By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

MEV/Sandwich Attack on AMMs

AMM represents a comfortable and fast approach to exchanging tokens between different participants of the market. The regulation of token prices in the pool of AMM works by using this formula:

regulation of token prices in an AMM pool

where k represents a constant balance coefficient, which is changed only in a process of mints and burns. A change in the supply of one token can cause a change in the prices of both tokens for this pool, where reserves are affected.

A great representation of how the price changes is shown on the diagram below:

Scheme Demonstrating Shift of Token Reserves With Change of the Token Prices

Picture 1: Scheme Demonstrating Shift of Token Reserves With Change of the Token Prices

During an analysis of the Uniswap pools, it was discovered that distributions of local prices converge with the price distributions on the external markets. This means that traders perform their actions and move prices, thus reflecting external market values. Those periods are the most active periods when traders either try to minimize their losses or maximize their profits. For example, traders willing to exchange USDC to WBTC will wait for the smallest WBTC price to buy a maximum amount of WBTC tokens.

Price changes that are desirable by the trader can be caused by multiple factors depending on the token type, recognition, support by the community, and so on. The complexity of those changes lowers the chances of correct price change predictions, such as the predicted significant increase of NFT-related tokens prices after Meta/Facebook’s decision to invest in the metaverse.

But what if a trader can manipulate the market in such a manner that will shift the price in his desired direction and therefore extract profits?

Base Description of an MEV Attack

Imagine that we have transactions performed by three persons: Bob, Alice, and John. Their transactions are performed on the WBTC/USDC pool and their prices are matching 1:1.

Bob is the first person in the transaction sequence. He performs an exchange of USDC tokens to WBTC tokens. As a result of this transaction, the price has shifted. Now, 1 WBTC token is equal to 1.3 USDC, or that 1 USDC token is equal to 0.769 WBTC.

After Bob’s transaction comes Alice, who exchanged a big amount of WBTC tokens for USDC tokens. As a result of her transaction, the prices changed again. Now, 1 WBTC costs 0.9 USDC and 1 USDC is equal to 1.111 WBTC. Considering that her transaction was performed with a lower price of the WBTC token, she incurred big losses.

After Alice, John exchanged WBTC tokens for USDC tokens. If John’s transaction was executed before Alice and Bob, he would have been exchanged WBTC with a price of 1 USDC. However, at this point, his transaction will be now be performed with the WBTC price equal to 1.111 USDC. This means that John extracted profit out of this transaction sequence, while Alice lost part of her capital.

But what if Bob and John are one and the same person? In this case, John performed manipulation of the token price in such a way to cause Alice’s losses and backward price shift and then to exchange tokens with a profitable price. This is a case of token price manipulation and below is a visualization of this attack.

MEV Attack Scheme Visualization

Picture 2: MEV Attack Scheme Visualization

It is impossible to perform such market manipulation without prior knowledge of Alice’s transaction (will be referred to as the victim) details. The attackers must first know information about the transactions of the victim and have financial resources for performing efficient attacks to extract bigger profits.

The properties of blockchain and AMM market do not allow knowledge of this information before the transaction is executed for a simple trader, thus the attacker must somehow have gotten close enough to obtain confidential information before it became public (since all transactions after their execution can be seen). This means the attacker has an advantage over other traders from an informational perspective, but there is also another important moment.

The attacker must place two transactions – right before and right after the victim’s transaction. As the order of transactions depends on how the miner will pick the sequence of transactions, there are two main factors in how the attacker was able to place those transactions:

  1. The attacker has access to the information about big swaps to perform an efficient market manipulation attack;
  2. The attacker is sure that the victim’s transaction will be placed between his two transactions to form a “sandwich”.

Considering these factors, it is possible to perform an attack only in case of interaction with a miner, or if the attacker is a miner himself/herself. Therefore, such an attack is called an MEV (Miner Extractable Value) attack.

How an MEV Attack Is Performed

An attacker either looks out for pending transactions if he is a miner to find one that will be profitable for performing an MEV attack, or he looks out for information coming from a miner that pings either all incoming transactions or the profitable ones. A profitable transaction is considered one that has a heavy impact on the token prices and attackers may extract higher profits out of those price changes.

A profitable attack is one that causes high price changes, and in most cases, it means transactions with high values relative to the available pool reserves. An attacker will collect financial resources to perform transactions that will cause a heavy impact on the price and performs the attack in such a manner to extract the desired token by performing an exchange with the tokens present in the pool.

