define sandwiched

What Is a Sandwich Attack?

A Sandwich Attack is a strategy in which bots exploit your trade by placing their own transactions both before and after yours to profit from slippage.

This attack falls under the broader category of Maximal Extractable Value (MEV), where validators or searchers gain extra profit by reordering transactions within a block. Sandwich attacks are most commonly seen in Automated Market Maker (AMM) pools such as Uniswap, where token prices are determined by an algorithm and update in real-time with every trade.

When a bot detects your pending transaction, it submits a "front-running" trade first to move the price against you, causing your swap to execute at a worse rate. After your trade goes through, the bot immediately executes a "back-running" trade to return the price to its original level, thereby locking in profit. The attacker’s main profit source comes from your slippage tolerance—the range of price deviation you’re willing to accept.

Why Should You Understand Sandwich Attacks?

Sandwich attacks can significantly increase your trading costs and lead to worse outcomes than expected.

For regular users, the most visible effect is that a seemingly normal swap executes at a much less favorable price than quoted, and your transaction is flanked by two large trades in the transaction history. The smaller your trade or the wider your slippage tolerance, the more likely you are to be targeted.

For market makers and project teams, sandwich attacks can cause sharp price swings during token launches or marketing events, diluting real buy orders and impacting both pricing and user experience.

Understanding sandwich attacks helps you choose optimal trading methods and timing, reducing losses. It also enables teams to design more MEV-resistant routing and parameters.

How Does a Sandwich Attack Work?

A sandwich attack profits through a "buy-then-sell" or "sell-then-buy" sequence around your transaction.

Step 1: A searcher spots your pending swap in the mempool. Suppose you’re swapping 1,000 USDC for token X with a 1% slippage setting.

Step 2: The searcher submits a "front-run" trade, such as buying token X first to push the pool price higher. Since AMMs price tokens according to formulas, your expected execution price gets worse after this front-run.

Step 3: Your trade executes at this less favorable price. As long as your 1% slippage tolerance isn’t breached, the system processes your order, meaning you receive fewer tokens X at a higher price.

Step 4: The searcher immediately submits a "back-run" trade to sell the previously bought token X back into the pool, restoring the price close to its original state. The profit comes from the difference created by your slippage window, while the main risks are sudden market moves and failed transactions (gas costs).

Sandwich attacks are more likely—and profitable—when you set high slippage, use public RPC endpoints, or trade volatile tokens during peak activity. In contrast, using limit orders, private transactions, or protected routing makes it harder for searchers to detect and reorder your trade.

How Do Sandwich Attacks Manifest in Crypto?

Sandwich attacks are common on Ethereum mainnet and L2 AMM pools, especially during high-volatility, event-driven periods.

In popular AMM pools like Uniswap, telltale signs include two large back-to-back trades surrounding your swap when tokens are newly listed, promoted by influencers, or in response to major on-chain news or airdrop speculation. Blockchain explorers often show your swap "sandwiched" between two large trades.

When using Gate’s Web3 wallet for aggregated swaps via public RPCs with high slippage on volatile tokens, you also face sandwich risk. By contrast, on Gate’s centralized exchange (CEX) spot order book, trades are matched by time and price priority and don’t appear in public mempools—making sandwich attacks nearly impossible—though other forms of trading costs and slippage (such as market impact) still apply.

On L2s (like Arbitrum, Optimism) and other EVM chains (such as BSC, Polygon), lower gas fees let searchers attempt more sandwich attacks at scale, but per-trade profits are smaller and rely on high-frequency strategies.

How Can You Reduce the Risk of Sandwich Attacks?

Mitigating sandwich attacks involves managing visibility, slippage tolerance, and timing.

Step 1: Lower your slippage. Set slippage for swaps only as wide as needed for execution—prefer tighter limits or limit orders during busy periods.

Step 2: Use protected RPC endpoints or private transactions. These send your trades through MEV-resistant relays or private pools, reducing mempool exposure. Many wallets and routers offer such options.

Step 3: Choose limit or fragmented execution. Limit orders or TWAP (time-weighted average price) splits reduce one-off market impact and minimize sandwich windows.

Step 4: Avoid hot periods. The first few minutes after token launches or major announcements see intense sandwich activity. Opt for deeper liquidity pools and more stable periods for trading.

Step 5: Simulate before trading. Use simulation tools or router “expected execution price” features to compare routes and spot abnormal price impact or slippage projections.

When using Gate’s Web3 aggregator, enable MEV protection if available, and use limit or split orders on volatile tokens. On Gate’s CEX, use limit orders or iceberg orders to control execution price and exposure.

Recent Trends and Data on Sandwich Attacks

Sandwich attack activity and defense mechanisms have evolved in tandem over the past year.

