- Token trades on decentralized exchanges can change an asset’s market price. Bots generate a profit by frontrunning these trades, buying the asset for a low price, and then selling it for a high price.
- In this work, we present an analysis of such sandwich attacks for twelve months. During this time there were at least 480’276 attacks in Ethereum leading to an accumulated profit of 190 million USD.
- By splitting frontrunnable trades into multiple transactions, traders could have saved more than 90 million USD. We present a tool that helps them find an ideal order split.
How common are sandwich attacks in Ethereum and is there a way to prevent them?
Züst, P. (2021). Analyzing and Preventing Sandwich Attacks in Ethereum
- Decentralized Finance (DeFi): A set of finance-focused blockchain protocols that enable users, among other things, to take out loans or exchange tokens.
- Decentralized Exchange (DEX): Allows users to trade crypto tokens without the involvement of a central intermediary.
- Constant Product Automated Market Maker (AMM): Currently the most widely used implementation of a decentralized exchange. The basic idea is to keep token funds in liquidity pools. Traders are then able to swap tokens in a pool, as long as the product of the token amounts is constant before and after the swap.
- Uniswap: One of the most popular decentralized exchanges. More than 3 billion USD in token value locked and the basis for other exchanges like SushiSwap or PancakeSwap.
- Network Fees: Incentive for miners to include a given transaction in a block. Needs to be paid for every Ethereum transaction. Amount depends on the computational complexity of the transaction, as well as the chosen gas price.
- Exchange Fees: Cost of using an exchange. On Uniswap it’s 0.3% of the input amount of a swap.
- Slippage Tolerance: Token prices can be volatile. The slippage tolerance indicates the maximum price increase a trader is willing to accept in a given token swap.
- Mempool: Nodes store pending transactions locally in the mempool before they are included in the blockchain. The time a transaction is pending depends on the chosen gas price and the available block space.
- Transaction Ordering: When assembling a new block, miners are free to select any transactions from the mempool and arrange them in any order. The traditional strategy is to include the transactions with the highest gas prices in descending order, but there is no requirement to do so.
- Frontrunning: When an attacker observes a pending transaction, they can broadcast a new transaction with a slightly higher gas price. If a miner orders transactions strictly according to the gas price, the attacker’s transaction will be executed right before the original transaction. This mechanism has been studied in traditional markets for decades and is usually prevented by regulation.
- Backrunning: Same principle as frontrunning, but the attacker chooses a slightly lower gas price. This is how they try to ensure that their transaction is executed right after the victim transaction.
- Miner Extractable Value (MEV): Since miners have full control over how they arrange transactions, profit through frontrunning is considered miner extractable value (MEV). This term refers to the value that miners can generate by adding new transactions to a block or favorably ordering pending transactions.
- Sandwich Attacks: A swap on a decentralized exchange can lead to a significant boost of an asset’s market price. Attackers continuously monitor the mempool to find a transaction that entails large price differences. They then release a frontrunning transaction to buy the given asset, and a backrunning transaction to sell it for an increased price.
- Proxy Contracts: Transactions in a sandwich attack are typically sent to a proxy contract instead of a router offered by the exchange. This allows attackers to check whether the respective liquidity pools still hold the expected amount of tokens before executing the swap. If this is not the case and an attack would not be profitable, the swap can easily be canceled.
- Flashbots: A software project which allows users to submit suggestions for block compositions directly to miners. This turns MEV extraction from a central process into an open market where bots continuously search for the most lucrative way to assemble a block with pending mempool transactions.
- Bots continuously scan pending Ethereum transactions and employ different tactics to profitably frontrun them. A common type of frontrunning is the so-called sandwich attack.
- We created a large-scale analysis of sandwich attacks for a period of twelve months. During this time there were at least 480’276 attacks on AMM DEXes in Ethereum leading to an accumulated profit of 190 million USD for attackers.
- Our paper also shows that miners have recently begun to play a more active role in these value extractions which drastically changes the patterns we observe for sandwich attacks.
- Splitting up frontrunnable trades can be a valid mitigation strategy. We explain how traders could have saved 90 million USD by releasing multiple smaller swaps instead of one large trade.