With this scheme, here is the sequence of an MEV attack:

Most of the attacks are also performed with the following properties:

Example of Internal Transactions Performed by MEV Bot With Extracted Profits

Picture 3: Example of Internal Transactions Performed by MEV Bot With Extracted Profits

MEV Attack Risks and How to Deal With Them

MEV attacks have risks that should be handled in order to perform efficient MEV attacks. First of all, slippage may be a strong limiter of profits. Slippage works by a simple principle: if a trader places a slippage equal to 5%, then if the token price will change in any direction higher than 5%, the transaction will be prevented or otherwise not executed. Such a simple principle can prevent MEV attacks or minimize losses.

An attacker can still extract profits out of the victim’s transaction, but in this case, he will be required to perform market manipulation in such a way that the slippage factor will not be exceeded. It means that if a trader sets a slippage equal to 5%, then the attacker should perform a trade that will change the token price by 4.9% or smaller. This strongly limits the amount of extractable profit by performing the attack.

Picture 4: Example of How Slippage Regulation Works With the Red Point Representing Blocked Transaction (it should have been performed with the price exceeding the difference threshold)

Another problem in performing MEV attacks is the gas fee. Gas fee depends on the current gas price, which is also dependent on the current load on the miners executing transactions and the amount of used gas. MEV attackers can try to perform their activity in periods with higher activity of traders because there are more transactions that can be targeted to extract profits. Therefore, MEV attackers will more likely perform their attacks during higher gas prices.

Picture 5: Classic Pools and Meme Token Pools Netto of MEV Attacks Profits Values Across Time for Reviewed Cases of Uniswap Pools

MEV attackers will perform the activity in such a way that price change will not exceed the slippage factor value, and that it will cover losses by gas fees. Considering the high recognition and liquidity of popular tokens like WETH and WBTC, traders are more likely to set slippage limitations. This is also possible in the case of STO tokens, considering that their price distributions look similar to the share-like ones.

However, meme tokens and NFT-related tokens are unique cases, and they are the most attractive pools for attackers. Why?

Meme tokens and NFT-related ones prices are totally speculative and depend on their demand based on recognition/popularity on the market. Any social media mention, any news related to their recognition, any change can cause a heavy price impact. Because of such price behaviour, it is almost impossible to predict further price changes. This causes traders to perform fast and massive trades of their tokens with any price change because of the will to either maximize their profits or minimize their losses.

Picture 6: Classic Tokens and Meme Token Pools Gas Costs Values Across Time for Reviewed Cases of Uniswap Pools

Due to this exchange strategy and since the transaction is pending, the price can heavily change. Thus, it is unlikely that the trader will set a slippage parameter, therefore removing limits for the attacker to perform an attack. Considering that fast trades are also performed as fast as possible with higher values, the attackers have more chances to catch profitable attacks.

With these advantages of meme and NFT-related token pools for attackers comes one big disadvantage. As it was mentioned, attackers perform their activity during the increased trader activity, meaning that the gas prices will greatly increase. The amount of performed transactions in meme and NFT-related pools becomes much higher. Therefore, the profitability of performed attacks greatly decreases. In this case, the attacker should be sure that extracted profits will cover losses out of gas fees.

MEV Attack Results

This section will demonstrate the overall MEV attack situation for each type of pool. For each type, we will demonstrate one pool that suffered the most out of the reviewed pool types. This will show the difference between MEV attack strategies depending on the pool type and will provide a closer look at the size of the problem.

Classic Pools General Situation

Statistics of MEV attacks on classic pools are:

Picture 7: Brutto and Netto Profit Values Over Time for Reviewed Classic Pools on Uniswap

The overall situation of the MEV attacks performed on classic pools (WBTC/USDC, WETH/USDC, WBTC/DAI, FEI/WETH, HKMT/USDT, IXS/WETH) demonstrates the low frequency of the attacks, low influence of MEV attacks on the history of those pools, some unique cases of MEV attacks with high profits, and greatly increasing spendings on paying gas fees.

Attacks that started from the beginning of 2021 reached their peak around the summer and dropped around the end of 2021, which may be connected to raised gas fees and the decrease in attack profitability.

Considering the big size of token transaction history, capitalization of the activity in reviewed pools and popularity of the tokens should lead to the biggest MEV attacks and therefore biggest extracted MEV attacks. But MEV attacks are not so frequent and efficient due to the more stable trades in those pools, more stable price distribution, and use of slippage parameters.


