Sandwich Attack
A sandwich attack is a form of front-running in decentralized finance where a bot or validator inserts a buy order immediately before a large pending transaction and a sell order immediately after it, profiting from the artificial price movement the victim's trade creates in an AMM liquidity pool.
Sandwich attacks are among the most prevalent forms of MEV (Maximal Extractable Value) extraction on AMM-based decentralized exchanges. The name describes the structural position of the attacker's trades: the victim's transaction is sandwiched between a buy on one side and a sell on the other, with the attacker profiting from the price displacement that the victim caused.
The mechanics are straightforward. When a large token swap enters the public mempool, any observer can calculate the expected price impact it will have on the relevant AMM pool. An attacker submits a buy of the same output token with a higher gas fee — ensuring their transaction is processed first — which moves the pool price upward. The victim's transaction then executes at the worse, higher price. Immediately afterward, the attacker sells the tokens they just bought, now at the elevated price created by the victim's trade, capturing the spread as profit. The victim receives fewer tokens than they were quoted, effectively paying the attacker the difference.
Sandwich attacks are made possible by the public mempool, the transparent deterministic pricing of constant product AMMs, and the fact that miners and validators can freely reorder pending transactions. Automated sandwich bots monitor the mempool continuously for profitable opportunities, adjust their gas bids dynamically, and can execute the full attack in a single block within milliseconds of detecting a vulnerable transaction.
Several defenses exist. Setting a low slippage tolerance causes transactions to revert if the execution price deviates by more than the specified amount, making the victim an unprofitable target since the sandwich trade would push price beyond the tolerance threshold and cause the transaction to fail — leaving the attacker holding a position with no profitable exit in that block. However, low slippage tolerance also increases the chance of benign transaction failure during volatile markets. Private transaction relays route orders directly to block builders without public mempool exposure, making the attack structurally impossible since the bot cannot observe the pending transaction. Batch auction protocols that settle at a uniform clearing price also eliminate the vulnerability because transaction ordering within the batch does not affect execution price.
For retail DeFi users, the practical takeaway is to use slippage settings thoughtfully, prefer DEX aggregators with MEV protection, and be aware that visible large trades on transparent blockchains are valuable information targets. For researchers and regulators, sandwich attacks raise questions about whether on-chain front-running constitutes a form of market manipulation covered by existing US securities or commodities law — a question that remains unresolved in formal enforcement guidance.