Research Summary: Analyzing and Preventing Sandwich Attacks in Ethereum

Great study @PatrickZuest I really enjoyed going through this study and also watched some clips and explanations on it.
Well I have a question on this topic, how does the attacker control the order in which the transactions are executed, is it by paying more or less gas fees to the miners ?

1 Like

Hi @Freakytainment I recently did some study on sandwich attacks. Let me make some input before Patrick shows up to take the wheel.

Sandwich attacks are caused by transaction reordering, that is back running and front running. In front running, an attacker sees a huge pending transaction they can exploit. The attacker then initiates a transaction and pays more gas for their transaction to be confirmed before the victim’s transaction. It is usually a swap in a liquidity pool.

So, if the attacker swaps first they create an imbalance in the liquidity pool. Then, when the victim swaps, they experience a slippage. Finally, the attacker swaps back in what is called the back running, and because there has been a slippage, they steal the victim’s funds.

So in the end, the increase in gas fee was what gave the attacker the advantage. I hope this helps.


Sandwich Attacks: Ethics and Impact
Bob and Chad are friends who understand how well smart contracts in Ethereum work. One day, they get into an argument about sandwich attacks based on a recent news they heard. Chad argues that sandwich attacks are fun and ethical, but Bob feels otherwise. Bob believes it is a manipulation, hence unethical.

Not everyone believes that sandwich attacks on DeFi are unethical. Some people are like Chad. They see it as a case of survival of the fittest and that in war, everything is fair. The title of this paper, Attacking the DeFi Ecosystem with Flash Loans for Fun and Profit, gives a sneak peek of how a good number of users feel about DeFi attacks.

In this post, I will give reasons why I believe that sandwich attacks are unethical and impact the DeFi ecosystem negatively.

Understanding Ethics and Sandwich Attacks
Ethics bothers on the moral principle of what is right or wrong. Ethical behavior boils down to a morally good behavior, whereas unethical behavior is referred to as a morally unacceptable behavior.

Image source: My Own Business Institute

On the other hand, in a sandwich attack, one user, who is perhaps smarter and more DeFi savvy, frontruns and backruns another user’s transaction.The consequence of this is that the second user loses a percentage of their funds. But the first user makes a reasonable profit from the transaction.

Probably nothing is inherently wrong or right, it has to be established. I will establish some points in the following paragraphs.

The Process of Sandwich Attacks
In a sandwich attack, there is a victim and an attacker. One is the conquered and the other is a conqueror. The problem with being conquered is that it leaves one unhappy and regretful. Is it right to make someone else feel this way?

Also, the most outstanding thing about the attacker is their intent. An attacker sees a large pending order from a victim and decides to frontrun and backrun it for profit. The intent of the attacker is to make profit from the prospective victim’s fund while the victim loses part of their fund. In the end, they technically steal the victim’s funds. Taking what does not belong to someone is wrong. But again, what is wrong or right has to be established, and a good number of people will agree that stealing is wrong.

Some see sandwich attacks as fun because they are at the winning end. What if they are the victim? Would it still be fun to lose their fund? Does anyone like to lose their funds? If losing one’s fund will make one feel bad, then it is wrong for that same person to steal another’s fund.

Impact on Defi and Users
Let’s assume that Alice is a new DeFi user. If she loses a percentage of her funds while swapping in Uniswap, what do you think will happen to her perception of DeFi? Since she is new, she will be scared and will go back to TradFi where she understands her devil.

DeFi is in its early years, and a bad reputation resulting from attacks will hamper its growth.

Again, Alice will go ahead to tell other people that she has tried out DeFi and it is fraudulent. This will not be a good message about DeFi thus tarnishing its image.

Conclusively, sandwich attack on DeFi is like a fisherman polluting a river with chemicals. If all the fishes get killed, how then do they get fishes in the future? One cannot keep harming their source of livelihood and expect it to be fertile for business. Sandwich attack is unethical and should be nipped in the bud so as to help DeFi flourish.


Hi @PatrickZuest :wave:

So, I have seen your summary flying around the forum a couple of times, but I always shelved it

That’s until @Ulysses’s Writer’s Cohort comment on your post prompted me to read the summary for better context on sandwich attacks.

Here are my thoughts

I like that your summary is easy to read, and I love the extra explanation you added in the background

Concerning the subject matter, I think I understand the idea behind the name “Sandwich Attacks.”

Kind of like a pun because the attackers ‘sandwich’ their transactions back and forth in the blockchain’s mempool to make more profit.

Speaking of profit, the $190 million profit they made in about a year is mind-blowing,but I am not so surprised🤔. Cheating tends to be very profitable.

Apart from the above, I am curious about:

How fast do Sandwich attackers have to be to make profits?

And how has the attacking landscape changed since Ethereum switched to POS and started using validators instead of miners to arrange network transactions?

That’s all… Thanks for expanding my DeFi knowledge :+1:


Thanks for the information and amazing summary.nice work


@PatrickZuest I hope this finds you well

Placing a limit order is the simplest technique to avoid being sandwiched. Users can specify their fill price as opposed to standard market orders, which are prone to slippage. While previously only possible on centralized exchanges, DEXs like Spiritswap and 1inch now support this.