WETH/USDC pool has the following properties:

MEV attacks performed on this pool contained half of the netto profits extracted from classic pools. Gas spendings are minimal, the frequency of MEV attacks is low, and the capitalization of MEV attacks is too small relative to the capitalization of the entire pool activity.

The efficiency of MEV attacks is high but compared to the results of MEV attacks performed by NFT-related pools and meme tokens pools (will be demonstrated further). they are not impressive.

There is a dependency between attacks and activity in the pool – the attackers start the attacks if there is a rise in trading activity. After the rise of the gas fees, the profitability of the attacks has become much smaller.

Picture 8: Brutto/Netto Profits and Trading Capitalization Values Over Time for WETH/USDC Pool

The activity of both traders and attackers has started from the rise of Ether token price during Spring 2021 and the highest profits are extracted during the biggest values in Ether price (May 2021). The attackers performed their activity during the big changes in token prices when traders are performing big trades and slippage would be removed because of traders’ will to extract maximal possible profits. Classic tokens are changing less often and not so much compared to other token types. Therefore, it is harder to perform efficient MEV attacks.

NFT-Related Pools General Situation

Statistics of all collected MEV attacks on NFT-related pools:

The brutto profits are twice higher than classic pools while the capitalization of performed activity is around 20 times smaller, which means a higher performance of MEV attacks. The impact and frequency of MEV attacks on the pools are much higher, and gas spendings compared to the case of classic tokens are extremely high.

Picture 9: Brutto/Netto Profit Value Over Time in The NFT-Related Pools

As it was mentioned before, the price of the NFT-related tokens is speculative and depends on either the product to which it is linked or on the platform where they can be used. The speculative nature of the NFT-related tokens price causes traders to sell tokens in case of bigger prices and buy in case of smaller token prices. Considering that there are no guarantees about further positive price change and no efficient prediction strategy, trades are extremely big and performed with any price change, opening opportunities for attackers to extract high profits. Slippage in those cases will be disabled because traders know about fast price changes and that they are big, meaning that slippage may prevent transaction execution and traders won’t be able to sell tokens at profitable prices (or buy them).


Current pool statistics:

Almost half of the profits are lost due to the gas costs. Considering the anomalous increases in trades around NFT-related token price changes, the gas fees are rising because of the higher load on the miners executing transactions. The increased gas fees in the summer of 2021 led to the extreme profit losses that can be seen in the difference between the netto and brutto profit values in the second half of 2021.

Picture 10: Brutto/Netto Profit and Capitalization Values Over Time for SAND/WETH Pool

The activity of the traders greatly increased around the end of 2021 due to raised public interest in the metaverse, as well as Facebook’s integration into the metaverse community. SAND is a token used in the Sandbox platform for the exchange of voxel models and the construction of a local metaverse based on voxel style. A possible further decrease of popularity (and therefore, decrease in token price) will lead to new options for MEV attackers to extract profits and attack traders willing to save their capital by selling less precious tokens.

STO Pools General Situation

Statistics of all collected MEV attacks on STO pools:

The extracted profits are extremely small, even considering smaller capitalization of activity compared to the classic tokens pools. The gas spending caused 28.59% losses of extracted profits, meaning that the profitability of the attacks on those pools is much smaller compared to the classic tokens pools. The strange moment here is that with smaller profits extracted from pools plus higher gas fees, the frequency of MEV attacks is higher compared to the case of classic tokens pools.

Such a strange behaviour of the attacks is linked to the principle behind STO tokens. Their prices are either supported on a specific acceptable level or are linked to some goods/services, meaning that their price is not totally speculative and therefore price changes will be more stable compared to cases of tokens with totally speculative prices. Because of this principle, chances of having a situation when a big exchange of tokens in a short time is required due to great price change are extremely unlikely. The STO token prices are more predictable and estimation of slippage parameters will not be an activity breaker (as in the case of NFT-related tokens or meme tokens), decreasing the possible efficiency of performing MEV attacks on such pools.

