An Overview of Sandwich Attacks in Decentralised Finance

A sandwich attack is a form of front-running that primarily targets transactions on decentralised exchanges. An attacker exploits the public nature of a blockchain’s transaction pool to place two orders around a victim’s trade, manipulating the asset’s price to extract a profit.

This practice is a specific manifestation of a broader concept known as Maximal Extractable Value (MEV).

Mechanism of an Attack

An attacker, typically using an automated bot, monitors the public memory pool where pending transactions are visible before being confirmed on the blockchain.

Detection

— The bot identifies a large, pending victim transaction, for example, a purchase of Token A with ETH.

Front-running

— The attacker submits their own purchase order for Token A with a higher gas fee.

— This higher fee incentivises miners or validators to process the attacker’s transaction first.

— This initial purchase drives up the price of Token A.

Victim’s Transaction

— The victim’s original transaction is then processed at the new, inflated price, resulting in them receiving fewer units of Token A for their ETH (an effect known as higher slippage).

Back-running

— The bot immediately places a sell order for Token A.

— This final transaction is processed after the victim’s, allowing the attacker to sell their holdings at the artificially high price.

— The attacker profits from the price difference created between their initial purchase and subsequent sale.

Consequences

The primary consequence for the user is a direct financial loss, as they are forced to trade at a less favourable price than anticipated. For the broader ecosystem, frequent sandwich attacks can lead to increased network congestion due to the additional transactions generated by bots. This can also create an inefficient and predatory trading environment, potentially deterring participation in decentralised finance.

Mitigation Strategies

While eliminating these attacks entirely is difficult, users and protocols can employ several strategies to reduce their likelihood and impact.

User-Side Mitigation

• Low Slippage Tolerance: Manually setting a low slippage tolerance (e.g., below 1%) in a DEX interface can cause a trade to fail if the price moves significantly, thus preventing the attack from completing.
  
  - Private Transactions: Services like Flashbots Protect allow users to send transactions directly to block builders, bypassing the public mempool where bots operate.
  
  - Trade Splitting: Breaking a large order into several smaller, randomised transactions can make it harder for bots to identify and profitably target the trade.

Protocol-Level Mitigation

- Fair Ordering: Some protocols are exploring methods to order transactions based on their arrival time rather than the gas fee paid, neutralising the advantage of front-running bots.

- Batch Auctions: This method involves grouping transactions together into a batch and executing them all at the same uniform clearing price, preventing attackers from exploiting the price impact of a single trade.