@Humphery, this is a wonderful innovation! I’m really interested in this.I recently wrote about sandwich attacks on the first week of the writing cohort.

Have you tried the limit order execution on any of the DExs? How effective was it if you have? Your review will be much appreciated.


@Ulysses yes tried and proven;

Placing a limit order is the simplest technique to avoid being sandwiched. Users can specify their fill price as opposed to standard market orders, which are prone to slippage.

While previously only possible on centralized exchanges, DEXs like Spiritswap and 1inch now support this.

On a variety of networks, including Ethereum, Avalanche, Arbitrium, and others, it enables users to set predetermined exchange prices. Even though there can be more costs involved, it is worthwhile for bigger trades.

I learn that Flashbot can be used to stop sandwiches.

To find out more about the flashbot you can continue reading on this link;


Using the Flashbots RPC is another option to secure your transactions. It omits the public mempool in order to deliver transactions directly to miners, adding an additional layer of security.

While it’s currently in public beta, some of its benefits include the ability to guard against bots and the lack of a fee for unsuccessful transactions.

Final Thoughts

Sandwich bots and MEV may be unethical, but they undoubtedly demonstrate Web3’s transparency. However, techniques to extract value, such time bandit and uncle block assaults, are keeping up with security.

Although many people are still unaware of this hidden tax on their transactions, new techniques to protect against them are always being developed as growing pains.

Therefore, it’s crucial to constantly warn Web3 users not only about bots but also about phishing, frauds, and other threats. It could also be time to consider whether the costs and benefits of the trade-offs between security and decentralization are worthwhile.

I hope this meets up to your question?


Yes it does. This is great!

1 Like

During the just concluded synthesis cohort, I wrote about the ethics and impact of sandwich attacks. Today, I will add a practical way to prevent sandwich attacks on Ethereum. This is based on my recent research effort after my interaction with @Humphery on the issue of resolving sandwich attacks.

The primary cause of a sandwich attack in Ethereum is front-running. Front-running involves a clever user trying to process their transaction before yours, although you initiated yours before theirs. In doing this, they get a better price than you and you incur some loss.

The above manipulation is possible because the user can see your transaction in the public Mempool. This is a bit of a mouthful. Let’s see what a Mempool means.

But suppose you find a way to bypass the Mempool and go directly to the miners/validators? If you do this, no one on the network will see your transaction except the miners/validators.

If no one can see your transaction awaiting addition to a block, no one can front-run it.

Escaping the probability of front-running means escaping sandwich attacks.

The above concept is referred to as a Private Transaction. So in a private transaction, when you broadcast your transaction to the Ethereum network, instead of sending to the Mempool, you send directly to the validators/miners.

This research paper by @MiaZmy studies private transactions in Ethereum and its limitations.


This is explicit in explaining the forward solution to Front-running @Ulysses

Miners have the edge in preventing this sandwich attacks if one can be able to bypass the mempool.

However, as you pointed out, this process will result in a Private Transaction which @MiaZmy in his research summary illustrated its limitations.

Permit me to take an excerpt:

Miners are also known to receive incentives from attackers and aid in permitting these attacks.

Hence, one can say that Miners are at the centre in preventing some of these attacks.


Great points @Chrisarch. I can understand with miners, no one wants to leave money on the table. :joy:

Also, I like to think that the miners do not have as much as that power, otherwise it becomes a centralized system.

Users give these miners the power they seem to have. There is a way that I think the Ethereum community can approach this through an Ethereum Improvement Proposal (EIP):

All transactions on Ethereum blockchain should maintain a constant gas price that is the Base Fee.

If using a constant Base fee doesn’t give users some space to breathe, the gas price can be given a small allowance for increment. Instead of having an unlimited gas price increment potential that incentivizes miners to undermine the security of the blockchain.


No miner would like this take, as it would take away their Priority fee(tips). :joy:

I think the Ethereum community’s approach through an EIP would be of great help as you suggested.

Thank you for the amazing response @Ulysses


This the great. I give my vote for @Ulysses


nice work @PatrickZuest
Having understood how sandwich attacks in ethereum works in general, In order to decide whether to conduct an attack or not, a bot or attacker, in my opinion, would analyze transactions in the Mempool(a waiting area for the transactions that haven’t been added to a block and are still unconfirmed). therefore, it would be preferable to encrypt transaction information. The community has proposed using zk-SNARKs, a zero-knowledge-proof method, to do this. In other words, the information associated with each transaction would be encrypted and hidden using zk-SNARKs, rendering the bot helpless.
However, because to its limitations, including its high gas cost and potential for use in repelling assaults that lower overall liveliness, this strategy is insufficient to prevent this type of attack.
The current situation is still in the R&D phase to protect the Ethereum mempool against this type of attack.


Cause Sandwich attacks have obvious financial benefits, but they may not always be beneficial for the attacker. When using the Ethereum network, which frequently reports transaction charges (per action), the expense of carrying out these transactions to front- and back-run other traders will frequently outweigh the cash reward for attackers.

Well @Never_in_trenches the commission received from “regular behavior” and the transaction cost for a sandwich attack must be less than the victim’s trade amount for a sandwich attack to be profitable.