Sandwich attacks are a type of market manipulation in decentralized finances ( DeFI ). In these attacks, malicious actors profit from user’s transactions by exploiting the blockchain technology’s transparency and market aspects. In this blog, we will briefly explain what are sandwich attacks in Defi, how they work, their impact on Defi users and how can you protect yourself from sandwich attacks.
What Is A Sandwich Attack?
A sandwich attack occurs when an attacker sees a pending transaction in a blockchain’s mempool. Then they strategically place two of their own transactions one immediately before and one immediately after the victim’s transactions. This is called as “sandwiching”. The attacker uses his transactions to trap the victim’s transaction in the middle which allows the attacker to gain profit from the price movement caused by the victim’s trade.
How Does A Sandwich Attack Happen In DeFi?
Here is how a sandwich attack typically unfolds:
- Firstly, a user does a transaction to buy or sell any token on a decentralized exchange platform ( DEX ).
- An attacker finds that transaction and spots that it is pending to be completed in the mempool.
- Then the attacker quickly adds in their transaction to buy the token instead just before the user’s transaction.
- The user’s transaction goes through due to sudden price fluctuation because of a rise in demand.
- Then the attacker immediately sells the tokens they got profiting from the price fluctuation.
This whole process happens in just a span of milliseconds. It happens so quickly that the victim cannot even comprehend that they have been “sandwiched”.
Why Are Sandwich Attacks Possible?
Many reasons in the DeFi system makes the sandwich attacks possible:
- Gas fees and transaction priority: Transactions on many blockchains take time, they are not done immediately. Instead, the transactions that have gas fees attached to them are prioritised more. So the attackers pay higher gas fees with their transaction making their transaction to be processed before the victims.
- Blockchain transparency: Public blockchains like Ethereum are made transparent. So all the pending transactions are visible to everyone in the mempool before they get confirmed. While this feature is considered very helpful, it also allows attackers to spot pending transactions and manipulate them.
- Automated market makers (AMM): A lot of decentralized exchanges use AMMs. They determine token prices based on the ratio of tokens in a liquidity pool. Larger trades impact the prices creating more opportunities for sandwich attacks.
- Front-running bots: Advanced attackers use automated bots to constantly check decentralized platforms and mempools to find out pending transactions. They spot the pending transactions and execute attacks at very high speed making it nearly impossible for humans to compete with them.
What Is The Impact Of Sandwich Attacks?
Sandwich attacks have become a very serious issue in the DeFi space, they have significant impacts:
- Reduced trust: These attacks undermine the confidence of people in Defi platforms. The regular attacks on these platforms could discourage new users from participating.
- Losses: When the price gets manipulated, users end up paying more for their tokens or receiving less than they should have.
- Network issue: The additional pressure from constant sandwich attacks can contribute to network issues leading to higher gas fees for everyone.
How Can You Protect Yourself From Sandwich Attacks?
We cannot eliminate the risks of sandwich attacks but there are some measures you can take to minimize the attacks:
- Avoid large trades. Break large trades into small traders so that the attackers see you as a less attractive target.
- Set a reasonable slipping tolerance on your trades. Slipping can limit how much price you can move before your transaction fails.
- Consider time-weighted average price (TWAP) orders. These execute your trade over time, reducing the impact on price. It makes sandwich attacks less profitable.
- Search for platforms that offer private transaction pools. You can hide your pending transactions here from public view leading to no target from sandwich attackers.
- Try using DEX aggregators because these platforms split your transactions reducing the impact of sandwich attacks.
- Try to be very cautious when the market is high because sandwich attackers attack more during this time only.
Overall
Sandwich attacks are one of the most concerning issues in the DeFi ecosystem. By understanding how these attacks work and taking proper measures you can save yourself from sandwich attacks. As we move ahead, we can expect more strict measures against sandwich attacks, creating a more safer space for users in the DeFi systems.