Sandwich Attack
MEV attack that surrounds victim's trade with buy/sell orders
Definition
A sandwich attack occurs when a malicious actor places transactions before and after a victim's trade to profit from the price movement caused by the victim's transaction.
Sandwich Attack is a risk term used to understand MEV attack that surrounds victim's trade with buy/sell orders. In practice, it matters because it affects how users evaluate protocols, compare opportunities, and avoid hidden assumptions.
Example
An attacker sees your large buy order, front-runs with their own buy to push price up, then back-runs with a sell order after yours executes.
How it works
In practice, the concept shows up like this: An attacker sees your large buy order, front-runs with their own buy to push price up, then back-runs with a sell order after yours executes.
Why it matters
Sandwich Attack matters because small misunderstandings in DeFi can turn into bad pricing, liquidation, governance, custody, or smart-contract risk. A good mental model helps you compare protocols without relying on marketing language.
What to check
Treat it as a risk term: identify the failure mode, who can be harmed, and what evidence would reduce that risk. The main checks are: Increased trading costs; Unfair extraction; Poor execution.
Risks to Consider
- Increased trading costs
- Unfair extraction
- Poor execution
Common Questions
What does Sandwich Attack mean in DeFi?
Sandwich Attack means MEV attack that surrounds victim's trade with buy/sell orders. The useful question is not only the definition, but how the mechanism changes risk, return, liquidity, or governance for the user.
How is Sandwich Attack used in practice?
A practical example: An attacker sees your large buy order, front-runs with their own buy to push price up, then back-runs with a sell order after yours executes.
What should I check before relying on Sandwich Attack?
Check increased trading costs, unfair extraction, poor execution. Also verify liquidity, oracle assumptions, admin controls, and whether the protocol has been tested during stressed markets.