A sandwich attack is a front-running exploit in decentralized finance where a malicious actor, typically a MEV (Maximal Extractable Value) searcher, manipulates the price of an asset in an automated market maker (AMM) pool. The attacker identifies a large pending transaction, such as a token swap, that will significantly impact the price due to slippage. They then place one transaction before and one after the victim's transaction, "sandwiching" it. The first transaction buys the asset to drive the price up, the victim's transaction executes at this inflated price, and the attacker's second transaction sells the asset at the new, higher price for a risk-free profit, leaving the victim with slippage and a worse exchange rate.
LABS
Glossary
Sandwich Attack
A sandwich attack is a type of maximal extractable value (MEV) exploit on decentralized exchanges where a malicious actor places one transaction before and one after a victim's trade to profit from the resulting price slippage.
Chainscore © 2026
definition
BLOCKCHAIN SECURITY
What is a Sandwich Attack?
A sandwich attack is a form of front-running specific to decentralized finance (DeFi) where a malicious actor exploits the public nature of pending transactions to profit at the expense of a regular user.
The attack relies on the transparency of the mempool, where pending transactions are visible before being added to a block. Attackers use sophisticated bots to scan for profitable opportunities, often targeting trades with high gas fees that indicate urgency. The core vulnerability exploited is the constant product formula (e.g., x * y = k) used by AMMs like Uniswap, where a large trade in one direction creates predictable price movement. The attacker's profit is directly extracted from the victim's trade, representing a pure wealth transfer. This is a prime example of negative externalities in permissionless systems.
Mitigation strategies exist on both the user and protocol levels. Users can reduce exposure by setting lower slippage tolerances, using private transaction relays (like Flashbots Protect), or executing trades through DEX aggregators that employ anti-MEV routing. Protocol-level solutions include the implementation of time-weighted average price (TWAP) oracles, threshold encryption to hide transaction details until execution, and AMM designs with dynamic fees or batch auctions that process orders simultaneously. Despite these measures, sandwich attacks remain a persistent challenge, highlighting the inherent trade-offs between transparency, efficiency, and fairness in DeFi.
how-it-works
MECHANISM
How a Sandwich Attack Works: Step-by-Step
A sandwich attack is a form of front-running that exploits the public mempool to profit from a victim's pending transaction by placing orders before and after it.
A sandwich attack is a three-step, automated exploit targeting decentralized exchange (DEX) users. It occurs when a bot or searcher monitors the public mempool for a large, pending swap transaction—typically one that will significantly move the price of a token pair due to low liquidity. The attacker's goal is to insert their own transactions immediately before and after the victim's, 'sandwiching' it. The first transaction buys the same asset the victim is buying, driving the price up. The victim's transaction then executes at this inflated price, and the attacker's final transaction sells the asset back into the pool, profiting from the price difference created by the victim's own trade.
The attack's success hinges on two key blockchain mechanics: transaction ordering and automated market maker (AMM) pricing. In systems like Ethereum, validators (or block builders) have discretion over transaction order within a block. Attackers often pay higher gas fees or use private transaction relays to ensure their orders are placed correctly around the victim's. The AMM's pricing model, such as the constant product formula x * y = k, guarantees that a large trade will cause slippage. The attacker front-runs to capitalize on the predictable price impact, and the victim suffers worse execution, a loss known as maximal extractable value (MEV).
To execute, the attacker's bot must perform rapid, precise calculations. It identifies a profitable target by estimating the victim's slippage tolerance and the pool's available liquidity. It then submits two transactions in the same block: a buy order with a high gas price to go first, and a sell order to follow. The initial buy increases the price of the target token in the pool. When the victim's swap executes, it purchases the token at this higher price, pushing it even higher. Finally, the attacker's sell order liquidates their position at the new peak, capturing the spread. The victim is left with fewer tokens than expected, paying an implicit 'tax' to the attacker.
