The decentralized finance (DeFi) landscape has many opportunities but is also susceptible to different types of attacks. Illegal activities occur due to DeFi code on smart contracts vulnerabilities, which lead to flash loan attacks, rug pulls, and, recently, sandwich attacks.

If you are unfamiliar with the concept, you might not be alone in this since sandwich attacks are less popular than rug pull. But when they happen, they can cause problematic situations in DeFi.

The Sandwich Attack Concept

A sandwich attack is a form of front-running that primarily targets DeFi protocols and services. The concept works within the whole perception behind a sandwich. It is about sandwiching a victim’s transaction between 2 other transactions.

The activities happen during 3 consecutive transactions on the same token. The first two transactions are buy transactions, while the last one is a sell transaction. The attacker sends the first and the last transaction. Thus, the attacker will front-run and back-run simultaneously, with the original pending transaction sandwiched in between.

The purpose of placing the two orders simultaneously while surrounding pending transactions is to manipulate asset prices.

How Does a Sandwich Attack Occur?

First, the attacker buys a token and pumps the price through transaction one. Then, through transaction two, the victim buys the token, which pumps the price even more. Lastly, the attacker then sells the token at a hiked price.

The concept makes the sandwich attack method seem easy and straightforward to carry through. One can carry out the method repeatedly without any consequences.

However, any attacker must be prepared to pull such an attack on a DeFi protocol. As a result, attackers mainly utilize automated market maker solutions (AMMs). Such as Uniswap, PancakeSwap, Sushi and others.

Liquidity is always high due to their pricing algorithms, and trades execute continuously.

The Sandwich attack may happen during crypto lending, borrowing, DeFi operations, or even DEX trading.

Any user can, however, protect themselves from such crypto attacks. It may be through;

1. Using an MEV-proof DEX like CoWSwap.

2. Utilize the new Instadapp feature known as Private Transactions.

3. Set low slippage on DEXes, so a transaction fails if there is an MEV attack. However, it is vital to note that failed transactions also cost gas.

As time goes by, it is clear that more and more DEXs will have MEV-protection features. This mostly happens with low-cap coins and could also be normal during a frenzy upon a launch