Front-Running

A sandwich attack variant that exploits the block timestamp manipulation by miners or validators. By reordering transactions within a block to create a specific price movement, the attacker can sandwich a victim's trade between their own buy and sell orders.

• Mechanism: The attacker influences the block's timestamp to create a favorable price oracle reading, then executes the attack.
• Impact: Particularly effective against DeFi protocols that rely on TWAP oracles or use block timestamps for critical logic.

Occurs when a malicious validator or searcher intentionally excludes a victim's transaction from a block entirely to profit from the resulting state change.

• Mechanism: The attacker sees a profitable pending transaction (e.g., a large limit order) and prevents its inclusion, then submits their own transaction to capture the opportunity.
• Context: This is a form of censorship that transforms into financial gain, distinct from simple reordering.

Targets pending transactions that will provide liquidity to a pool. The attacker buys the asset before the liquidity is added (when price is lower) and sells after (when price is higher due to the deposit).

• Example: Seeing a large LP deposit about to be made to a Uniswap v2 pool, the attacker front-runs the deposit to buy the incoming asset, then sells into the new liquidity.
• Result: The liquidity provider suffers immediate impermanent loss on deposit, while the attacker profits.

Exploits the latency between an oracle price update and its on-chain confirmation. The attacker executes trades based on the known pending price change.

• Mechanism: Observes a signed oracle update transaction in the mempool, then front-runs it with trades that will benefit from the new price data.
• Systems at Risk: Lending protocols for liquidations, derivatives platforms, and any system using price feeds with update delays.

A broad strategy where bots monitor the mempool for any transaction that, when executed, will create a profitable arbitrage opportunity. The bot then submits its own transaction to execute that arbitrage first.

• Key Difference: Not a direct attack on a specific user, but a competition to be first to claim any observable on-chain opportunity.
• Ecosystem Role: While often extractive, GF bots also provide latency arbitrage and help with price efficiency across DEXs.

A market-making exploit where an attacker front-runs a taker's market order to widen the bid-ask spread and increase their profit.

• On an Order Book DEX: Seeing a large buy order, the attacker quickly buys from existing asks and places new, higher asks for the victim to fill.
• In an AMM: Similar to a sandwich attack, but focused on exploiting the immediate price impact before and after the victim's trade settles.

DEXs are the primary target for sandwich attacks, where bots exploit predictable trades. This results in slippage and MEV extraction for users. Protocols like Uniswap and Curve have implemented features like time-weighted average price (TWAP) orders and private transaction pools to mitigate this. The economic impact is direct, increasing costs for all liquidity takers.

Protocols like Aave and Compound are vulnerable to liquidation front-running. Bots monitor the mempool for undercollateralized positions, then race to be the first to submit a liquidation transaction, paying higher gas to claim the liquidation bonus. This creates a toxic environment where user positions are liquidated at worse prices, and the liquidator profits are competed away in gas auctions.

Front-running distorts NFT minting and trading. Bots can:

• Snatch newly minted NFTs by detecting mint transactions and submitting higher-gas copies.
• Exploit limited-edition drops, making them inaccessible to regular users.
• Front-run large buy orders on marketplaces to artificially inflate floor prices before selling. This undermines fair access and market integrity, leading platforms to implement commit-reveal schemes and Dutch auctions.

Cross-chain transactions are vulnerable due to their multi-step nature. A bot can observe a deposit transaction on the source chain, then front-run the relayer by submitting its own claim transaction on the destination chain with higher gas, stealing the funds. This attacks the atomicity of the bridge, forcing protocols to use more sophisticated validation and sequencing mechanisms.

Voting and proposal execution can be manipulated. A malicious actor can:

• Front-run a governance token purchase to gain voting power before a snapshot.
• Observe a passed proposal and front-run its execution to extract value from the state change (e.g., draining a treasury). This compromises the sybil-resistance and execution fairness of DAO operations, necessitating timelocks and execution delays.

The ecosystem has developed several countermeasures:

• Flashbots SUAVE: A decentralized block-building network aiming to democratize MEV.
• Private Transaction Pools (e.g., Flashbots Protect): Allow users to submit transactions without exposing them to the public mempool.
• Fair Sequencing Services (FSS): Protocols like Chainlink FSS order transactions fairly at the sequencer level.
• Commit-Reveal Schemes: Hide transaction intent until it's too late to front-run.

A cryptographic technique that separates the submission of a transaction from its execution. Users first submit a commitment (a hash of their intent) to the mempool. After a delay, they reveal the full transaction details. This prevents front-runners from understanding the transaction's value until it's too late to act. Commonly used in decentralized exchanges and auctions.

These are protocol or network-layer solutions that reorder transactions to neutralize the advantage of front-runners.

• FSS: A decentralized service that orders transactions by their arrival time at a trusted node, not by gas price.
• MEV Auctions: Protocols like Flashbots Auction allow searchers to bid for the right to include transactions in a block in a transparent, off-chain marketplace, reducing harmful on-chain competition.

Methods to hide transactions from the public mempool.

• Submarine Sends: Sending transactions directly to trusted miners/validators via private channels.
• Private Mempools: Services like Flashbots Protect RPC or BloXroute's Backbone encrypt and route transactions privately to block builders, shielding them from public scanning until inclusion.

A cryptographic primitive used by networks like Shutter Network. Transactions are encrypted before being broadcast. A decentralized keyholder committee then collectively decrypts them only after they are included in a block. This ensures the transaction content is completely hidden during the propagation phase, making front-running impossible.

User-level strategies to minimize exposure.

• Gas Price Strategies: Using tools to estimate optimal gas, avoiding overpaying which signals high-value trades.
• Slippage Tolerance: Setting a maximum acceptable price slippage on DEX trades (e.g., 0.5%) to prevent being victimized by sandwich attacks.
• Transaction Deadlines: Specifying a time limit for a transaction to execute, preventing it from being held in the mempool and targeted.

Building resistance directly into application logic.

• Batch Auctions: Processing all orders at a single clearing price at the end of a time interval (e.g., CowSwap).
• First-Come, First-Served (FCFS) Ordering: Some L2s or sidechains implement deterministic transaction ordering based on submission time.
• Pre-commitment Schemes: Used in NFT minting to require a commitment before a random reveal, preventing bots from sniping rare items.

A transaction is placed immediately after a known pending transaction to profit from its guaranteed execution. Unlike front-running, it does not displace the target transaction.

• Common Use: Executing an arbitrage trade right after a large DEX swap that moves the price.
• Effect: Generally less harmful than front-running as it doesn't harm the initial trader.

A specific, predatory form of front-running that surrounds a victim's large DEX trade. The attacker:

1. Front-runs the trade to buy the asset, driving the price up.
2. Lets the victim's trade execute at the worse price.
3. Back-runs to sell the asset at the inflated price, profiting from the spread.

This directly extracts value from the victim's transaction.

An advanced MEV attack where a miner or validator reorganizes past blocks (a chain reorg) to steal MEV that was captured by a previous block producer. This undermines blockchain finality and is considered a severe security threat.

• Mechanism: The attacker mines a competing chain that excludes a profitable MEV bundle and includes their own.
• Prevention: Relies on consensus security and proposer-builder separation (PBS).

A class of solutions designed to prevent front-running by enforcing a fair order for transaction processing. They act as a decentralized middleware between users and the blockchain.

• Goal: Process transactions in the order they are received, not by gas price.
• Examples: Chainlink Fair Sequencing Services (FSS), Shutter Network.
• Approach: Uses threshold encryption and decentralized key generation to hide transaction content until ordering is decided.

A cryptographic technique to hide transaction intent during the ordering phase. Users submit two transactions:

1. Commit: A transaction with a hashed version of their intent.
2. Reveal: A later transaction that discloses the intent and executes it.

This prevents front-runners from seeing the details needed to exploit a trade until it's too late to act, though it increases complexity and latency.