MEV and Sandwich Attacks

What Is MEV?

Maximal Extractable Value (MEV), originally called Miner Extractable Value before Ethereum's transition to proof-of-stake, refers to the total profit that block producers (validators in PoS, miners in PoW) can extract from transaction ordering. Because the sequencing of transactions within a block is controlled by the block producer, and because different transaction orderings can result in dramatically different financial outcomes (some more profitable than others), the block producer has a unique and powerful position to exploit.

Beyond block producers themselves, a competitive ecosystem of specialised bots — called searchers — continuously scans the Ethereum mempool (the pool of pending transactions waiting to be included in a block) looking for profitable MEV opportunities. These bots pay high gas fees to validators in exchange for priority transaction ordering, splitting the MEV profit between the searcher and the validator. In 2023 alone, over $500 million in MEV was extracted from Ethereum users — primarily retail DeFi traders who were unaware their transactions could be exploited.

How the Mempool Creates Vulnerability

When you submit a transaction to Ethereum (or any public mempool blockchain), it first enters the public mempool — visible to everyone on the network before it is included in a block. This transparency, designed to prevent censorship, also creates the MEV attack surface. Any bot can see your pending transaction, determine whether it creates an MEV opportunity, and act on that opportunity before your transaction is confirmed.

The key insight: in a public mempool, your transaction's details (the token swap you are making, the amount, the slippage tolerance you set) are visible to the entire world for typically 5–30 seconds before your transaction is confirmed. This window is enough for MEV bots to analyse and exploit it.

Sandwich Attacks: The Most Common MEV Type

A sandwich attack is the MEV exploit most likely to affect an ordinary DeFi user making a token swap on a DEX like Uniswap or Curve. The mechanics:

1. An MEV bot observes a pending transaction in the mempool: "User is going to swap $50,000 USDC for ETH on Uniswap, with a 1% slippage tolerance."
2. The bot immediately submits a front-run transaction with a higher gas fee than the victim's transaction — buying ETH on Uniswap before the victim's transaction executes. This purchase moves the price of ETH within the pool upward.
3. The victim's transaction executes at the higher price caused by the bot's front-run. The victim receives fewer ETH than they would have at the original price, but still within their stated 1% slippage tolerance.
4. The bot immediately submits a back-run transaction — selling the ETH it just bought back to the pool after the victim's transaction has inflated the price. Because the price is now higher than when the bot bought (due to the victim's trade), the bot realises a profit.

The victim is "sandwiched" between the bot's front-run and back-run transactions. They receive a worse price than they would have without the bot's intervention, but the loss is within their slippage tolerance — so the transaction appears successful to them. The difference goes to the MEV bot.

Example: Without the sandwich, the victim would have received ETH at $3,000. With the sandwich, they receive it at $3,027 — a $27 loss on their $50,000 trade (0.09%), which is within their 1% slippage tolerance. The bot profits approximately the same $27 per victim. At scale, running hundreds of sandwiches per hour, MEV bots generate significant profit from these individually small extractions.

Other MEV Strategies

Arbitrage

When a large DEX trade moves the price of a token significantly away from its price on other venues, MEV bots immediately execute arbitrage trades to close the gap, extracting the price difference as profit. This is the most "socially beneficial" form of MEV — it keeps DEX prices aligned with market prices and improves price efficiency — though the profit still comes at the expense of the trader who created the price discrepancy.

Liquidation Sniping

When a DeFi lending position approaches its liquidation threshold, MEV bots compete aggressively to be the first to execute the liquidation and earn the liquidation bonus (typically 5–15% of the liquidated collateral). The bot that gets their liquidation transaction included first (by paying the highest gas fee) earns the bonus. This means liquidations happen extremely quickly once the threshold is crossed, limiting the ability of borrowers to manually rescue their positions in fast-moving markets.

JIT (Just-In-Time) Liquidity

In concentrated liquidity AMMs like Uniswap v3, bots can observe large incoming swaps, add a large amount of concentrated liquidity in the exact price range just before the swap executes (earning the swap fees), and immediately remove that liquidity after the swap. This "just-in-time" liquidity earns fees without actually providing long-duration liquidity to the pool.

How to Protect Yourself from MEV

Use Private RPC / Flashbots Protect

The primary protection against sandwich attacks is routing your transactions through a private mempool rather than the public mempool. Flashbots Protect (flashbots.net/protect) and similar services (MEV Blocker, 1inch Fusion) route your transactions directly to validators without exposing them to the public mempool, preventing front-running bots from seeing your pending transaction before it is confirmed. This is the single most effective MEV protection for DeFi users. Most major wallets (MetaMask, Rabby) support custom RPC endpoints — add the Flashbots Protect RPC to eliminate mempool-based MEV exposure.

Set a Tight Slippage Tolerance

Sandwich bots are constrained by your slippage tolerance setting. If you set 0.1% slippage tolerance, the bot cannot sandwich you profitably unless the profit from sandwiching exceeds the gas cost of the two bot transactions — which becomes uneconomical for most small-to-medium trades. However, setting slippage too low can cause your transaction to revert in volatile markets. For most trades, 0.3–0.5% is a reasonable balance between slippage protection and transaction success rate for mainstream tokens on high-liquidity pools.

Use DEX Aggregators with MEV Protection

1inch Fusion, CowSwap, and Paraswap Delta all route trades through private order flow systems that batch user orders and settle them via solvers who compete to offer the best execution price, eliminating the public mempool exposure that enables sandwich attacks. These aggregators often achieve better prices than direct DEX swaps while also providing MEV protection.

Trade on High-Liquidity Pools

Larger liquidity pools mean your trade has less price impact per dollar — reducing the sandwich profit margin and making your transaction less attractive to bots. For major token pairs (ETH/USDC, BTC/USDC, ETH/USDT), using the highest-liquidity Uniswap or Curve pool significantly reduces sandwich risk compared to using smaller pools for the same trade.

The Broader MEV Ecosystem

The Ethereum community, through Flashbots, has developed mechanisms (MEV-Boost, SUAVE) to make MEV more transparent and reduce its harmful effects on users. MEV-Boost allows validators to outsource block building to professional block builders who optimise transaction ordering for maximum MEV extraction — distributing the MEV revenue between searchers, builders, and validators rather than having validators capture it all directly. While this does not eliminate MEV, it creates a more efficient and somewhat more competitive market for MEV extraction that is gradually reducing the most harmful user-facing impacts.

Summary

MEV and sandwich attacks represent a hidden tax on DeFi users who are unaware of the public mempool's transparency. For ordinary retail traders making DEX swaps, the practical defences are simple and effective: use Flashbots Protect RPC, set reasonable slippage tolerances, and prefer MEV-protected aggregators like CowSwap or 1inch Fusion for larger trades. Understanding MEV also provides insight into why DeFi pricing can sometimes appear unfavourable compared to CEX prices — some of that "slippage" is not random but systematic extraction by a sophisticated MEV ecosystem that operates continuously and automatically.