According to public dashboards and research teams’ data from 2025, MEV-derived revenue remains high—with sandwich attacks as a key contributor. While data varies by dashboard source, typical daily MEV revenue ranges from millions to several million USD; during major events, both the number and share of sandwich-tagged transactions spike (based on multiple public dashboards from Q3-Q4 2025).

Throughout 2025, as L2 trading volume increased and transaction fees dropped, sandwich attacks accounted for a higher share of L2 MEV activity—but per-trade profits decreased, relying more on frequency and optimized routing. More routers and wallets have launched protected RPCs, private transactions, and intents-based matching over the past six months. Some DEXs have reported declines in sandwich attack rates in major pools (referencing various protocol updates and dashboards from H2 2025).

For regular users, one clear change in late 2025 is that protected routing has become more common by default; recommended slippage settings are more conservative; and "price impact" warnings for trending tokens are clearer. In 2026, these protections are expected to become default settings across more wallets and aggregators.

What Is the Difference Between Sandwich Attacks and Frontrunning?

A sandwich attack consists of both "frontrunning" and "back-running," while frontrunning only covers the first part.

Frontrunning refers to placing a trade just before yours to move the price against you; a sandwich attack "sandwiches" your order with both a preceding and a following trade that restores the original price, thus securing profit. Both rely on transaction ordering and mempool visibility, but sandwich attacks are more sensitive to slippage settings and pool depth due to their complete structure.

To distinguish them: If you see only one large trade in the same direction immediately before yours, it’s likely frontrunning; if you see both a large pre-trade and an opposite post-trade bracketing yours, it’s likely a sandwich attack. Understanding this difference helps you choose more targeted defensive strategies.

Key Terms

• MEV (Maximal Extractable Value): Extra profit earned by miners or validators through transaction ordering—closely linked to sandwich attacks.
• Sandwich Attack: An attacker inserts their own trades before and after a target transaction to profit from induced price movement.
• Mempool: The temporary storage area for pending blockchain transactions—a primary hunting ground for sandwich attackers.
• Transaction Ordering: The process of determining transaction sequence within a block; directly impacts execution price and sandwich vulnerability.
• Slippage Protection: User-defined price tolerance mechanisms that help prevent excessive losses from events like sandwich attacks.
• Private Pool: Trading channels that conceal transaction details from public view—lowering the risk of being targeted by sandwich attacks.

FAQ

What losses can sandwich attacks cause in my trades?

Sandwich attacks result in your trade executing at a worse price than intended—leading to extra slippage loss. Attackers manipulate prices by inserting their own transactions before and after yours so you buy at an inflated price or sell at a depressed one. These losses typically show up as devalued tokens or reduced profits, with especially significant impact on larger trades.

How can I tell if my transaction was targeted by a sandwich attack?

Watch for abrupt price swings just after submitting your trade. Key signs include: sharp immediate volatility upon submission; execution prices much worse than expected; unexplained wallet addresses rapidly trading right before and after yours in block explorers. Using limit orders instead of market orders on platforms like Gate can also help flag unusual activity.

Are small trades vulnerable to sandwich attacks?

Small trades are less likely targets because attacker costs (gas fees) may outweigh potential gains. However, in low-liquidity pairs or unusual market conditions, even small transactions can be at risk. It’s advisable to stick with high-liquidity pairs on mainstream platforms like Gate and to trade during busier periods for lower risk.

Does using private transaction pools completely prevent sandwich attacks?

Private transaction pools (such as Flashbots) greatly reduce sandwich risk since your order is hidden from public mempools. However, they aren’t foolproof—the operators themselves may present risks, and some cross-chain or DeFi interactions can still expose your intentions. Combining platform-level risk controls (like those on Gate) with private pool usage offers optimal protection.

Why are sandwich attacks more severe on DEXs than centralized exchanges?

DEX trading is highly transparent—all transactions are visible in public mempools, making it easy for attackers to monitor and jump ahead. On centralized exchanges like Gate, order books are private with rapid matching engines—attackers cannot easily target specific trades. Moreover, DEX blocks take longer to finalize, giving attackers more time to act. For large trades especially, centralized exchanges tend to offer greater security.

References & Further Reading

• https://www.merriam-webster.com/thesaurus/sandwiched
• https://www.collinsdictionary.com/us/dictionary/english/sandwiched
• https://www.merriam-webster.com/dictionary/sandwich
• https://ahdictionary.com/word/search.html?q=sandwiched
• https://www.yourdictionary.com/sandwiched
• https://dictionary.cambridge.org/us/dictionary/learner-english/be-sandwiched-between-sth-sb
• https://dictionary.reverso.net/english-definition/sandwiched