What is a DeFi sandwich attack?

A sandwich attack is a market manipulation tactic that somewhat questionable traders carry out through decentralized finance (DeFi) platforms for their own gain. The attack takes advantage of “frontrunner” and “backrunner” transactions that sandwich regular transactions in such a way that they earn the attacker a small profit.

In this AAG Academy guide, we’ll explain what sandwich attacks are and how they work in more detail, and look at whether they’re really worth the effort. We’ll also answer some frequently asked questions around sandwich attacks.

What is a sandwich attack?

Sandwich attacks are a form of “frontrunning” — a market manipulation tactic in which traders take advantage of pre-market knowledge to buy or sell assets before a particular order is executed. For instance, a miner who has access to information on an upcoming trade could place an order that will earn them a profit when that trade is executed.

When it comes to sandwich attacks, two orders are placed; one before and one after the pending transaction. In other words, frontrunning is combined with “backrunning” to maximize its effectiveness. This allows a trader to buy a particular asset at a lower price, already aware that its value is going to rise, while their victim pays a higher price for it.

Sandwich attacks aren’t as common as other cryptocurrency scams, so not as many people are familiar with them, but they can certainly pose major problems when carried out successfully. While attackers themselves collect a tidy profit on these trades, their victims end up with less cryptocurrency than they were originally entitled to.

How does a sandwich attack work?

Sandwich attacks are a somewhat complicated process, so we’ll use a simple example to explain how they come together. Let’s say that Andrew wants to swap some AAG tokens for ETH, so they create the necessary transaction. Peter has pre-market knowledge of this transaction, so he buys ETH before Andrew’s transaction causes its value to rise.

Before Andrew’s transaction has a chance to change the value of ETH, Peter’s has already created an artificial price increase, so Andrew ends up paying more than originally anticipated for his ETH and ends up with less than expected. Peter can then sell his ETH at a higher price and collect the profits. They may not be large, but the attack can be carried out repeatedly.

This is a very straightforward example of a sandwich attack, simply to explain the concept, but in reality, they can be much more complicated. Most sandwich attacks — which are usually carried out through automated market makers (AMMs) such as PancakeSwap, SushiSwap, and Uniswap — can be split into two categories:

Liquidity taker vs. taker
In this scenario, liquidity takers on an AMM attack other liquidity takers. Attackers see a pending transaction and then submit subsequent transactions — frontrunning and backrunning — which creates three pending transactions. Miners decide which is approved first, so the attacker will usually offer up a higher transaction fee to give their request a greater chance of going first.

Liquidity provider vs. taker
This scenario is carried out in much the same way as taker vs. taker, but the attacker must carry out a little more work. They first remove liquidity as part of their frontrunning process, increasing the victim’s slippage. They then re-add liquidity as part of the backrunning process to restore the original pool balance. Finally, they swap the necessary assets.

Assuming the trick is carried out successfully and that all goes as planned, the attacker can withdraw their liquidity before the victim’s transaction is processed, eliminating the commission fee for that transaction.

Are sandwich attacks worth the effort?

As you’ve likely realized by now, sandwich attacks can be complex and difficult to execute successfully. Some even rely on factors outside of the attacker’s control, so they are not guaranteed to turn out as planned. In addition, the cost of performing all the necessary transactions can sometimes outweigh the potential profit an attacker might earn.

Taking all of this into consideration, it’s easy to see why sandwich attacks aren’t as popular as other cryptocurrency scams or market manipulation techniques. However, there is potential for sandwich attacks to be profitable, so some traders still attempt them on a regular basis. So much so that sandwich attack calculators are available online.

How to protect against a sandwich attack

From a trader’s perspective, there is little that can be done to protect yourself from a sandwich attack. An attacker’s actions are out of our control, and there are no steps we can take to prevent them from executing the transactions they wish to carry out. Instead, it is the responsibility of AMMs and other platforms to implement measures to counter these tactics.

Some have already begun taking steps to do that. 1inch is one AMM that offers a “flashbot transactions” order type, which does not appear in the transaction “mempool,” so potential hackers are unable to see it while it is processing. Carried out only by trustworthy miners, these transactions remain hidden until they are minted. Only then do they appear on the blockchain.

References

• What is front running in crypto and nft trading
• What are sandwich attacks in defi and how can you avoid them
• Sandwich attacks and the calculations involved