- A public tool to check whether a transaction is susceptible to sandwich attacks and to find a suitable order split was released on www.DeFi-Sandwi.ch.
- Finally, we initiated a survey to understand how users perceive sandwich attacks and what mitigation strategies they know. While all participants had a clear understanding of the attack, most of them didn’t know how common they were nor how they could be prevented.
- We first provide some mathematical background to understand how a token swap affects an asset’s market price, and how the profitability of a sandwich attack is determined.
- The paper then describes the heuristics used to classify sandwich attacks. The approach differs from related work, as it mainly focuses on the input and output amounts instead of the sender addresses.
- Next, we outline the structure of our data analysis. We used a modified Geth client to export all receipts of Ethereum transactions from May ‘20 to May ‘21. This dataset was filtered to only include receipts where a swap event was emitted. We then look for two transactions fulfilling the given heuristics for a sandwich attack.
- The discovered attacks were further analyzed, allowing us to learn more about the strategy attackers used, the profit they generated, and the sandwich opportunities they missed. A special emphasis is put on sandwich attacks which are executed in collaboration with miners.
- After describing the current state of sandwich attacks in Ethereum, the paper suggests a method for traders to prevent being attacked: By splitting a token swap into multiple transactions, a sandwich attack becomes unprofitable. We introduce the mathematical concepts to find an ideal order split.
- A web interface was developed which enables traders to check whether a given trade is susceptible to sandwich attacks. If this is the case, the tool suggests an ideal order split. We use backtesting to quantify how much money traders would have saved by using this trading strategy.
- Finally, we present our findings from a user study around the perception of sandwich attacks.
- Number of Attacks
In the given period, we analyzed 2’367’980 blocks using specific heuristics. In total, we discovered 480’276 sandwich attacks. The graph above shows how sandwich attacks became much more common over time.
Involved Token Pools
Overall, the sandwich attacks we discovered made use of 5387 different ERC-20 tokens. The most popular pair was ETH-YELD which was attacked 3498 times. Around 55% of the involved token pools were attacked ten times or less.
We found 964 different proxy contracts that received at least one attack transaction. Attackers appear to switch their proxies frequently, as a contract is only in use for two weeks on average (90’913 blocks). The most active proxy contract processed 51’475 of the attack transactions we discovered (5.36%).
To make statements about the profitability of attacks, we focus on transactions where at least one of the two involved tokens is ETH (which is the case for 96.28% of attacks).
The accumulated profit over time can be seen above. The profit started increasing rapidly in July 2020. This coincides with the total number of sandwich attacks we are observing. Although the number of attacks stayed high through fall 2020, the profitability of the individual attacks decreased, most probably because of increased competition. The surge of profit at the beginning of 2021 could be connected to attackers collaborating with miners. In total, attackers earned 64’217 ETH (189’311’716 USD) in the given timespan. This also includes unprofitable attacks which constitute 18.14% of all attacks. If unprofitable attacks were excluded, the profit would amass to 73’337 ETH (216’197’476 USD).
Our analysis showed that attackers almost always achieve the maximum possible profit, i.e. they choose an ideal input amount for the buy transaction and push the price to its limit. The minimum output and the actual output of the victim transaction differed by less than 1% on average.
The most profitable attack with a single victim transaction occurred on Feb 17, 2021 on Uniswap V2: A known sandwich bot released the respective frontrunning and backrunning transactions, netting a profit of 39.17 ETH (100’626 USD) in a single attack.
The ten most unprofitable attacks all happened on Dec 19, 2020, and seem to stem from a misconfiguration of an attacker. They lost at least 219 ETH (645’612 USD) in less than 90 minutes.
- Accumulated Profit
- Allowed Unexpected Price Slippage
The figure shows how the selected slippage rates are distributed. Especially the share of transactions with a slippage tolerance of more than 10% is notable. The official Uniswap V2 interface suggests values between 0.1% and 1%.