Picture 11: Brutto/Netto Profit Value Over Time in the STO Token Pools

The coefficient of MEV attack capitalization to total activity capitalization for STO token pools demonstrate a smaller impact compared to NFT-related tokens pools and a little higher compared to the classic tokens pools (here should be considered much smaller activity capitalization). After the summer of 2021, the profitability of the attacks has strongly decreased as in the previous cases, demonstrating how impactful the change of fee strategy was for the attackers. Based on those results, it can be considered that STO tokens have lower risks of high attention from MEV attackers and the efficiency of those attacks is much smaller compared to other pool types.

mAMZN/UST Pool Case

Current pool statistics:

From all reviewed STO pools, the MEV attack results of this one are the best. Compared to the previously reviewed cases, it can be seen how small are the extracted profits and that even in this case of such small profits, the attackers have lost 21.32% of their profits to pay for gas fees. The frequency of MEV attacks is similar to the case of NFT-related tokens, but profits are much smaller and MEV attack capitalization impact is smaller.

Picture 12: Brutto/Netto Profits and Capitalization Value Over Time for mAMZN/UST pool

The attacks happened during higher trader activity periods and during the summer of 2021, the profitability of those attacks have decreased, demonstrating the impact of gas fee incrase on the profitability of the attacks. Therefore, the efficiency of the attacks on STO pools is questionable.

Meme Pools General Situation

Meme pools represent the most interesting case of MEV attacks strategy. Statistics of all collected MEV attacks are next:

Profits are extremely high compared to all previous pool types and are even extremely higher compared to all previous pool types collected together. Attackers lost 16.8% of their profits on paying gas fees. The capitalization impact of the MEV attacks on the pool is the biggest, while the frequency of the MEV attacks is similar to the case of NFT-related pools, demonstrating how big are the attacks performed on meme tokens pools.

While meme tokens pool activity capitalization is almost four (4) times smaller than classic token pools, one profit is much higher. This was explained previously by the speculative nature of the price of those tokens and that any price change on the market leads to an extreme rise in traders’ activity willing to minimize their losses or maximize their profits. Those situations are used by the attackers. The nature of those trades leads to big price changes, meaning that possible profits are higher. Even with higher gas spendings attacks on those pools are more efficient than on any other pool type.

Picture 13: Brutto/Netto Profit Value Over Time for All Reviewed Meme Token Pools


Current pool statistics:

Netto profits extracted from this pool are the biggest one out of all reviewed pools. The frequency of the attacks is relatively high relative to the number of transactions performed. The capitalization of MEV transactions relative to total trading capitalization is also high and demonstrates the impact of the attacks on trading process inside this pool. Attackers lost only 11.23% of their profits because of gas spendings, demonstrating that even higher gas fees are not able to cause decrease of interest in performing attacks on this pool.

Picture 14: Brutto/Netto Profit and Capitalization Values Over Time for SHIB/WETH Pool

There is a correlation between capitalization of performed activity and extracted profits, demonstrating that in this case, the profitability of attacks directly depends on the amount of performed trading activity. Closer to the end of 2021. the increased gas fees caused a decrease in the profitability of performed attacks, but attacks are still efficient enough to perform MEV attacks.

The distribution of both MEV attacks profits and trading activity capitalization totally matched the distribution of the SHIB token price. The changes in the price are big and therefore, traders try to perform swaps while price changes are able to give them profits and attackers are using this aspect.

Picture 15: SHIB Token Price Distribution From March 2021 Until March 2022 Conform


MEV attack is one way of market manipulation that uses the advantages available to the attackers to direct and shift token prices using a big swap. As a result, this will cause the victim’s transaction to be performed at such a price that the victim has losses. This will shift the token price into another direction and form a profitable price for the attacker, who performs backward transactions and extracts profits by it. It is possible to stabilize price behaviour and there are tools available for the traders to save their capital, but characteristics of some token type pools reduce the applicability of those tools and strategies because of trading strategy.

Classic tokens and STO tokens pools are more stable. Trading using these tokens is more predictable, the price has smaller deviations, and the overall price tendency is more positive. The price changes stimulate trades but do not cause anomalous changes in trading. Both classic tokens and STO tokens trading activities are more stable with small/medium rises in trading during price change periods.

NFT-related and meme tokens pools are less stable. Their prices have higher deviations, they are more speculative, and any change in price causes extreme rises in trading activity, whereas stable periods have low trading activity. The strategy of traders who perform their activity with those tokens is to use any price change as much as possible because further price behaviour is unpredictable and recognition of those tokens is smaller. This strategy means that the application of mitigation mechanisms will prevent traders from using those price changes to extract the highest possible profits. Application of the slippage parameter may prevent traders from swapping tokens in periods of price big changes.