Sandwich Attack: MEV Explained & Defenses

A sandwich attack is an MEV (Maximal Extractable Value) tactic where an attacker “sandwiches” a victim’s on-chain trade: a front-run transaction before the victim, the victim’s transaction, then a back-run after. The attacker profits from the price movement caused by the victim’s trade.

Short version: attacker buys before you, you push price up, attacker sells after - attacker pockets the difference. 🔁

Step‑by‑Step (with UUID example) 🔎​

1. A dApp submits a user order and logs an internal tracking id (UUID) off‑chain:
   victim_tx_uuid = "3fa85f64-5717-4562-b3fc-2c963f66afa6"
   Important: never expose such IDs on‑chain or in mempool‑visible metadata. 🔐
2. The victim’s transaction enters the public mempool: a market buy for 100 TOKEN. 🧾
3. An attacker watching the mempool sees the pending intent and issues a higher-priority buy (front‑run) mined just before the victim. 🚀
4. The victim’s buy runs next, pushing the token price up (slippage). 📈
5. The attacker immediately sells (back‑run) into the higher price and pockets the difference (minus gas/priority fees). 💸

---

Numeric Example - AMM (digit‑by‑digit) 🔢​

This is a simplified illustrative AMM example.

Initial price per TOKEN = $1.00.
Attacker front‑runs and buys 100 TOKEN at $1.00 each.

Cost calculation (digit-by-digit):

• 100 × 1.00 = (100 × 1) + (100 × 0.00) = 100 + 0 = 100.00 → attacker pays $100.00.

Victim’s buy executes and moves price to $1.05 per TOKEN (≈ 5% impact).

Revenue calculation (digit-by-digit):

• 100 × 1.05 = (100 × 1) + (100 × 0.05) = 100 + 5 = 105.00 → attacker receives $105.00.

Profit calculation (digit-by-digit):

• Gross profit = 105.00 - 100.00 = 5.00.
• Assume gas/priority fees = 2.00.
• Net profit = 5.00 - 2.00 = 3.00 → $3.00 net.

Real AMM math uses constant product curves, slippage functions, and liquidity depth; this is simplified to show the concept clearly.

---

What Makes Victims Attractive? 🎯​

• High slippage tolerance set by the user or dApp (gives attackers room to profit).
• Large trade size relative to pool liquidity (bigger price impact).
• Public mempool broadcasting (no privacy / private relay).
• Predictable fee/nonce behavior that allows precise front‑running placement.

---

How UUIDs (and Metadata) Factor In ✅❌​

• Bad: Placing UUIDs or verbose metadata on‑chain or in mempool‑visible fields makes it trivial for bots to correlate off‑chain high‑value orders with on‑chain txs. That’s an open invitation to MEV bots. 🔓
• Good: Keep UUIDs strictly off‑chain (server logs only) and never include them in calldata, memos, or other public fields. 🔒

---

Practical Defenses & Prioritized Mitigations 🛡️​

1. Private transaction relays (Flashbots / private RPCs) - bypass the public mempool so MEV bots can’t see pending txs. 🔒
2. Tighten slippage tolerances - require minimal acceptable price impact (e.g., 0.5%-1%) so attackers have less room. ⚖️
3. Limit orders / batch auctions - remove first-seen priority and reduce front‑running opportunities. ⏳
4. Time‑weighted or randomized submission - avoid predictable fee/nonces used for exact placement. 🔀
5. UX slippage warnings - show estimated price impact and require explicit user acceptance. ⚠️
6. Increase liquidity for important pairs - lower price impact per trade. 💧
7. Avoid exposing identifiers on‑chain - never put internal UUIDs or rich metadata into publicly broadcast tx fields. 🚫
8. Monitoring & detection - log abnormal front/back‑run patterns and alert or pause suspicious trades. 📡
9. Protocol solutions - support fair ordering (FO) or auctioned ordering where possible to remove MEV rent extraction. 🏛️

Quick Tips for dApp Builders & Traders 🔧​

• For builders: Treat UUIDs as internal secrets - use them only in server logs and communications. Don’t emit them in calldata or mempool-visible metadata. 🗄️
• For traders: Use conservative slippage, split large orders, or use private execution when possible for big trades. 🛡️

Final Summary - One Sentence ⚡​

A sandwich attack is when an attacker front‑runs your trade, your trade raises the price, and the attacker back‑runs to sell into that higher price - profit comes at your expense. Protect with private relays, tight slippage, limit orders, and never leaking order IDs on‑chain. 🚫🥪