A sandwich attack is what happens when an automated bot spots a pending trade on a decentralized exchange, slips its own buy in front of yours to push the price up, lets your trade execute at the worse price, and immediately sells at the new higher price to pocket the spread. The bot extracts value from your slippage. You pay the bill.

In 2025, sandwich-attack bots extracted roughly 1.4 billion USD from Ethereum DEX users alone, and the pattern repeats with similar volume on Solana, BSC, and other chains where the mempool is public. For self-custody holders interacting with on-chain swaps (Uniswap, Jupiter, 1inch, and the rest), sandwich attack MEV is an invisible tax on every meaningful trade. This piece walks through how the attacks work, why they happen on every chain, what slippage settings do, and the defenses worth using.

How sandwich attacks work, step by step

The attack is conceptually simple. There are three moves.

Step 1: Detect your pending trade. When you submit a swap (say 10 ETH for USDC on Uniswap), the transaction enters the mempool, a public queue of pending transactions waiting to be included in a block. Bots monitor this queue continuously, scoring swaps for sandwich profitability.

Step 2: Front-run with a buy. Once the bot identifies a target, it submits its own transaction with a higher priority fee to land in the same block just ahead of yours. The bot's buy pushes the pool price up, so your swap executes against worse pricing.

Step 3: Back-run with a sell. Right after your transaction settles, the bot sells the position it bought a moment earlier, capturing the spread your trade created. The bot keeps the difference after gas and the small slippage it absorbed on the way in.

The whole sequence happens inside one block (12 seconds on Ethereum, around 400ms on Solana). On your end, you see a swap execute at a worse price than the quote suggested. The slippage you observe is the bot's profit.

Why this happens on every chain

Sandwich attacks aren't an Ethereum-only phenomenon. They show up on every chain that combines a public mempool with automated market makers (AMMs).

Ethereum. Mempool transactions are publicly broadcast before inclusion, and Flashbots research has documented MEV behavior on Ethereum for years. Sandwiching on Uniswap and similar venues is routine.

Solana. Transactions hit the network and validators determine ordering inside the slot. Bots, often validators themselves or paying validators, can reorder transactions, which is why sandwiching on Jupiter and Raydium is so common.

BSC, Arbitrum, Polygon. Similar mempool dynamics, similar attack surface, varying bot density. Anywhere ordering is public and AMMs are live, sandwiches happen.

The economics favor the bots. A typical sandwich extracts somewhere between 0.1% and 1% of trade size, scales linearly with size, and can run thousands of times a day across many trades with no human intervention.

What slippage settings do

Open Uniswap or Jupiter and you'll see a slippage tolerance field, often defaulting to 0.5% or 1%. The setting tells the smart contract: reject this trade if the executed price differs from the quoted price by more than this percentage.

Higher tolerance makes sandwich attacks more profitable. If you allow 1% slippage, a bot can extract up to 1% before the contract reverts the trade. Setting tolerance to 0.1% or 0.3% caps the maximum extractable amount, which makes you a less attractive target. The trade-off: very tight tolerance can cause your trade to fail outright in volatile markets, and a failed trade still costs gas.

The practical answer is to use the lowest tolerance that still lets your trade go through reliably. For major pairs like ETH/USDC and BTC/USDT in normal conditions, 0.1% to 0.3% is usually fine. For thinner pairs or volatile periods, 0.5% to 1% may be necessary.

Other defenses worth knowing

A few additional techniques reduce sandwich exposure beyond slippage settings.

Private mempools. Services such as Flashbots Protect on Ethereum and 1inch Fusion route transactions through private channels rather than the public mempool. Bots can't sandwich what they can't see in advance. Slight cost: marginally higher gas and a small bump in execution time.

Limit orders instead of market swaps. Most aggregators (1inch, ParaSwap, CowSwap) support limit orders that only execute at your specified price. Limit orders sidestep the sandwich vector entirely because the price is set at order creation rather than at execution time.

Trade during low-activity periods. Sandwich profitability climbs with volume and active-bot density. Trades during quieter hours (early US morning, weekends) tend to attract fewer attackers. The benefit is marginal but worth knowing.

Split large trades. Sandwich profit scales with trade size, so a 100,000 USD swap is a juicier target than ten 10,000 USD swaps. Splitting reduces per-trade extraction at the cost of more total gas, and the math sometimes favors splitting and sometimes doesn't.

What this means for self-custody holders

A few takeaways frame the day-to-day.

On-chain swaps cost more than the quote suggests. The fee you see on Uniswap is the explicit fee. Sandwich attacks tack on an implicit fee of 0.1% to 1% on most decent-size trades. Factor that into the math before you swap.

Long-term holders barely notice. If you're not actively swapping, sandwich attacks don't touch you. Exposure is per-trade rather than per-position, so the holder who buys Bitcoin once and sits on it for years has zero sandwich exposure.

Routing matters. A good DEX aggregator (1inch, Matcha, ParaSwap, Jupiter) with anti-sandwich routing can cut extraction in a real way. Aggregators have an economic interest in protecting execution quality because users come back when their fills are clean.

What hardware-wallet holders should specifically know

For users connecting our Ryder One or any hardware wallet to a DEX, a few notes apply.

Signing happens on the device. Sandwich attacks don't affect the signing operation itself. The wallet shows you transaction parameters; you verify the destination address and the swap amounts before confirming. The attack happens at the execution layer, after the signature.

Slippage settings live in the dApp, not the wallet. When you set slippage tolerance, you're configuring the smart contract call that the dApp builds. The wallet signs whatever the dApp puts in front of it, so check the dApp's slippage setting carefully before you sign.

Long-tail asset swaps deserve extra caution. Smaller-cap tokens have thinner liquidity, higher slippage, and more aggressive bot activity. The best-execution venue can shift between trades, and the destination address should always be verified on-device before you confirm.

Where Ryder One fits

Ryder One holds your crypto on an EAL6+ Infineon SLC38 secure element, with private keys generated inside the chip and never exported. For DEX swaps, you connect the wallet through WalletConnect or your preferred dApp interface, configure slippage in the dApp, verify the transaction on the 1.6-inch AMOLED touchscreen, and confirm with a hardware button wired directly to the secure element.

The wallet's job is to make sure you're signing what you think you're signing. Sandwich attacks happen after the signature in the execution layer, but every other category of swap-related attack (UI manipulation, address poisoning, drainer signatures) gets caught at the on-device verification step. We layered TapSafe Recovery on top of the chip, so backup splits across a Recovery Tag, a phone backup encrypted in iCloud or Google Drive, and optional Recovery Contacts. The BIP-39 seed phrase stays accessible on-device as a last resort.

The bottom line

Sandwich attacks extract roughly 1.4 billion USD a year from DEX users across major chains, with the playbook running on public-mempool ordering and AMM pricing. The defenses (tight slippage, private mempools, limit orders, aggregator routing) reduce but don't eliminate exposure. For long-term holders, the vector matters less than for active traders, and for everyone interacting with on-chain swaps, understanding the structure and applying the available defenses is worth the few minutes it takes to set up.

Sign what you mean to sign. Ryder One shows every transaction destination on a 1.6-inch AMOLED touchscreen and confirms with a hardware button press, and TapSafe Recovery handles the backup.

SEO

• Target keyword: sandwich attack mev
• SEO title: Sandwich Attacks: How MEV Bots Tax DEX Traders (47 chars)
• Meta description: Sandwich attack MEV bots extracted 1.4 billion USD from DEX users in 2025. Here's how front-running works and how to defend against it. (135 chars)