Common targets include popular DEXs like Uniswap and traders using simple market orders with high slippage settings. Defensive measures exist, such as using slippage protection, setting tighter slippage tolerance, employing private transaction services (e.g., Flashbots Protect), or trading on DEXs with built-in MEV protection. Understanding this mechanism is crucial for developers building trading interfaces and for users to safeguard their transactions from this pervasive form of DeFi exploitation.
key-features
MECHANISM
Key Characteristics of a Sandwich Attack
A sandwich attack is a form of Maximal Extractable Value (MEV) where a malicious actor exploits the public mempool to profit from a victim's pending transaction. This glossary section breaks down its core operational components.
01
Front-Running the Victim
The attacker's first action is to front-run the victim's transaction. By paying a higher gas fee, they ensure their own buy order is mined first, purchasing the asset before the victim's trade executes. This initial purchase creates artificial demand, driving the asset's price up on the Automated Market Maker (AMM) pool.
02
Exploiting Price Slippage
The attack capitalizes on the victim's specified slippage tolerance. The victim's buy order executes at the newly inflated price caused by the attacker's front-run. The larger the victim's order and slippage setting, the more profitable the attack becomes for the malicious actor.
03
Back-Running to Profit
Immediately after the victim's trade, the attacker back-runs the transaction. They sell the asset they purchased in step one back into the pool. Because the victim's trade pushed the price higher, the attacker sells at a profit, completing the 'sandwich' around the victim's transaction.
04
Dependence on Mempool Visibility
This attack is only possible because pending transactions are visible in the public mempool before they are confirmed. Search bots and MEV searchers scan the mempool for profitable opportunities like large trades with high slippage settings, which are prime targets for sandwiching.
05
Impact on the Victim
The victim suffers significant negative slippage, receiving far fewer tokens than expected at the quoted price. Their effective execution price is worse, and they pay the network gas fee for a failed optimal trade. This is a direct, quantifiable financial loss.
06
Common Mitigations
Users and protocols employ several defenses:
- Setting low slippage tolerance (e.g., 0.5%).
- Using private transaction relays (e.g., Flashbots Protect).
- Transaction batching and DEX aggregators that find optimal routes.
- Limit orders that execute only at a specified price.
visual-explainer
MECHANISM
Visualizing the Attack Flow
A sandwich attack is a sophisticated form of front-running that exploits the public nature of pending transactions on decentralized exchanges. This section breaks down the precise, multi-step sequence an attacker uses to extract value from a target trade.
The attack begins with surveillance. The attacker, often a MEV (Maximal Extractable Value) bot, monitors the public mempool for a large, pending swap transaction that will significantly impact the price of an asset pair. The target is typically a trade large enough to cause slippage on an Automated Market Maker (AMM) like Uniswap. By analyzing the transaction's details, the attacker can calculate the expected price movement and the potential profit from inserting their own trades around it.
Once a profitable target is identified, the attacker executes the "front-run" transaction. Using a higher gas fee, they ensure their transaction is mined first. This initial trade buys the same asset the victim is trying to purchase, driving its price up on the AMM's liquidity pool. The victim's original transaction is then processed at this now-inflated price, suffering greater slippage and receiving fewer tokens than anticipated. The attacker's profit is realized in the final "back-run" step.
Immediately after the victim's trade completes, the attacker executes the back-run transaction. They sell the asset they front-ran, capitalizing on the price increase caused by the victim's own large purchase. The attacker's sell order returns them to their original asset (e.g., ETH) but with a larger quantity, pocketing the difference. The entire sandwich—front-run, victim trade, back-run—is often bundled into a single block by a cooperating validator or block builder to guarantee atomic execution and prevent others from interfering.
The visual flow of the attack creates a distinctive price pattern: a sharp spike followed by a rapid partial reversal within one or two blocks. On-chain analysis tools can detect this signature. The victim is left with negative slippage and a worse effective price, while the liquidity providers in the pool earn extra fees from the attacker's two additional trades, which somewhat mitigates the pool's impermanent loss from the artificial price movement.
Understanding this flow is crucial for developers building trading interfaces and for traders employing protective strategies. Common defenses include using private transaction relays (like Flashbots Protect), setting strict slippage tolerances, breaking large orders into smaller batches, or utilizing DEX aggregators that offer some level of MEV protection. The attack exemplifies the constant tension in DeFi between transparent, permissionless systems and the economic incentives they create.
prerequisites-conditions
SANDWICH ATTACK
Prerequisites & Necessary Conditions
A sandwich attack is a specific type of frontrunning attack in decentralized finance (DeFi) where a malicious actor exploits the public visibility of pending transactions. The attacker places two transactions around a victim's transaction to profit from the resulting price movement.
