What Is a Sandwich Attack in Crypto? MEV Explained

— By Tony Rabbit in Tutorials

What Is a Sandwich Attack in Crypto? MEV Explained

Sandwich attacks in crypto explained: learn why MEV worsens your trades and how to reduce hidden execution losses when swapping on DEXs.

Many traders assume that if a swap executes, the main risk is already gone. In reality, your trade can still be quietly exploited inside the block. One of the clearest examples is the sandwich attack.

A sandwich attack in crypto is a form of MEV where an attacker places one transaction before and another after a victim’s trade to profit from the victim’s price impact. The victim still gets filled, but usually at a worse price than expected. The attacker captures value from the slippage window around the trade.

This is why sandwich-attack analysis matters. It teaches traders that execution quality is not only about whether a trade succeeds, but also about how much hidden value is extracted around it.

Quick take

  • A sandwich attack wraps around a victim trade with one transaction before and one after.
  • It matters because it creates worse execution and hidden slippage costs for the trader being targeted.
  • Thin liquidity and loose slippage settings usually make sandwich risk much worse.
  • The best defense combines better execution habits, tighter slippage, and better venue awareness.

What a sandwich attack means in crypto

In practical terms, the attacker sees a pending trade, pushes a buy or other positioning transaction ahead of it, lets the victim trade move the price, then exits immediately after. The result is that the victim pays more or receives less than they would have without the attack. The trade is not blocked, but it is made worse.

Diagram showing a central trade squeezed between front-run and back-run transactions

Sandwich attack vs related execution risks

RiskWhat happensWhy traders care
Sandwich attackAttacker positions before and after your tradeYou lose value through worse execution inside the block.
Front runningSomeone gets ahead of your trade or informationBroad category that can include several execution exploits.
SlippageYour executed price differs from the quoteMay happen naturally or be amplified by attackers.
Thin liquiditySmall orders move price more than expectedCreates a larger attack surface for sandwich behavior.

Why sandwich attacks matter to traders

The reason is simple. A trade can look successful while still being expensive in ways a beginner barely notices. On fast-moving or illiquid markets, sandwich attackers exploit predictable slippage tolerance and exposed transaction flow.

What sandwich-attack analysis helps you judge

Execution quality
You can fill a swap and still get a materially worse price because of surrounding activity.
Venue risk
Some environments expose public order flow in ways that make exploitability worse.
Slippage discipline
Loose slippage settings give attackers more room to extract value.
Pool quality
Thin pools are easier to move and therefore easier to exploit.

Sandwich attack vs front running

This distinction matters because traders often use the terms interchangeably. Front running is the broader idea of moving ahead of someone else’s order or information. A sandwich attack is a specific structure where the attacker enters before and exits after the victim to capture the price move created by the victim.

What sandwich-attack analysis cannot prove alone

  • It does not replace slippage analysis, because execution settings still matter even without attackers.
  • It does not replace liquidity checks, because thin pools naturally create worse execution conditions.
  • It does not mean every bad fill was a sandwich attack, because some losses come from ordinary market movement.
  • It does not guarantee immunity just because a route or wallet claims to reduce MEV exposure.

How to reduce sandwich risk in practice

The clean workflow is to reduce predictability and reduce the size of the value window you expose. If the trade is easier to exploit, it usually will be exploited in active markets.

Conceptual visual of predatory liquidity waves squeezing a single trade path

A practical sandwich-risk workflow

  • Avoid trading large size into very thin pools without planning the execution.
  • Use tighter slippage settings when market conditions allow it.
  • Split large orders if one big swap would create obvious price impact.
  • Be more careful during peak volatility and meme-coin style launch windows.
  • Treat bad execution as a signal to inspect route quality, liquidity depth, and MEV exposure more closely.

Final takeaway

A sandwich attack in crypto matters because it shows how hidden execution costs can extract value even from trades that appear to go through normally. If you only judge swaps by success or failure, you miss one of the most common forms of silent damage.

The practical rule is simple: do not ask only whether the trade filled. Ask whether it filled well. In fast markets, that difference is often where sandwich attackers get paid.

Related reads on DEXTools

FAQ

What is a sandwich attack in crypto?

A sandwich attack is a form of MEV where an attacker places one transaction before and another after a victim’s trade to profit from the victim’s price impact.

Why do sandwich attacks matter?

They matter because traders can receive worse execution, higher effective costs, and hidden slippage losses even when the trade still goes through.

Is a sandwich attack the same as front running?

It is related but more specific. Front running is a broader category. A sandwich attack specifically wraps around the victim’s trade with a before-and-after position.

How can traders reduce sandwich risk?

They can reduce it by managing slippage, splitting orders, avoiding thin pools, using better execution routes, and being more careful during volatile conditions.

Disclaimer: This content is for informational purposes only and does not constitute financial advice. Crypto investments carry risks, including loss of capital.

Related Guides

Frequently Asked Questions

What is a sandwich attack in crypto?

A sandwich attack is a form of MEV where someone places a buy right before your trade and a sell right after it, profiting from the price movement your trade causes. Your transaction is sandwiched between theirs, leaving you a worse execution price.

How does a sandwich attack work?

An attacker spots your pending swap in the public mempool, front-runs it to push the price up, lets your trade execute at the higher price, then sells. The difference they capture comes out of your trade as extra slippage.

How can I reduce sandwich attack risk?

Setting a tighter slippage tolerance limits how much the price can move against you, and using private transaction routing or MEV-protected endpoints hides your trade from the public mempool. Trading in deeper liquidity also makes your swap harder to exploit.

Does high slippage make sandwich attacks worse?

Yes, a high slippage tolerance gives attackers more room to move the price before your trade reverts, increasing how much they can extract. Keeping slippage as low as your trade allows reduces that opportunity.