MEV Classification

The most common form of MEV, where a searcher profits from price differences for the same asset across different DEX pools or markets. This is often considered benign as it helps align prices across the ecosystem.

• Example: Buying ETH on Uniswap where it's cheaper and instantly selling it on Sushiswap where it's more expensive in the same block.
• Tools: Searchers use sophisticated bots and flash loans to execute these risk-free trades.

Profiting from closing undercollateralized loans in lending protocols like Aave or Compound. Liquidators pay off the bad debt and receive the collateral at a discount as a reward.

• Process: A searcher's bot monitors loan health, and when the collateral factor drops below the required threshold, it submits a transaction to liquidate the position.
• Impact: Essential for protocol solvency but creates a competitive, high-speed environment for searchers.

A malicious form of MEV where a searcher exploits a visible pending transaction. The attacker places one order before and one after the victim's trade to profit from the induced price movement.

• Mechanism: 1. Front-run the victim's large buy order with the attacker's own buy. 2. Let the victim's order execute, pushing the price up. 3. Back-run the victim by selling the purchased assets at the higher price.
• Result: The victim receives worse execution (slippage), and the attacker pockets the difference.

A consensus-level attack where a miner or validator reorgs the blockchain to steal MEV that was captured in a previous block. This is one of the most severe forms of MEV as it threatens blockchain finality.

• How it works: The attacker mines a competing chain in secret, sees a profitable MEV opportunity that was just included in the canonical chain, and then re-mines a block to include that opportunity for themselves.
• Mitigation: Protocols like Ethereum use proposer-builder separation (PBS) to reduce the incentive for such attacks.

Encompasses a wide variety of niche, opportunistic strategies beyond the major categories. These are often specific to certain protocols or novel DeFi interactions.

• Examples: NFT MEV (sniping rare mints, arbitraging NFT floor prices), Oracle manipulation (influencing price feeds for profit), Governance attacks (accumulating tokens to influence votes), and Bridge arbitrage (exploiting price differences between L1 and L2).
• Characteristic: Often less competitive but requires deep protocol-specific knowledge.

MEV is also categorized by its net effect on network users and health, not just its method.

• Extractable Value (EV): The broadest term for any value that can be extracted from block production.
• Negative Externalities: MEV that harms regular users (e.g., sandwich attacks, network congestion from spam).
• Neutral/Rebated: Value captured by searchers but returned to users via mechanisms like MEV redistribution or CowSwap's batch auctions.
• Public Good: MEV that is captured and directed to fund protocol development or public goods (e.g., via MEV-Boost relays).

The most common form of MEV, where a searcher profits from price discrepancies for the same asset across different liquidity pools or exchanges.

• Mechanism: A searcher's bot detects a token is priced lower on DEX A than on DEX B. It executes an atomic transaction to buy on A and sell on B, capturing the spread.
• Example: A stablecoin trading at $0.999 on Uniswap and $1.001 on Curve. The arbitrageur buys on Uniswap and sells on Curve, earning a profit and helping to rebalance prices across the ecosystem.

Profiting from the forced closure of undercollateralized loans in lending protocols like Aave or Compound.

• Mechanism: When a loan's collateral value falls below a required health factor, it becomes eligible for liquidation. Searchers compete to be the first to supply the transaction that repays the debt and receives the collateral at a discount.
• Example: A user's ETH-backed loan becomes undercollateralized after a price drop. A searcher's bot repays 100 DAI of the debt to claim 105 DAI worth of ETH, earning a 5% liquidation bonus.

A predatory form of MEV that targets a pending user transaction with a large trade.

• Mechanism: The searcher detects a large market order in the mempool. They front-run it by buying the asset first (driving the price up), allow the user's trade to execute at the worse price, and then back-run it by selling the asset (profiting from the inflated price).
• Impact: This results in slippage and increased cost for the original trader, while the searcher extracts value from the price impact.

A malicious form of MEV where a validator reorganizes the blockchain's history to steal profits that were already realized.

• Mechanism: After a block containing profitable MEV (like a large arbitrage) is published, a validator with sufficient stake can intentionally fork the chain. They produce an alternative block where they include their own transaction to capture that profit instead.
• Context: This undermines blockchain finality and is considered an attack. It is primarily a theoretical risk on networks with weak consensus finality, mitigated by mechanisms like proposer-builder separation (PBS).

Extracting value by artificially influencing the price data that on-chain oracles (like Chainlink or Uniswap V3 TWAP) report to DeFi protocols.

• Mechanism: A searcher executes a series of large, manipulative trades on a low-liquidity pool to skew the spot price or time-weighted average price (TWAP). They then trigger a protocol function (e.g., minting a synthetic asset, settling a prediction market) that uses this manipulated price.
• Example: Temporarily pumping the price of an asset in a pool to mint an overvalued collateralized debt position (CDP).

Opportunities that arise from complex, multi-step interactions with various DeFi primitives, often involving flash loans.

• Mechanism: Searchers use flash loans to borrow large amounts of capital without collateral, enabling them to execute sophisticated strategies across multiple protocols in a single atomic transaction bundle.
• Examples Include:
  • NFT MEV: Sniping undervalued NFTs in minting events or exploiting pricing errors in marketplaces.
  • Governance Manipulation: Acquiring voting power temporarily to influence a protocol decision.
  • DeFi Lego Exploits: Combining lending, swapping, and staking actions in novel ways to extract value from protocol fee structures or incentive misalignments.

