Skip to content
On this page
  1. Key Takeaways
  2. What It Is
  3. The Intuition
  4. How a Sandwich Attack MEV Works
  5. Worked Example
  6. Common Mistakes
  7. Frequently Asked Questions
  8. Sources
  9. Disclaimer
← All concepts
Crypto & DeFiAdvanced6 min read

Sandwich Attack: How Bots Trade Around Your Swap

A sandwich attack MEV is a trading exploit where a bot places one order just before your decentralized exchange swap and another just after it, profiting from the price move your trade creates. You end up paying more and receiving fewer tokens than you expected.

Key Takeaways

  • A sandwich attack surrounds your trade with a bot buy in front and a bot sell behind.
  • The bot profits from the price impact your own order causes, charging an invisible fee.
  • The most common mistake is setting a wide slippage tolerance, which hands bots their margin.
  • Sandwiching directly lowers your realized fill, so tight slippage protects net returns.

Key Takeaways

  • A sandwich attack surrounds your trade with a bot buy in front and a bot sell behind.
  • The bot profits from the price impact your own order causes, charging an invisible fee.
  • The most common mistake is setting a wide slippage tolerance, which hands bots their margin.
  • Sandwiching directly lowers your realized fill, so tight slippage protects net returns.

What It Is

A sandwich attack is a form of maximum extractable value, the profit captured by controlling transaction order in a block. Chainlink describes it as a frontrunning technique with three stages: a frontrun, the price movement your trade causes, and a backrun.

The attack works only on automated market maker exchanges, where the price moves automatically as a pool's token balances change. Because a large swap predictably shifts that price, a bot can position itself on both sides and harvest the difference.

The Intuition

When you swap on a decentralized exchange, your order is visible in the public mempool before it confirms. A bot watching that waiting area can see your pending trade, estimate how much it will move the pool price, and react.

Think of it like a vendor who sees you walking toward a stall to buy the last 100 apples. The vendor sprints ahead, buys 50 apples first to push the price up, lets you buy at the higher price, then sells their 50 apples back at that elevated level. You paid more, the vendor pocketed the spread, and nothing of value was added.

The wider your slippage tolerance, the more room the bot has. Slippage tolerance is the maximum price difference you will accept between quote and execution. A loose setting tells the protocol you will tolerate a bad fill, which is exactly the gap a sandwich exploits.

The economics favor the bot precisely because an automated market maker prices by a fixed formula. The bot can calculate, before acting, exactly how much your trade will move the pool and how much its frontrun and backrun will earn. There is little guesswork. If the expected profit clears its gas and ordering costs, the bot acts, and your slippage tolerance sets the ceiling on what it can take.

How a Sandwich Attack MEV Works

The three steps, in order:

  1. Frontrun. The bot spots your pending swap and submits its own buy of the same token, paying a higher fee so it executes first. This pushes the pool price up before your order.
  2. Your trade. Your swap now executes at the inflated price, suffering more slippage than the original quote implied.
  3. Backrun. The bot immediately sells the token it just bought at the now-higher price, capturing the difference.

The bot needs your trade to land between its two transactions, so it relies on precise ordering. Block builders and validators decide that ordering, which is why sandwiching belongs to the MEV family. The result, in Chainlink's words, is an invisible fee that leaves the user with fewer tokens than expected.

Unlike pure arbitrage, sandwiching is not atomic in the same protective sense. The bot takes on some risk between its two trades, because another transaction could land in between or the price could move. That residual risk is one reason sandwich profits, while real, are bounded by how confidently a bot can predict the ordering it will get.

Worked Example

Suppose a pool quotes 1 ETH for 2,000 USDC and you want to buy 50 ETH. Your order alone would move the price, so the protocol shows an expected average price near 2,020 USDC and you set slippage tolerance at 3 percent, allowing fills up to about 2,060.

A bot sees your pending order. It buys ETH first, pushing the price to 2,040. Your 50 ETH now fill at an average near 2,055, inside your tolerance, so the trade succeeds. The bot then sells its ETH at the elevated level. You paid roughly 1,750 USDC more than the undisturbed quote, and that amount is the bot's profit. Had you set slippage to 0.5 percent, your order would have reverted instead of overpaying.

Common Mistakes

  1. Setting slippage tolerance too high. A 3 to 5 percent setting is an open invitation. Use the tightest tolerance that still lets normal trades clear, often well under 1 percent for liquid pairs.

  2. Trading thin pools with large size. Low-liquidity pools move sharply on any decent order, which magnifies the sandwich margin. Size your trade to the pool's depth.

  3. Believing the quoted price is what you will get. The quote is pre-attack. Your actual fill can be meaningfully worse if a bot intervenes.

  4. Ignoring private transaction routing. Many wallets and relays now send orders through private channels so bots never see them in the public mempool. Skipping this leaves you exposed.

  5. Confusing sandwiching with normal price impact. Some slippage is just your own order moving the pool. Sandwiching is the extra loss a bot adds on top, and only the second part is avoidable.

Frequently Asked Questions

What is a sandwich attack MEV in simple terms? A sandwich attack MEV is when a bot trades right before and right after your swap to profit from the price move you cause. You receive fewer tokens because the bot pushed the price against you.

How does a sandwich attack affect investment decisions? It raises the real cost of every large or loosely configured decentralized exchange trade, lowering your net return. Setting tight slippage and using private routing meaningfully reduces the damage.

What is a real-world example of a sandwich attack? You try to buy 50 ETH at a quoted 2,020 USDC each. A bot buys first to lift the price, your order fills near 2,055, then the bot sells, capturing the gap as profit.

How can investors avoid sandwich attacks? Lower your slippage tolerance, split large orders into smaller pieces, trade only deep-liquidity pools, and route transactions through a private relay so bots cannot see them pending.

How is a sandwich attack different from ordinary frontrunning? Frontrunning places one transaction ahead of yours. A sandwich adds a second transaction behind yours as well, so the bot captures the full round trip of the price move it engineered.

Sources

  1. Chainlink Education Hub. "Maximal Extractable Value (MEV)." https://chain.link/education-hub/maximal-extractable-value-mev
  2. Ethereum.org. "Maximal Extractable Value (MEV)." https://ethereum.org/developers/docs/mev/
  3. Flashbots Docs. "Flashbots Auction Overview." https://docs.flashbots.net/flashbots-auction/overview
  4. ESMA. "Maximal Extractable Value: Implications for Crypto Markets." 2025. https://www.esma.europa.eu/sites/default/files/2025-07/ESMA50-481369926-29744_Maximal_Extractable_Value_Implications_for_crypto_markets.pdf

Disclaimer

This article is educational content only and is not financial advice. Nothing here is a recommendation to buy, sell, or hold any security. Consult a licensed advisor before making investment decisions.

The IWP Substack

You understand the concept. Now see it applied.

The Investing With Purpose Substack turns ideas like this into research and risk-managed trade plans on real stocks, updated every week.

Read on Substack (opens in a new tab)

Related concepts