Sandwich Attack

A predatory trading tactic where a bot spots your pending swap, buys just before it to push the price up, then sells right after, pocketing profit skimmed directly from your worse execution price.

What is a Sandwich Attack?

A sandwich attack occurs when a bot identifies your pending swap. It immediately buys the token you plan to trade, executes your swap so you pay the elevated price, then immediately sells the token at a higher value. Essentially, your transaction is the filling, while the bot’s preceding purchase and subsequent sell form the bread.

Consider a farmer’s market example. You approach the tomato stand and publicly declare that you’re willing to pay $5 for a pound. A bystander listening to your declaration rushes ahead, buys all the tomatoes at $4, and resells them to you right back for exactly $5. In this scenario, you still walk away with tomatoes, but you also paid the absolute maximum amount you were willing to spend, and the stranger pocketed a dollar in the process.

Technically, how does a sandwich attack work?

The bot utilizes your tolerance level to make a profit. You will notice that all swaps have a tolerance setting specifying how much you accept that the current price will worsen before it executes. This is required because price is constantly fluctuating on a DEX as people swap. 0.5% or 1% is a typical tolerance. Slippage tolerance also serves as your signed offer to the market for a bad price which the bot can then cash in on.

First, the bot looks for your pending swap, say $5,000 USDC for X token on a Raydium pool with 1% tolerance. Next, the bot’s buy executes immediately ahead of you, increasing the pool price to nearly your 1% threshold. Finally, your swap is executed at the new high price, and the bot immediately sells at the level you supported. The bot can now profit up to the limit of your tolerance on your pending transaction, up to $50 in this case, in under a second.

How Solana Exposure Stacks up against Ethereum

Ethereum brought sandwiching to an industrial level. On ETH there is a public mempool; every pending transaction exists in a queue and anyone can read the mempool so a bot can look for every swap on the network and systematically sandwich any swaps that are profitable. In recent years, this has netted bad actors in the hundreds of millions.

There isn’t a public mempool on Solana. Transactions are forwarded through Gulf Stream straight to the upcoming leader so there’s no public waiting queue. This shut the front door on any potential attackers and closed the most lucrative attack surface, though it doesn’t stop sandwiching on Solana entirely. This leaves the door ajar for a few specific sandwiching opportunities like private mempools selling access to pending transactions, RPCs being compromised or leaking transactions, and colluding validators with a malicious forked client reordering transactions in their slot. Jito turned off their public mempool last month, March 2024, specifically to stop sandwich bots, while initiatives like BAM are looking to close the colluding validator loophole, which will require a trusted execution environment or a sealed box that even the validators can’t access to ensure ordering. Sandwich attacks will be cat and mouse game as bots continue to try out the open doors and will pop up from time to time.

How do sandwich attacks affect you?

Your slippage tolerance and the route you use to submit your transaction has a big impact on your exposure. You should only use the tightest slippage tolerances possible (0.1% to 0.5%) on any liquid pair that you can as that is the entire ceiling of what the attacker can take off you; a small tolerance makes an easy target a tiny amount of money that is likely not worth the gas costs.

Try to route through MEV protection where available; Jupiter has an MEV protection option and Phantom recently released support for MEV protection for transactions, both of which can protect your transactions to help ensure your transaction never leaves your hands and instead is kept with the transaction router. You could also try using reputable RPC providers like Helius that have strict privacy agreements and can help ensure your transaction is not leaked before the block.

However, if you have your default settings on, you run the risk of exposing yourself, especially if you’re interacting on a new token where the pools are less liquid. Pump.fun tokens can be a popular target for sandwich attacks especially when they’re first listed. If a pump.fun token is doing a pump, and there isn’t much liquidity in the pool, you’re not going to get filled if your slippage is tight. If you bump up that slippage to say, 15%, then you can now have your entire slippage taken off you by the attacker if they’re able to sandwich your transaction. The easiest way to get sandwiched on Solana is by bumping up your slippage tolerance on a hyped illiquid token; a large slippage tolerance on a hyped, illiquid token is essentially inviting the bot to take as much of your transaction as you allow.

How can I be sandwich attacked?

You can largely mitigate a sandwich attack with the use of tight tolerances and protected routes; the most common vulnerabilities are mitigated by the settings mentioned above, so there are fewer avenues left open. The primary vectors are colluding validators and private orders. These are still threats today but they are getting more and more expensive.

Contents

Writen By

Stay Updated - Follow us on X

Project review threads, dApp insights, announcements, news, and more.