Active Reordering by Miners
We consider a sandwich attack to be in collaboration with a miner if the gas prices of the frontrunning and backrunning transactions are both at most 1 Gwei. There was a surge of such attacks since the beginning of 2021. This timing coincides with the release of the Flashbots project. The table shows how increased control over the block order leads to a surge of profitability for sandwich attacks.
Unused Sandwich Opportunities
In total, we found 3’612’343 swaps with ETH as input token that could have been profitably attacked, but were not. The diagram shows how the share of unused sandwich opportunities declined over time. The largest missed opportunity for a sandwich attack could have earned an attacker 724 ETH (2’134’352 USD). It is likely that some of these transactions were never broadcast to a public mempool.
Backtesting Order Splits
To analyze the effectiveness of order splits as a mitigation strategy, we made a selection of 226’905 profitable sandwich attacks. The analysis showed that 160’347 (70.67%) of these attacks could have been prevented if a suitable order split had been used. In these transactions alone, traders lost 42’504 ETH (125’301’792 USD). Applying the order split strategy would have saved them 30’525 ETH (89’987’700 USD).
User Perception of Sandwich Attacks
To conclude our study, we conducted a survey with experts of the Ethereum community. While almost all participants agree that DeFi users can be negatively impacted by sandwich attacks, a clear minority considers the attacks immoral. Two people even brought up the point that sandwich bots should not be considered attackers.
- Data Analysis: We used block analysis to investigate sandwich attacks on decentralized exchanges in Ethereum. Compared to related work, we apply heuristics better suited for the current DeFi environment and present more recent and extensive data.
- Order Splits: We established order splitting as a mitigation strategy in a theoretical framework, verified its effectiveness using backtesting, and created a public tool that suggests ideal order splits for given trades.
- User Perception: Our user study showed the large information gaps around sandwich attacks and confirmed the need for continued research in that area.
- The paper suggests that in the future every profitable frontrunning opportunity will be used, potentially harming traders and challenging the current architecture of decentralized exchanges.
- Our work also shows that the number of sandwich attacks executed in collaboration with miners is rapidly increasing. It can be assumed that, in the long run, all profit generated through sandwich attacks will be made by - or shared with - miners.
- Projects like Flashbots enable frontrunning bots to directly influence the transaction order in a block. This allows for attack schemes far more sophisticated than the sandwich trades highlighted in our paper, potentially leading to a steep increase in MEV extraction.
- There are large information asymmetries around frontrunning. Whether or not sandwich attacks are immoral is a controversial topic. As frontrunning becomes more prevalent, the Ethereum community will have to think about what this new paradigm means for the platform.
- We are currently adapting the given report for publication in a scientific journal. It will be extended to include an additional user study focussing on the perception of sandwich attacks.
- The Ethereum platform and the DeFi ecosystem are undergoing rapid changes. Extending the block analysis for a longer period will reveal how sandwich attacks are influenced by different factors, like Ethereum’s switch to proof of stake, the release of Uniswap V3, or the continuous proliferation of the Flashbots project.
- The tool we built is a research prototype and there are several possibilities to make it more user-friendly. Apart from improving the design, it could be extended by including multiple exchanges, or functionality that lets users directly sign and broadcast the suggested order split transactions.
- We released a web interface on www.DeFi-Sandwi.ch which is based on the mathematical principles presented in the paper. Users can check whether a given trade on Uniswap V2 can be sandwich attacked. They see how the input amount, slippage tolerance, and transaction fee impact the profitability of the attack. The tool also suggests an ideal order split, such that sandwich attacks won’t be profitable anymore.
- Various services were developed which allow users to submit transactions directly to a miner. Using these private mempools, traders can circumvent the risk of being sandwich attacked. Examples include the Taichi network and 1inch’s Private Transactions.
- The growing number of sandwich attacks also led to the development of new decentralized exchanges. They are tailored to an Ethereum network where frontrunning is not an exception, but the norm. Archer Swap, Mistx, Cowswap, and Swapswap were all built with MEV extraction in mind. They use different approaches to share profits generated through frontrunning with traders.
- As users become more aware of sandwich trades, they want to know whether they were ever attacked. Sandwiched.wtf is a tool that lets users check whether they ever fell victim to such an attack.