Review and sign transactions from a single secure screen with Ledger Flex™

Discover now

Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

Sandwich Trading

Feb 18, 2025 | Updated Feb 18, 2025
Sandwich trading, also known as a sandwich attack, is the strategic manipulation of a pending transaction order on a decentralized exchange.

Sandwich trading, also known as a sandwich attack, is the strategic manipulation of a pending transaction order on a decentralized exchange.

What Is Sandwich Trading in Crypto?

Sandwich trading, also known as sandwiching or sandwich attack, is an MEV capture technique that exploits the price movement of cryptocurrencies on decentralized exchanges (DEXs). This is especially common when traders can monitor the network’s mempool and spot pending transactions.

To put it differently, sandwiching involves the attacker placing two orders around a target/pending transaction. For instance, the attacker places one order before and another after the pending order. The unsuspecting trader’s transaction ends up being effectively “sandwiched” between the attacker’s buy and sell orders.

How Does Sandwiching Work?

Imagine that you place a USDT/BTC swap order on a DEX exchange. At the same time, a malicious trader spots your pending transaction and quickly places a buy order for BTC in an attempt to get their order fulfilled first. If their order is executed first, the culprit gains BTC at a lower price while simultaneously increasing the BTC price in the pool.

In this situation, the victim gets BTC at a higher price when their swapping order is executed. The attacker also places a sell order immediately after the victim’s order is executed, selling their BTC at the new inflated price and pocketing the difference. 

To explain, sandwiching involves three main steps. This includes:

  1. Identify a pending transaction – The attacker monitors large pending transactions that could potentially affect the asset’s price.
  2. Front-runningThis is the practice of using advanced mempool knowledge to place one’s transaction based on the pending orders. To ensure their transactions are prioritized over the original trade, the nefarious trader can pay higher transaction fees to incentivize miners or validators. If the attacker’s buy order is filled, the price of the asset inflates, causing the unsuspecting trader to pay more.
  3. Back-running – Involves using the mempool information to place transactions immediately after a high-value transaction is executed. Once the original trade is executed and the asset’s price inflates, the attacker sells their crypto at the new higher price. This potentially causes the asset’s price to drop, leaving the victim with coins worth less than they paid for.

In short, sandwich traders place buy and sell orders around the victim’s transaction to profit from the slippage and price movement the victim’s transaction causes.

Cross-Chain Bridge

A cross-chain bridge is an application that facilitates the transfer of cryptocurrency tokens, assets, or data from one chain to another.

Full definition

Fear Of Missing Out (FOMO)

FOMO stands for the “fear of missing out,” which is the anxiety or fear traders experience when they think they are missing out on a profitable investment or trading opportunity.

Full definition

SocialFi

SocialFi is a blend of social media and decentralized finance principles, where content ownership, control, and monetization are in the hands of users and content creators.

Full definition

Own your crypto future

Stay informed with security tips, updates, and exclusive offers from Ledger

Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time. Learn more

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.