Sandwich Attack in DeFi: What It Is and How It Works

A sandwich attack is a type of exploit in decentralized finance (DeFi) where a malicious trader takes advantage of another user’s transaction by placing trades before and after it to make a profit. It is called a “sandwich” because the victim’s transaction gets trapped between two attacker transactions.

In simple terms, imagine you are trying to buy a token on a decentralized exchange like Uniswap. Your transaction is visible in the public mempool before it gets confirmed. An attacker can detect your trade and quickly place a buy order before yours, pushing the price up. Then, right after your transaction executes at the higher price, the attacker sells the token for a profit. Your trade ends up being executed at a worse price, and the attacker captures the difference.

This type of attack is possible because blockchain transactions are transparent before confirmation, and bots can monitor and react to them in real time. These bots are often part of what is known as MEV (Maximal Extractable Value), where participants try to extract profit from ordering transactions strategically.

Sandwich attacks usually happen in decentralized exchanges that use automated market makers (AMMs). Since prices in AMMs are based on liquidity pools, large trades can significantly impact price. Attackers exploit this by inserting their own transactions around a victim’s trade to manipulate the price temporarily.

For regular users, this results in slippage, meaning they pay more (or receive less) than expected. In some cases, the loss can be significant, especially when trading low-liquidity tokens.

There are ways to reduce the risk of sandwich attacks. Traders can use low slippage settings, avoid trading during high volatility, or use platforms that offer protection against MEV, such as private transaction relays or specialized wallets.

In conclusion, a sandwich attack is a form of market manipulation in DeFi where attackers exploit transaction visibility to profit at the expense of other users. It highlights one of the challenges of decentralized systems: transparency can be both a strength and a vulnerability.