Get up to $90 of BTC for one week only.

Bitcoin boost

Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

Sandwich Trading

Feb 18, 2025 | Updated Feb 18, 2025
Sandwich trading, also known as a sandwich attack, is the strategic manipulation of a pending transaction order on a decentralized exchange.

Sandwich trading, also known as a sandwich attack, is the strategic manipulation of a pending transaction order on a decentralized exchange.

What Is Sandwich Trading in Crypto?

Sandwich trading, also known as sandwiching or sandwich attack, is an MEV capture technique that exploits the price movement of cryptocurrencies on decentralized exchanges (DEXs). This is especially common when traders can monitor the network’s mempool and spot pending transactions.

To put it differently, sandwiching involves the attacker placing two orders around a target/pending transaction. For instance, the attacker places one order before and another after the pending order. The unsuspecting trader’s transaction ends up being effectively “sandwiched” between the attacker’s buy and sell orders.

How Does Sandwiching Work?

Imagine that you place a USDT/BTC swap order on a DEX exchange. At the same time, a malicious trader spots your pending transaction and quickly places a buy order for BTC in an attempt to get their order fulfilled first. If their order is executed first, the culprit gains BTC at a lower price while simultaneously increasing the BTC price in the pool.

In this situation, the victim gets BTC at a higher price when their swapping order is executed. The attacker also places a sell order immediately after the victim’s order is executed, selling their BTC at the new inflated price and pocketing the difference. 

To explain, sandwiching involves three main steps. This includes:

  1. Identify a pending transaction – The attacker monitors large pending transactions that could potentially affect the asset’s price.
  2. Front-runningThis is the practice of using advanced mempool knowledge to place one’s transaction based on the pending orders. To ensure their transactions are prioritized over the original trade, the nefarious trader can pay higher transaction fees to incentivize miners or validators. If the attacker’s buy order is filled, the price of the asset inflates, causing the unsuspecting trader to pay more.
  3. Back-running – Involves using the mempool information to place transactions immediately after a high-value transaction is executed. Once the original trade is executed and the asset’s price inflates, the attacker sells their crypto at the new higher price. This potentially causes the asset’s price to drop, leaving the victim with coins worth less than they paid for.

In short, sandwich traders place buy and sell orders around the victim’s transaction to profit from the slippage and price movement the victim’s transaction causes.

Leverage

Leverage refers to when individuals use borrowed money or capital to amplify their buying or selling power in a market.

Full definition

LFG

LFG, the acronym for “Let’s Fucking Go” or “Let’s Freaking Go,” represents an expression of excitement, enthusiasm, or support toward a crypto project or market.

Full definition

Cryptojacking

Cryptojacking is a cybercrime that involves stealing and exploiting the victim’s computing resources to generate digital assets, such as mining Bitcoin.

Full definition

Own your crypto future

Stay informed with security tips, updates, and exclusive offers from Ledger

Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time. Learn more

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.