Key Takeaways
- A sandwich attack is an exploit in which the attacker targets a DEX trade in the mempool, sandwiching it between a buy order and a sell order to profit from the trade.
- Sandwich attacks are profitable because of the slippage caused by large trades on DEX protocols, which leads to price fluctuations.
- These attacks are a subcategory of MEV (maximal extractable value) and are executed by MEV bots and blockbuilders, who scan the mempool for opportunities.
- Famous examples include attacks on Uniswap during the 2020 DeFi boom and high-slippage exploits on BNB Chain DEXs, with profits split between MEV bots and validators.
Decentralized finance is often touted for its data transparency, but this abundance of trading data poses some new risks for traders using DeFi protocols. Among the most insidious of these risks is the sandwich attack, which exploits the blockchain’s public data to rob you of your hard earned profits.
In this article, we’ll explore what a sandwich attack is, how it works, some famous examples, and how you can avoid falling victim to one.
What Are Sandwich Attacks?
Sandwich attacks are a type of Maximal Extractable Value (MEV) exploit. MEV attacks target pending transactions in the mempool, predicting how they will affect the price of an asset, and profiting from that knowledge.
In the case of a sandwich attack, the attacker will spot a large buy or sell order pending on a DEX and pre-emptively “sandwich” it between two new orders that benefit from the imminent price fluctuation.
By doing this, the attacker manipulates token prices in real time, causing the user to receive a worse execution price due to slippage. The term “sandwich” refers to how the victim’s transaction is squeezed between the attacker’s two trades, much like a filling between two slices of bread.
How Do Sandwich Attacks Work?
Sandwich attacks exploit two main characteristics of blockchain transactions: public mempools and slippage tolerance. When a user initiates a trade on a decentralized exchange, their transaction is broadcast to the public mempool before it is finalized on-chain.
MEV bots scan the mempool for large transactions that can move token prices significantly. These bots then insert their trades around the target to profit from the anticipated price movement. Here is how the mechanics work:
- The bot detects a large buy order in the mempool for Token A.
- It sends a buy order before the target trade, pushing the price of Token A higher.
- The user’s trade is executed at the now-inflated price due to slippage tolerance.
- The bot follows up with a sell order, taking advantage of the price difference and locking in profit.
Let’s illustrate this with an example. Imagine John wants to buy 1,000 Token A on a DEX. He sets slippage tolerance to 1%, and a MEV bot spots John’s pending transaction in the mempool. The bot submits a buy order for 500 Token A with a higher gas fee to confirm it first. This order increases the token’s price.
Next, John’s transaction executes, but because the price has already gone up, his 1,000 Token A purchase now costs more, causing him to receive fewer tokens than expected. Finally, the bot executes a sell order, dumping its 500 Token A back into the pool at the higher price and collecting the spread as profit. John is left with reduced value, and the bot walks away richer.
Famous Sandwich Attack Examples
Sandwich attacks have become a well-documented tactic in the crypto world. Some of the most notable recent examples of sandwich attacks include:
- The Four.Meme memecoin suffered a sandwich attack on 18 March 2025, which drained roughly $120,000.
- In a recent Uniswap sandwich attack on 12 March 2025, a user lost over $200,000 while trying to swap stablecoins.
- BNB Chain suffered from multiple sandwich attacks in December 2024, with more than 35% of transactions being affected.
Who Benefits From Sandwich Attacks?
The answer to this question depends on who executes the attack. While the victim always loses, the profit flows differently based on the participants involved.
1. Block Builders
In some cases, the validator or miner responsible for assembling the block executes the sandwich attack directly. These block builders prioritize their transactions, leveraging their unique position in the blockchain’s consensus mechanism to extract MEV. Here, the validator is the sole beneficiary, reaping both the gas fees and the MEV profit.
2. MEV Bot and Block Builder
More commonly, MEV bots are the ones identifying and executing the sandwich attack but these bots don’t operate in isolation. They typically send their bundles to block builders or validators, offering tips or inflated gas fees to ensure inclusion.
In this scenario, there are two winners: the MEV bot’s operator and the validator who gets a cut via the priority fee. Consequently, this incentivizes validators to support MEV extraction, even if it harms users.
The Impact of Crypto Sandwich Attacks
One thing is always certain: sandwich attacks are damaging to whoever is behind the target transaction and damage user confidence in DeFi as a whole
While some view MEV as a necessary byproduct of DeFi, sandwich attacks specifically cause tangible harm. They degrade the user experience and create invisible costs that discourage participation.
Financial Losses for the Target
The most direct impact is on the user whose trade is targeted. These users receive fewer tokens for their money or pay more than they intended. In extreme cases, sandwich attacks can even cause a transaction to fail due to excessive slippage. This leads to financial loss and fosters frustration among traders.
Loss of Confidence in the DeFi System
Beyond individual losses, sandwich attacks erode trust in DeFi systems. When new users encounter unexplained losses or failed trades, they may abandon these platforms altogether.
This can hurt adoption and reinforce the perception that DeFi is only safe for insiders or technically advanced users. In addition, repeated MEV extraction can lead to inefficient markets, increased gas fees, and network congestion.
How To Avoid Sandwich Attacks
While sandwich attacks are difficult to prevent entirely, users can take measures to reduce their likelihood.
Set Slippage Limits
Setting a tight slippage tolerance reduces the potential profit margin for MEV bots. If the price shifts even slightly outside the user’s limit, the transaction will fail, making it less attractive to sandwich. However, this comes with trade-offs because setting slippage too low could lead to failed transactions during periods of high volatility or low liquidity.
Flashbots MEV Protect
Flashbots is a research and development project that has created tools for MEV mitigation. One such tool is Flashbots Protect, a private transaction relay that bypasses the public mempool. When a user sends a transaction through Flashbots Protect, it goes directly to participating block builders, shielding it from front-runners and sandwich bots.
Closing Thoughts
Sandwich attacks represent one of the most well-known and aggressive forms of MEV exploitation in DeFi. These attacks highlight the innovative nature of blockchain trading and underscore the need for better defenses. With tools like Flashbots, slippage controls, and private relays, users can take back some control.
