Types of MEV: Front-Running, Sandwich Attacks & More

MEV manifests in several distinct forms, each exploiting the ability to control transaction ordering in different ways. Understanding these attack types is the first step toward protecting yourself.

Front-Running

Front-running occurs when someone observes a profitable pending transaction in the mempool and submits their own transaction ahead of it, typically by paying a higher gas fee. For example, if a trader submits a large buy order for a token on Uniswap, a front-runner can place their own buy order first, drive the price up, and then profit when the original large order pushes the price even higher.

Front-running in crypto mirrors illegal practices in traditional finance — but on public blockchains, the mempool is visible to everyone, and there is no regulatory body to enforce fair ordering. It is the "wild west" of financial markets.

Sandwich Attacks

A sandwich attack is a more sophisticated variant of front-running. The attacker places one transaction before and one transaction after the victim's trade, "sandwiching" it:

1. Front-run: The attacker buys the token just before the victim's trade, pushing the price up.
2. Victim's trade: The victim's buy order executes at the now-inflated price.
3. Back-run: The attacker immediately sells the token at the inflated price, pocketing the difference.

Sandwich attacks are extremely common on Ethereum DEXes. Studies show they cost users millions of dollars per month in worse execution prices.

Arbitrage

Arbitrage MEV is considered the most "benign" form of MEV. When the same token trades at different prices across two or more decentralized exchanges, MEV bots can buy on the cheaper exchange and sell on the more expensive one within the same block. While this extracts value, it also serves a useful function by equalizing prices across markets — improving overall market efficiency.

Liquidation MEV

In DeFi lending protocols like Aave or Compound, borrowers must maintain a certain collateral ratio. When collateral value drops below the threshold, the position can be liquidated. MEV bots compete to be the first to trigger these liquidations, earning a liquidation bonus. While liquidations are necessary for protocol health, the intense competition among bots drives up gas fees for everyone.

Time-Bandit Attacks

Time-bandit attacks are the most extreme form of MEV. In theory, if the MEV available in a past block is large enough, a miner could attempt to re-mine old blocks to capture that value — essentially reorganizing the blockchain's history. While this is mostly theoretical and extremely expensive on Bitcoin, it represents the ultimate risk that unchecked MEV poses to blockchain security.