Sandwich Attack

A sandwich attack is a specific form of front running where a malicious actor — usually an automated bot — places two transactions around a victim’s trade: one right before it and one right after. The first transaction buys the same token the victim is buying, pushing the price up. The victim’s transaction then executes at the now-worse price. The second transaction immediately sells the tokens the bot just bought at the inflated price, profiting from the spread caused entirely by the victim’s own trade.

The attack works because the bot can see the victim’s trade in the mempool and precisely calculate how much price impact it will cause. The bot pays higher fees to ensure its buy executes first, and programs its sell to execute immediately after the victim. The victim gets a worse price than they expected — they experience what is called “slippage” — while the bot pockets the difference. The victim’s transaction is literally sandwiched between two bot transactions, which is how the attack gets its name.

Sandwich attacks are a common form of MEV and cost DeFi users significant amounts collectively. Defenses include setting a maximum acceptable slippage on trades (so the transaction reverts if the price is too bad) and using private or encrypted mempools where pending transactions are not visible until they are finalized. Slippage settings are a balancing act: set them too tight and legitimate trades fail during volatile markets; set them too loose and you become an easy sandwich target.

Example: You are at a public auction and announce you will pay up to $500 for a painting currently valued at $400. A dealer in the room hears you, quickly bids $401 to buy it first, then immediately offers it to you for $499 — knowing you will accept because it is still under your announced limit. The dealer did nothing except intercept your stated intent and skim the margin.