is essential for protecting your transactions.

Front-Running

Front-running occurs when a searcher detects a profitable pending transaction and submits their own transaction ahead of it, typically by offering a higher gas fee. In the DeFi context, front-running most commonly targets large swap transactions.

For example, if you submit a transaction to buy a large amount of a token on a DEX, a front-runner can detect this, buy the token before your transaction executes (pushing the price up), and then sell after your purchase pushes the price even higher. You end up paying more than you should have, and the front-runner captures the difference.

Front-running also occurs in liquidation markets. When a borrowing position becomes eligible for liquidation on lending protocols, searchers race to submit the liquidation transaction first, capturing the liquidation bonus. While this does ensure that unhealthy positions are promptly liquidated (maintaining protocol solvency), it also means that the liquidation profit is captured by MEV actors rather than being distributed more equitably.

Sandwich Attacks

The sandwich attack is perhaps the most well-known MEV strategy and the one most directly harmful to ordinary users. It combines front-running and back-running around a victim's transaction:

Detection: The searcher identifies a pending swap transaction with meaningful price impact.
Front-run: The searcher buys the target asset just before the victim's transaction, moving the price against the victim.
Victim execution: The victim's swap executes at a worse price than expected, within their slippage tolerance.
Back-run: The searcher immediately sells the asset at the price inflated by the victim's trade, capturing the spread.

The victim receives fewer tokens than they would have without the sandwich, and the searcher profits from the artificially created price movement. Sandwich attacks are particularly insidious because they are completely invisible to the victim unless they specifically analyze the block that contains their transaction.

Just-In-Time (JIT) Liquidity

A more subtle MEV strategy involves providing concentrated liquidity to a DEX pool just before a large trade, capturing the trading fees, and removing the liquidity immediately after. While this does not directly harm the trader (who actually benefits from the added liquidity reducing their price impact), it redirects fee revenue from passive liquidity providers to sophisticated MEV actors.

Liquidation MEV

In DeFi lending, liquidations represent a major MEV category. When a borrower's collateral value drops below the required threshold, their position becomes liquidatable with a bonus incentive. Searchers compete aggressively to execute these liquidations, engaging in priority gas auctions that bid up transaction fees and sometimes employing complex multi-step strategies involving flash loans.

For users of Bitcoin-backed lending platforms — including those aggregated by Borrow — liquidation MEV is particularly relevant. If your BTC-collateralized position approaches its liquidation threshold, the actual liquidation execution and its timing will be determined by MEV dynamics. Understanding this helps in setting appropriate collateral ratios and monitoring positions proactively.

The Hidden Costs of MEV

MEV imposes several costs on DeFi users beyond the direct value extracted from individual transactions.

Increased Gas Costs

When multiple searchers compete for the same MEV opportunity, they engage in gas fee bidding wars that can spike network-wide gas prices. During periods of high MEV activity (such as major price movements triggering cascading liquidations), gas prices can increase dramatically, making even routine transactions expensive for all network users.

Worse Execution Quality

MEV extraction systematically degrades trade execution for ordinary users. The cumulative effect of front-running and sandwich attacks means that DeFi users consistently pay more for swaps than they would in a MEV-free environment. Studies have estimated that MEV costs DeFi users on the order of tens of millions of dollars monthly.

Consensus Layer Risks

At the extreme, MEV can threaten blockchain consensus itself. If the value available from reordering transactions in a past block exceeds the block reward, validators have an economic incentive to attempt chain reorganizations — essentially rewriting recent history to capture MEV opportunities. While this remains largely theoretical on Ethereum due to its finality mechanism, it represents a systemic risk that the community takes seriously.

Centralization Pressures

The professionalization of MEV extraction creates centralization pressures. Searchers and builders with the best infrastructure and the fastest connections to validators capture disproportionate MEV, creating economies of scale that favor large, well-capitalized operations. This concentration of power conflicts with DeFi's decentralization ethos.

Protecting Yourself from MEV

While MEV cannot be entirely avoided, several strategies can significantly reduce your exposure.

Private Transaction Pools

The most effective protection is preventing searchers from seeing your transactions. Private transaction pools — also known as MEV-protected RPC endpoints — route your transactions directly to validators without passing through the public mempool. Flashbots Protect is the most widely used solution, offering a simple RPC endpoint that hides your transactions from searchers.

By adding the Flashbots Protect RPC to your wallet (e.g., MetaMask), all your transactions bypass the public mempool and are sent directly to block builders via a private channel. This eliminates the information advantage that searchers rely upon for front-running and sandwich attacks.

Slippage Management

Setting appropriate slippage tolerances is a simple but effective defense. Lower slippage tolerance means a sandwich attack would need to move the price less to fall within your accepted range, making the attack less profitable and therefore less likely. However, setting slippage too low can cause transactions to fail during volatile markets, so balance is necessary.

DEX Aggregators with MEV Protection

Modern DEX aggregators like 1inch and CoW Swap incorporate MEV protection features. CoW Swap, for example, uses batch auctions where trades are settled at uniform clearing prices, fundamentally preventing sandwich attacks. 1inch offers a fusion mode that similarly protects users from MEV by matching orders off-chain.

Timing and Size Considerations

Larger transactions attract more MEV attention. When possible, breaking large swaps into smaller transactions can reduce individual MEV exposure — though this increases total gas costs. Timing transactions during lower-activity periods (when fewer searchers are competing) can also help, though sophisticated searchers operate around the clock.

Limit Orders

Using limit orders rather than market swaps eliminates the slippage that sandwich attacks exploit. Protocols like 1inch Limit Orders and Uniswap's upcoming on-chain limit order features allow users to specify exact prices, removing the profitable window that MEV actors target.

MEV in the Context of Bitcoin DeFi

Bitcoin's DeFi ecosystem interacts with MEV differently depending on the layer and mechanism involved.

Native Bitcoin Transactions

Bitcoin's native UTXO model and simpler scripting language create a smaller MEV surface compared to Ethereum. However, MEV does exist on Bitcoin — particularly around inscription/ordinals minting, RBF (replace-by-fee) sniping, and time-sensitive transactions. The emergence of more complex Bitcoin L2 solutions may expand this surface.

Wrapped BTC on EVM Chains

When Bitcoin is wrapped (as WBTC, cbBTC, or similar tokens) and used on EVM chains, it becomes fully subject to Ethereum MEV dynamics. Users borrowing stablecoins against wrapped BTC collateral through platforms accessible via Borrow should be aware that their lending transactions — deposits, withdrawals, repayments, and especially liquidations — are visible in the mempool and subject to MEV extraction.

Cross-Chain MEV

As cross-chain bridges become more sophisticated, a new category of cross-chain MEV is emerging. Arbitrage opportunities between Bitcoin L2 lending rates and Ethereum mainnet rates, for example, could be exploited by searchers with infrastructure spanning both ecosystems. This is an area of active research and development.

The Evolving MEV Landscape

The MEV ecosystem is rapidly evolving, with multiple approaches seeking to mitigate harmful MEV while preserving its market-efficiency benefits.

Proposer-Builder Separation (PBS)

Ethereum's PBS architecture separates the roles of block proposal and block construction. This reduces centralization risk by allowing validators to outsource block building to specialized entities while maintaining proposer diversity. However, it also formalizes the MEV supply chain rather than eliminating it.

MEV Redistribution

Some protocols are experimenting with capturing MEV and redistributing it to users or liquidity providers. MEV-Share, developed by Flashbots, allows searchers to share a portion of their profits with the users whose transactions enabled the MEV opportunity. This "fair share" approach aims to ensure users benefit from the value their transactions create.

Encrypted Mempools and Threshold Encryption

One of the most promising long-term solutions involves encrypting transactions in the mempool so that their contents cannot be read until they are included in a block. Threshold encryption schemes, where transactions can only be decrypted by a quorum of validators, would eliminate the information asymmetry that enables front-running and sandwich attacks. Projects like Shutter Network and SUAVE are developing these technologies.

Intent-Based Architectures

A paradigm shift toward intent-based transaction systems could fundamentally change MEV dynamics. Instead of submitting specific transactions, users would submit "intents" — desired outcomes like "swap X for at least Y tokens" — and solvers would compete to fulfill these intents optimally. This competition benefits users rather than exploiting them, as solvers are incentivized to provide the best execution rather than extract the most value.

Practical Takeaways for DeFi Participants

Understanding MEV should inform how you interact with DeFi protocols:

Use MEV-protected RPCs for all transactions, especially swaps and large lending operations.
Monitor your collateral ratios carefully on lending platforms, understanding that liquidation timing will be influenced by MEV dynamics.
Set conservative slippage tolerances and consider limit orders for large trades.
Evaluate protocols based on their MEV mitigation features when comparing lending venues through aggregators like Borrow.
Stay informed about evolving MEV protection technologies and adopt them as they become available.

MEV is not going away — it is a structural feature of transparent, permissionless blockchains. But the tools to mitigate its harmful effects are improving rapidly. By understanding the mechanics and adopting available protections, DeFi users can significantly reduce the hidden tax that MEV imposes on their transactions.

On this page

Related Guides

Advanced

Flash Loans and Their Impact on DeFi

Explore how flash loans work, their legitimate use cases in DeFi, and the security implications they introduce for lending protocols and liquidity pools.

Intermediate

Understanding Protocol Risks in DeFi Lending

A comprehensive guide to the types of risks present in DeFi lending protocols, including smart contract risk, oracle risk, governance risk, and systemic risk, with practical mitigation strategies.

Common Questions

MEV, or Maximal Extractable Value, refers to the profit that block producers (validators or miners) and specialized searchers can extract by reordering, inserting, or excluding transactions within a block. It matters because MEV extraction often comes at the direct expense of regular users — through worse trade execution, higher gas costs during bidding wars, and front-running that captures value that should have gone to the user initiating the transaction.