- by x32x01 ||
A sandwich attack is an MEV (Maximal Extractable Value) tactic where an attacker “sandwiches” a victim’s on-chain trade: a front-run transaction before the victim, the victim’s transaction, then a back-run after. The attacker profits from the price movement caused by the victim’s trade.
Short version: attacker buys before you, you push price up, attacker sells after - attacker pockets the difference.
Step‑by‑Step (with UUID example)
Numeric Example - AMM (digit‑by‑digit)
This is a simplified illustrative AMM example.
Initial price per TOKEN = $1.00.
Attacker front‑runs and buys 100 TOKEN at $1.00 each.
Cost calculation (digit-by-digit):
Revenue calculation (digit-by-digit):
Profit calculation (digit-by-digit):
Real AMM math uses constant product curves, slippage functions, and liquidity depth; this is simplified to show the concept clearly.
What Makes Victims Attractive?
How UUIDs (and Metadata) Factor In
Practical Defenses & Prioritized Mitigations
Quick Tips for dApp Builders & Traders
Final Summary - One Sentence
A sandwich attack is when an attacker front‑runs your trade, your trade raises the price, and the attacker back‑runs to sell into that higher price - profit comes at your expense. Protect with private relays, tight slippage, limit orders, and never leaking order IDs on‑chain. 
Short version: attacker buys before you, you push price up, attacker sells after - attacker pockets the difference.
Step‑by‑Step (with UUID example) 
- A dApp submits a user order and logs an internal tracking id (UUID) off‑chain:
victim_tx_uuid = "3fa85f64-5717-4562-b3fc-2c963f66afa6"
Important: never expose such IDs on‑chain or in mempool‑visible metadata.
- The victim’s transaction enters the public mempool: a market buy for 100 TOKEN.
- An attacker watching the mempool sees the pending intent and issues a higher-priority buy (front‑run) mined just before the victim.
- The victim’s buy runs next, pushing the token price up (slippage).
- The attacker immediately sells (back‑run) into the higher price and pockets the difference (minus gas/priority fees).
Numeric Example - AMM (digit‑by‑digit) 
This is a simplified illustrative AMM example.Initial price per TOKEN = $1.00.
Attacker front‑runs and buys 100 TOKEN at $1.00 each.
Cost calculation (digit-by-digit):
100 × 1.00=(100 × 1) + (100 × 0.00)=100 + 0= 100.00 → attacker pays $100.00.
Revenue calculation (digit-by-digit):
100 × 1.05=(100 × 1) + (100 × 0.05)=100 + 5= 105.00 → attacker receives $105.00.
Profit calculation (digit-by-digit):
- Gross profit =
105.00 - 100.00= 5.00. - Assume gas/priority fees = 2.00.
- Net profit =
5.00 - 2.00= 3.00 → $3.00 net.
Real AMM math uses constant product curves, slippage functions, and liquidity depth; this is simplified to show the concept clearly.
What Makes Victims Attractive? 
- High slippage tolerance set by the user or dApp (gives attackers room to profit).
- Large trade size relative to pool liquidity (bigger price impact).
- Public mempool broadcasting (no privacy / private relay).
- Predictable fee/nonce behavior that allows precise front‑running placement.
How UUIDs (and Metadata) Factor In 
- Bad: Placing UUIDs or verbose metadata on‑chain or in mempool‑visible fields makes it trivial for bots to correlate off‑chain high‑value orders with on‑chain txs. That’s an open invitation to MEV bots.
- Good: Keep UUIDs strictly off‑chain (server logs only) and never include them in calldata, memos, or other public fields.
Practical Defenses & Prioritized Mitigations 
- Private transaction relays (Flashbots / private RPCs) - bypass the public mempool so MEV bots can’t see pending txs.
- Tighten slippage tolerances - require minimal acceptable price impact (e.g., 0.5%-1%) so attackers have less room.
- Limit orders / batch auctions - remove first-seen priority and reduce front‑running opportunities.
- Time‑weighted or randomized submission - avoid predictable fee/nonces used for exact placement.
- UX slippage warnings - show estimated price impact and require explicit user acceptance.
- Increase liquidity for important pairs - lower price impact per trade.
- Avoid exposing identifiers on‑chain - never put internal UUIDs or rich metadata into publicly broadcast tx fields.
- Monitoring & detection - log abnormal front/back‑run patterns and alert or pause suspicious trades.
- Protocol solutions - support fair ordering (FO) or auctioned ordering where possible to remove MEV rent extraction.
Quick Tips for dApp Builders & Traders 
- For builders: Treat UUIDs as internal secrets - use them only in server logs and communications. Don’t emit them in calldata or mempool-visible metadata.
- For traders: Use conservative slippage, split large orders, or use private execution when possible for big trades.
Final Summary - One Sentence 
A sandwich attack is when an attacker front‑runs your trade, your trade raises the price, and the attacker back‑runs to sell into that higher price - profit comes at your expense. Protect with private relays, tight slippage, limit orders, and never leaking order IDs on‑chain. Last edited: