What is an MEV sandwich attack?

MEV (Maximal Extractable Value) sandwich attacks are bots that reorder transactions inside a block or ledger to extract value. They front-run a trader's swap with their own buy, let the victim trade at a worse price, then back-run with a sell for risk-free profit.

How do you prevent sandwich attacks?

Three defenses work: (1) tight slippage tolerance so the trade reverts if pushed too far, (2) private mempools or order-flow auctions that hide your transaction from bots, and (3) protocol-level slot reservations like XRPL's proposed TxnReserve, which let you pay a premium fee to guarantee execution priority.

Why are AMMs vulnerable to sandwich attacks?

Constant-product AMMs (x × y = k) move price along a curve based on trade size. Bots can predict exactly how much a pending trade will move the price and bracket it with their own transactions for guaranteed profit.

Back to calculator

MEV & DeFi guide

What is a sandwich attack in crypto?

Q: What is a sandwich attack in crypto?

A sandwich attack is a form of MEV where a bot places a buy transaction immediately before your AMM swap and a sell immediately after, profiting from the price movement your trade creates while you receive worse execution.

A sandwich attack is one of the most common forms of MEV (Maximal Extractable Value): a bot wraps your AMM swap between its own buy and sell, profiting from the price impact your trade creates while you receive worse execution. This guide breaks down how MEV sandwich attacks work, what they cost you, and which protections actually stop them.

The short definition

A sandwich attack is when an MEV bot:

Sees your pending AMM swap in the public mempool (or ledger queue).
Submits a front-run buy of the same asset just before your transaction, paying a higher fee.
Lets your swap execute at the new, worse price — you receive fewer tokens than you would have.
Submits a back-run sell immediately after, cashing out at the recovered price for guaranteed profit.

The bot's profit comes directly out of your wallet, paid as extra slippage. It's risk-free for the attacker as long as they can order their transactions around yours.

How MEV bots execute the attack

MEV bots monitor the mempool or AMM order flow in real time. When a profitable target appears — a large enough swap on a pool with a predictable price curve — the bot calculates the optimal front-run size and fee bid, then races to land its transactions in the right order.

On Ethereum, bots compete through Flashbots or private builders. On other chains and L2s, including the XRPL once large AMM flows arrive, bots compete by fee bidding inside each ledger.

The constant-product math

Most AMMs (Uniswap, XRPL AMM, PancakeSwap) follow the x × y = k invariant. For a pool with reserves x and y, swapping dx of asset A returns:

dy = (y · dx) / (x + dx)

The larger dx is relative to x, the more the price slips. A sandwich bot exploits this curvature: their front-run buy increases x before your trade lands, so your effective price is meaningfully worse than the quoted one. The bot then sells at the recovered curve.

How much do sandwich attacks cost?

Research from EigenPhi, Flashbots, and academic studies puts MEV extraction on Ethereum alone in the hundreds of millions of dollars per year. For an individual trader, losses depend on trade size relative to pool depth: a $10K swap on a shallow pool can lose 1–3% to a sandwich, while the same trade on a deep pool may lose only basis points. Our interactive calculator shows the exact figures for any trade size and pool depth.

How to prevent sandwich attacks

1. Set tight slippage tolerance

Most AMM frontends let you set a max slippage (e.g. 0.5%). If the bot's front-run pushes the price beyond that, your swap reverts and the attack fails. The trade-off: legitimate volatile markets may also revert your trade.

2. Use a private mempool

Services like Flashbots Protect, MEV Blocker, or CoW Swap route your transaction through a private channel so bots never see it in the public mempool. No visibility means no sandwich.

3. Protocol-level slot reservation (XRPL TxnReserve)

David Schwartz has proposed TxnReserve for the XRPL: you pay at least 2× the normal fee to reserve a specific slot in a future ledger. Reserved transactions execute first, ahead of any fee-bidding bot — the attacker simply cannot insert a transaction before yours, so the sandwich strategy stops being profitable.

Trade-offs at a glance

Defense	Cost	Drawback
Tight slippage	Free	Trades revert in volatile markets
Private mempool	Free / small fee	Slightly slower inclusion
TxnReserve (XRPL)	~2× base fee	Not yet live — proposal stage

Frequently asked questions

What is MEV?

MEV (Maximal Extractable Value) is the profit a block producer or searcher can capture by reordering, inserting, or censoring transactions inside a block. Sandwich attacks are one of the most common forms.

Are sandwich attacks illegal?

No. They exploit how public blockchains order transactions and are unrestricted at the protocol level. Mitigations are technical, not legal.

Does the XRPL AMM have sandwich attacks today?

The XRPL is fast and currently low-volume, so MEV is limited. As AMM volume grows, the same fee-bidding dynamics that drive sandwich attacks elsewhere will apply — which is why proposals like TxnReserve matter now, not later.

See a sandwich attack in action

Open the interactive simulator, set a pool size and trade size, and toggle TxnReserve protection on and off to watch the slippage gauge and ledger queue react in real time.

Try the simulator