A Sandwich Attack is a front running attack on a decentralized exchange (DEX), in which influence is exerted on the initial price of a swap. The attacker takes precedence over this transaction and buys this coin at the current bargain price and then sells it to the victim at a more expensive price. The victim is in between the two transactions, like a sandwich. A sandwich attack is a common attack that takes place in the world of DeFi.
Front running attack & mempool #
The Sandwich Attack is part of a front running attack. A transaction is not immediately added to the blockchain, but they are first collected as part of blocks. A block is therefore a collection of all transactions that are ready to be executed.
The nodes in the network are then notified of these transactions. When nodes receive a copy of this transaction, they add it to the pool of unused transactions, called the mempool.
When a new block is created on the blockchain, the creator of this block processes all these unused transactions. The order is determined by the amount of the transaction costs. The higher the gas fee, the faster your transaction will be completed.
In these few minutes a front running attack happens. They benefit from the process of adding transactions based on transaction costs. An attacker has the ability to ensure that its transaction is processed before any other transaction by including higher transaction costs. By definition, a front running attack is the privilege of influencing information before others can.
By having this extra information, a front runner knows which transactions are in the mempool and which have not yet been added to a block. This allows a front-runner to place a trade in a block for someone else. How? By looking at the transaction cost of the current transaction, and surpassing it by means of a higher transaction cost. Miners treat transactions with a higher fee first.
At first you would think that this makes sense, that the person with the highest transaction cost is given priority. But front runners can exploit this to harm other users. Front runners can also apply this strategy to Ethereum Name Service. Imagine that you want to register a domain name with Ethereum to ensure that your network is found well by means of a nice name.
A front runner can therefore see this information earlier and use this information. This front runner can then sell you this domain name at a higher price. Ethereum Name Service has protected itself from this problem, this is just as an example.
We know slippage in DeFi when the trader receives a different price than was initially expected. The price at which your order was executed does not correspond to the price that was requested. In addition to the lack of liquidity, a volatile market can also be the cause of this slippage. For example, when you have a trade ready, and the value of these assets suddenly dips.
So how can a front runner influence this? By finding out information from the trade that is not yet included in the block, and then changing this price so that you can only execute your trade at a higher price. A front runner can earn thousands of dollars from this by performing the same attack over and over.
The higher you set your slippage on a DEX, the more likely it is that a frontrunner will use it to influence the price. The bigger your silppage, the more willing you are to actually receive less tokens. These front runners, mostly bots, notice this and will do everything they can to ensure that you get your tokens against the worst-case scenario you enter. For example, do you opt for 20% slippage? Then you will also get 20%, not 15%. Why? If that option were there, the front runner would run away with the better deal.
How to avoid Sandwich Attacks #
Front running and sandwich attacks affect the entire network. It makes trading in DeFi no longer attractive to some, even though the possibilities in DeFi are endless. After all, who wants to pay more than the current price? Therefore, there are a number of ways to minimize these attacks:
Gas price limit #
These attacks can only happen because higher gas fee transactions take precedence over others. By setting a certain limit on this gas price, preferential treatment will take place to a lesser extent. The impact will be less significant. You can never completely eliminate this problem, because there are always differences in gas fees. But by making this difference less significant, it will then also happen less quickly.
Avoid low liquidity pools #
Lack of good liquidity is detrimental to this problem. The smaller this pool, the smaller the chance that an investor will get a good price, because this is more prone to slippage. The higher the slippage, the more profit you can get from a sandwich attack.
Smaller trades #
A sandwich attack is only interesting with larger trades. The bigger the trade, the bigger the profit margin. One way to avoid sandwich attacks is to split your trade into several smaller trades. These small transactions are not interesting enough for front runners. It is true that you always pay a transaction cost on these smaller transactions instead of one fee on the entire trade. This is a choice you make yourself.