02
High Slippage Tolerance
The victim's transaction must have a high slippage tolerance setting. This parameter defines the maximum acceptable price deviation for a swap. A high tolerance (e.g., 5-10%) gives the attacker room to manipulate the price between their two transactions and still have the victim's transaction execute successfully, which is essential for the attack to be profitable.
03
Sufficient Liquidity & Low Fee Tokens
The attack requires a target pool with sufficient liquidity to absorb the attacker's large buy and sell orders without excessive price impact from the attack itself. It is also most profitable on chains or with tokens that have low transaction fees, as the attacker must pay gas for two transactions (the 'bread' of the sandwich).
04
Automated Bidding (Priority Gas Auction)
To ensure their transactions are placed immediately before and after the victim's, attackers engage in a Priority Gas Auction (PGA). They use bots to outbid other potential attackers by submitting transactions with higher gas fees, competing to have their transactions included in the optimal block positions to encircle the target.
06
MEV Infrastructure
The attack relies on specialized Maximal Extractable Value (MEV) infrastructure. This includes MEV bots for detection and execution, and often a connection to private transaction relays or block builders to help ensure the malicious bundle of transactions is included in a block as a single, atomic unit.
security-considerations
SANDWICH ATTACK
Security Implications & Impact
Sandwich attacks exploit the predictable execution of public mempool transactions, resulting in direct financial loss for victims and systemic degradation of the trading environment.
01
Direct Financial Loss
The primary impact is the victim's loss of value. The attacker's front-running trade increases the price the victim pays, and their back-running trade sells into that inflated price, capturing the spread. This results in slippage and price impact far worse than expected, directly extracting value from the victim's trade.
02
Increased Transaction Costs
Victims pay more than just the lost value. The attack inflates gas fees for everyone involved, as attackers often use high-priority fees to ensure their transactions are mined before and after the victim's. This creates a negative externality, raising the base cost of using the network during periods of high MEV activity.
03
Market Inefficiency & Distortion
Sandwich attacks introduce artificial volatility and distort price discovery. By manipulating the Automated Market Maker (AMM) pool's price in a controlled manner, they create a false temporary price that does not reflect genuine supply and demand, harming the integrity of the on-chain market.
04
Erosion of User Trust
Repeated exposure to sandwich attacks erodes user confidence in decentralized exchanges. When traders consistently receive worse execution than quoted, they may abandon DeFi protocols or seek centralized alternatives with guaranteed execution prices, undermining a core value proposition of permissionless finance.
05
Network Congestion
The mechanics of the attack contribute to blockchain bloat. The attacker must broadcast at least two additional transactions (front-run and back-run) for every victim transaction. During active hunting periods, this can significantly increase the mempool size and overall network congestion.
mitigation-strategies
SANDWICH ATTACK
Mitigation and Prevention Strategies
These strategies focus on protecting users from frontrunning and slippage manipulation in decentralized exchanges by altering transaction execution parameters or using specialized protocols.
01
Slippage Tolerance
Setting a maximum acceptable price slippage percentage is the most common user-level defense. A low tolerance (e.g., 0.5%) causes a transaction to fail if a sandwich attack would push the price beyond the limit, protecting value but potentially increasing failed transactions. Key considerations:
- Too low: High failure rate from normal volatility.
- Too high: Ineffective protection against attacks.
04
Limit Orders & TWAP
Limit Orders execute only at a specified price or better, nullifying unfavorable slippage. Time-Weighted Average Price (TWAP) strategies break a large order into smaller chunks over time, minimizing market impact and reducing the profit opportunity for a sandwich. Use Case: Large institutional trades or DAO treasury management.
05
MEV-Aware Wallets & RPCs
Wallets and RPC endpoints can integrate protection by default. Examples include MetaMask's transaction simulation (showing potential MEV risk) and RPC services that route through private relays. User Benefit: Shifts the mitigation burden from the user to the wallet infrastructure, providing passive protection.