The most common and generally benign form of MEV, where searchers profit from price discrepancies across decentralized exchanges (DEXs) on the same or different blockchains. This activity helps align prices across markets, improving liquidity efficiency.

• Example: Buying ETH on Uniswap where it's cheaper and instantly selling it on SushiSwap where it's more expensive in the same block.
• Impact: Generally considered positive for market health, as it reduces arbitrage opportunities and brings markets to equilibrium.

A necessary form of MEV that enforces the solvency of lending protocols like Aave and Compound. Searchers compete to repay undercollateralized loans and claim a liquidation bonus, which acts as a keeper reward.

• Mechanism: Bots monitor loan health and submit transactions to trigger liquidation when collateral value falls below a threshold.
• Impact: Critical for protocol security, preventing bad debt. However, competition can lead to high gas auctions, increasing network congestion and costs for all users.

A malicious and exploitative form of MEV that targets ordinary users. A searcher front-runs a victim's large DEX trade (placing their own order first) and then back-runs it (selling after), profiting from the price impact the victim's trade creates.

• Result: The victim receives a worse effective price (slippage), while the attacker profits.
• Impact: A direct tax on users, reducing trust in decentralized trading. It represents a clear negative externality of public mempools.

A severe security threat where a miner or validator re-organizes the blockchain (reorg) to extract value from past blocks. This involves rewriting history to include or exclude certain transactions for profit.

• Capability: Requires significant hashing power (PoW) or stake (PoS) to execute.
• Impact: Undermines blockchain finality and settlement guarantees. It is considered one of the most dangerous forms of MEV, as it attacks the core security assumption of immutable history.

MEV can also be classified by its temporal impact on the network.

• Short-Term MEV: Includes arbitrage and liquidations. Value is extracted from single-block opportunities. While it can cause congestion, it doesn't fundamentally alter chain state over time.
• Long-Term MEV: Involves strategic positioning over multiple blocks or epochs. Examples include staking derivatives manipulation or governance attacks to capture future protocol fees. This poses systemic risks to protocol governance and economic security.

A key distinction based on who benefits and whether value creation or extraction dominates.

• Protocol MEV: Value extracted that aligns with or benefits the protocol's intended function. Examples include liquidation bonuses (enforcing solvency) and DEX fee revenue.
• Parasitic MEV: Value extracted that provides no net benefit to the protocol or its users and often harms them. Sandwich attacks are the canonical example, representing pure value extraction from users with no compensating benefit.

A Sandwich Attack is a malicious form of MEV where a searcher exploits a pending user transaction. The attacker places one transaction before and one after the victim's trade to extract value from the price slippage they create.

• Process: 1. Front-run: Buy the asset the victim is about to buy, driving its price up. 2. Victim's trade executes at the inflated price. 3. Back-run: Sell the asset immediately after, profiting from the price increase caused by the victim's trade.
• Result: The victim receives worse execution (negative slippage), and the attacker pockets the difference.

Time-Bandit Attacks (or Reorg Attacks) represent a severe, blockchain-level form of MEV extraction. Here, a miner or validator with significant hash/stake power intentionally reorganizes the chain's recent history to steal MEV that was already captured in a previous block.

• Mechanism: The attacker mines a secret, alternative chain that excludes a profitable MEV transaction. Once they find a chain that allows them to include and claim that value for themselves, they release it, causing the network to reorg to this heavier chain.
• Impact: This undermines blockchain finality, creates significant centralization pressure, and is considered a direct attack on network security.

The most common form of MEV, where searchers exploit price discrepancies for the same asset across different decentralized exchanges (DEXs) or liquidity pools. This involves atomic transactions that buy low on one venue and sell high on another, capturing the spread as profit. While often considered benign or even beneficial for price efficiency, it can increase gas costs for regular users.

• Example: Buying ETH on Uniswap where it's priced at $3,000 and simultaneously selling it on SushiSwap where it's priced at $3,010.

MEV derived from triggering the forced closure of undercollateralized loans in lending protocols like Aave or Compound. Searchers monitor positions and compete to be the first to supply the transaction that repays the debt or seizes the collateral, earning a liquidation bonus as a reward. This activity is critical for protocol solvency but creates a high-stakes, latency-sensitive competition.

• Mechanism: A user's loan falls below the required collateralization ratio, triggering a public liquidation opportunity that searchers race to execute.

A malicious form of MEV where an attacker exploits a visible pending transaction. The attacker front-runs the victim's large DEX trade (placing their own order first to move the price) and then back-runs it (selling after the victim's trade executes at the worse price), profiting from the artificial slippage inflicted on the victim.

• Impact: The victim receives a worse execution price, while the attacker profits, representing a direct wealth transfer. This is a primary concern for DEX traders.

A theoretical and highly disruptive class of MEV where validators or miners attempt to reorganize the blockchain (reorg) to capture profitable MEV opportunities from past blocks. This involves discarding recently confirmed blocks and replacing them with a new chain that includes the validator's extracting transactions. It undermines blockchain finality and is considered a severe security threat.

• Prevention: Mitigated by proposer-builder separation (PBS) and consensus-layer safeguards that penalize reorgs.

Encompasses a wide variety of niche or emerging MEV strategies beyond the major categories. This includes NFT MEV (e.g., sniping rare mints or exploiting marketplace logic), bridge MEV (arbitraging assets between chains), governance MEV (influencing DAO votes), and oracle manipulation. These strategies are often more complex and specific to particular applications.

• Characteristic: Less saturated than DEX arbitrage, but requires deep protocol-specific knowledge.