DeFi Intel

What is a Sandwich Attack?

Plain-English explainer · Updated 2026-07-01 · By DeFi Intel

How it works

Every pending transaction on a chain like Ethereum sits in a public mempool before it is included in a block. A sandwich bot watches that queue for large swaps against AMM liquidity pools. Because an AMM prices trades along a bonding curve (for example Uniswap's constant-product formula), any sizable buy moves the price predictably — and the victim's own slippage-tolerance setting tells the attacker exactly how much worse a price the victim is willing to accept.

The attack is three transactions in strict order. First, the front-run: the bot buys the same token, pushing the pool price up to just inside the victim's slippage limit. Second, the victim's swap executes at the inflated price. Third, the back-run: the bot sells into the demand the victim just created, pocketing the spread. Ordering was once won through priority-gas auctions; today most sandwichers submit atomic bundles directly to block builders via infrastructure descended from Flashbots, which guarantees the sequence and removes failed-transaction risk.

Profit equals the victim's realized slippage minus gas and the builder payment. Defenses target the ingredients: tighter slippage settings shrink the extractable margin, private RPCs such as Flashbots Protect and MEV Blocker keep transactions out of the public mempool, and batch-auction designs like CoW Swap settle all orders in a batch at one uniform clearing price, making ordering within the batch worthless.

Why it matters

Sandwich attacks are a hidden tax on DEX trading — analytics firms such as EigenPhi have tracked billions of dollars extracted from swappers since 2020, disproportionately from retail users trading with default slippage settings. The threat has reshaped DeFi infrastructure: wallets ship smarter slippage defaults, a large share of Ethereum orderflow now routes through private RPCs, and entire protocols (CoW Swap, UniswapX) exist largely to neutralize this attack. Sandwiches are also the clearest gateway to understanding MEV in general: they show why transaction ordering is valuable, who captures that value, and why the price you were quoted and the price you actually get can differ on-chain.

Real-world examples

The bot behind the ENS name jaredfromsubway.eth became Ethereum's most notorious sandwicher during the memecoin frenzy of April–May 2023. Sandwiching thousands of PEPE and other memecoin swaps, it was at times the single largest gas spender on Ethereum — reportedly burning over $7 million in gas in roughly three months while extracting tens of millions in profit, according to EigenPhi and Etherscan data. Its dominance made "getting Jared'd" community shorthand for being sandwiched.

FAQ

How do I protect myself from sandwich attacks?

Set a tight slippage tolerance (large or illiquid trades with 1%+ tolerance are prime targets), route transactions through a private RPC such as Flashbots Protect or MEV Blocker so they never appear in the public mempool, split very large swaps into smaller pieces, or use a batch-auction venue like CoW Swap where sandwiching inside a batch is not profitable.

Are sandwich attacks illegal?

In most jurisdictions they sit in a legal gray zone: the attacker only submits valid transactions that the protocol accepts, and DeFi largely falls outside traditional market-abuse rules that ban front-running in regulated securities markets. They are widely regarded as predatory, and regulators have studied MEV, but there is no established precedent treating a sandwich itself as a crime.

Do sandwich attacks only happen on Ethereum?

No. Any chain with visible pending transactions and AMM-based trading can be sandwiched — the pattern has been documented on BNB Chain, Polygon, Solana, and others. Chains differ mainly in how ordering is won: on Ethereum attackers use builder bundles, while on Solana searchers historically used Jito's bundle auctions.

Related terms

Go deeper

Browse the complete crypto glossary to explore related terms and concepts.

Browse Glossary