What Is Sandwich Attack?

A sandwich attack is a form of MEV exploitation where an attacker places transactions before and after a victim's trade to profit from the resulting price impact.

A sandwich attack is a type of MEV (Maximal Extractable Value) exploitation that targets users making trades on decentralized exchanges. The attacker detects a pending trade in the mempool and places two transactions around it — one before and one after — to extract profit from the price impact caused by the victim's trade.

Here is how a sandwich attack works step by step:

Step 1 — the attacker spots a large pending swap (e.g., buying Token X) in the public mempool.
Step 2 — the attacker front-runs the victim by buying Token X first, pushing the price up.
Step 3 — the victim's transaction executes at the now-higher price, pushing it up even further.
Step 4 — the attacker immediately sells Token X at the inflated price, pocketing the difference.

The victim ends up receiving fewer tokens than expected because their trade executed at a worse price. The attacker profits from the artificial price movement they created. This all happens within the same block.

Sandwich attacks are executed by automated bots that continuously scan the mempool for profitable opportunities. They are most prevalent on Ethereum and other networks with public mempools and high DeFi activity.

Users can protect themselves by:

Setting lower slippage tolerance on DEX trades.
Using private transaction services like Flashbots Protect to hide trades from the public mempool.
Trading on DEXs with built-in MEV protection.

Sandwich attacks are one of the most common forms of value extraction in DeFi, making MEV awareness essential for active traders.

What Is Sandwich Attack?

Related Terms