06
Protocol-Level Design (CFMMs & AMM v2/v3)
Constant Function Market Makers (CFMMs) like Uniswap v3 allow for concentrated liquidity, increasing capital efficiency and depth at specific price ranges, making large price impacts harder. Future designs may incorporate threshold encryption or commit-reveal schemes to hide transaction intent until execution.
ecosystem-context
DEX EXPLOIT
Sandwich Attack
A sandwich attack is a form of Maximal Extractable Value (MEV) where a malicious actor exploits the public mempool to profit from a victim's pending transaction on a decentralized exchange (DEX).
01
The Attack Mechanism
The attack involves three transactions executed in a single block:
- Front-run: The attacker places a buy order for the same asset as the victim, driving up its price.
- Victim Execution: The victim's original, now more expensive, swap is processed.
- Back-run: The attacker immediately sells the asset at the inflated price, profiting from the price difference. This is only possible because the attacker can observe the victim's transaction in the public mempool and pay higher gas fees to ensure their transactions are ordered around the victim's.
02
Key Prerequisites
For a sandwich attack to be feasible, specific blockchain conditions must be met:
- Public Mempool: Transaction details must be visible before block inclusion (common on Ethereum).
- High Slippage Tolerance: The victim must set a high slippage tolerance on their swap, allowing the price to move significantly.
- Sufficient Liquidity: The target pool must have enough liquidity for the attacker's orders to move the price and for profits to be meaningful.
- MEV Infrastructure: Attackers use searcher bots and connections to block builders or proposers to ensure transaction ordering.
03
Common Defense Strategies
Users and protocols employ several methods to mitigate sandwich attacks:
- Lower Slippage Tolerance: Setting a tight slippage (e.g., 0.5%) makes the attack unprofitable.
- Private Transactions: Using services like Flashbots Protect or Taichi Network to submit transactions directly to block builders, bypassing the public mempool.
- DEX Design: Automated Market Makers (AMMs) with concentrated liquidity or limit orders are less susceptible.
- MEV Protection RPCs: Endpoints that route transactions through private channels.
- Chain-Level Solutions: Protocols like Ethereum's PBS (Proposer-Builder Separation) aim to democratize MEV extraction.
04
Related Concepts & Ecosystem
Sandwich attacks exist within a broader MEV landscape:
- Generalized Front-Running: Seeing a profitable transaction (e.g., an arbitrage opportunity) and executing it first.
- Back-Running: Executing a transaction immediately after another to capitalize on its state change (e.g., buying an NFT after a listing).
- Liquidations: A common MEV opportunity where searchers compete to liquidate undercollateralized positions.
- MEV-Boost: The dominant middleware on Ethereum that allows proposers to outsource block building to specialized builders who extract MEV.
- Flashbots: A leading research and development organization building infrastructure to mitigate the negative externalities of MEV.
05
Real-World Impact & Detection
Sandwich attacks represent a direct, quantifiable cost to DeFi users.
- Financial Loss: Estimates suggest hundreds of millions in value are extracted annually via sandwich attacks.
- Tools for Detection: Users can review their transactions on Etherscan or specialized MEV explorers like EigenPhi to see if they were sandwiched.
- On-Chain Footprint: The attack leaves a clear signature: the victim's transaction is sandwiched between two swaps from the same attacker address in the same block.
- Protocol Risk: High levels of MEV activity can lead to network congestion and increased gas costs for all users.
SANDWICH ATTACK
Frequently Asked Questions (FAQ)
Common questions about the mechanics, detection, and prevention of sandwich attacks in decentralized finance (DeFi).
A sandwich attack is a form of Maximal Extractable Value (MEV) exploitation where a malicious actor, typically a searcher bot, profits by placing two transactions around a victim's pending transaction on a blockchain. The attacker first front-runs the victim's trade by buying the same asset, causing its price to rise on the Automated Market Maker (AMM). They then back-runs the victim's executed trade by selling the asset at the inflated price, profiting from the artificial price movement they created. This 'sandwiches' the victim's transaction, resulting in a worse execution price for them, known as slippage.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall