DEFI Sandwich Attack Explain
In this article, I am going to summarise what is sandwich attacks with an example and mathematical view so you can understand crypto market manipulation.
Sandwich attacks are not new, Vitalik already talked about them in the context of Uniswap in 2018.
Let's try to understand what sandwich attack is in simple terms.
What is a Sandwich attack?
A victim transaction trades a crypto-currency asset X (ex: ETH, DAI, SAI, VERI) to another crypto-asset Y and makes a large purchase. A bot sniffs out the transaction and Front-Runs the victim by purchasing asset Y before the large trade is approved. This purchase raises the price of asset-Y for the victim trader and increases the slippage ( Expected price increase or decrease in price based on the volume to be traded and the available liquidity).
Because of this high purchase of asset Y, its price goes up, and Victim buys at a higher price of asset Y, then the attacker sells at a higher price.
Breaking Down the Sandwich Attack
These attacks often appear in the wild due to the public nature of blockchains, all transactions can be observed by anyone in the mempool (unless one has a special direct link to a mining pool). Alternatively, smart contracts may contain functions without access restrictions performing such a trade. These functions often exist for claiming LP reward tokens and immediately swapping them for some other token using a DEX.
mempool : The main utility of a mempool, is its ability to store network transactions so that they can be processed later.Front-Runs: Front Running happens when a attacker manupulate a standard transaction. The Front-Running bot(attacker) searches for victims by scanning transactions in the mempool so an attacker can jump ahead of the trade.
- The sandwich attack follows a similar course :
- Detect the victim’s transaction.
- Front-Run the victim’s transaction.
- Victim transacts and suffers higher slippage.
- The attacker then back-runs the victim.
Uniswap
Let's understand how the market works using an example.
- Exchange Macanisam: The market contains an internal state,
PRICE
, which is the current market price. It would also have two parameters,FEE
, andDEPTH
. If a user wants to buyORDER_AMOUNT
coins, they would raise the price to,PRICE + ORDER_AMOUNT / DEPTH
, and pay
ORDER_AMOUNT * (PRICE + ORDER_AMOUNT / DEPTH / 2) * (1 + FEE).
Essentially, this constitutes buying an infinitesimal number of coins at every price point between the old price and the new price.
- Uniswap: Uniswap equation characteristic is
r0 * r1 = k
an equation wherer_i
are the reserves of a Uniswap pool. Uniswap takes a fee of 0.3% on the input amount of each trade. - Uniswap trade equation
- The sandwich attack involves frontrunning the victim trade with a trade buying the same asset. The gained tokens are sold again after (back running) the victim trade.
What makes a sandwich attack:
Let’s have a closer look and analyze what makes a sandwich attack.
- Automated Market Maker (AMM): This is a predefined pricing algorithm that automatically performs price discovery and market-making based on the assets in the liquidity pools. The AMM allows liquidity providers to watch and follow the market, then set the bid and ask prices. Liquidity takers, in their turn, trade against the AMM.
- Price Slippage: Price slippage is the change in the price of an asset during a trade. Expected price slippage is the expected increase or decrease in price based on the volume to be traded and the available liquidity where the expectation is formed at the beginning of the trade.
` Unexpected price slippage is the increase or decrease in price that occurs. during the transaction process for some unknown or unpredicted reason `.
- Expected Execution Price: When a liquidity taker issues trade on X/Y, the taker wishes to execute the trade with the expected execution price (based on the AMM algorithm and X/Y state), given the expected slippage.
- Unexpected Price Slippage: The difference between the execution price and the expected execution price.
- Unexpected Slippage Rate: The unexpected slippage over the expected price.
Summarise
You can understand how the sandwich attack works in general. so for my opinion bot or attacker analyse transaction in the Mempool to decide to launch an attack or not. So it would be better to encrypt transaction details.
zk-SNARKs: There are proposals in the community to use zk-SNARKs, a zero-knowledge-proof technique, to achieve this goal. In other words, zk-SNARKs would be used to encrypt and hide each transaction's information, so the bot could not do anything about it.
However, this approach is not enough to control this kind of attack because it has drawbacks like high Gas cost and the possibility that it can be used to perform blocking attacks that result in the reduction of overall liveness.
The present scenario is still in R&D work to defend this kind of attack in blockchain mempool.
Reference :
- https://uniswap.org/docs/v2/smart-contract-integration/trading-from-a-smart-contract/
- https://cmichel.io/de-fi-sandwich-attacks/
- https://www.semanticscholar.org/paper/High-Frequency-Trading-on-Decentralized-On-Chain-Zhou-Qin/3baaa599187dddadf085ed6c43141874d4189c51
Join Coinmonks Telegram Channel and Youtube Channel get daily Crypto News
Also, Read
- Copy Trading | Crypto Tax Software
- Grid Trading | Crypto Hardware Wallet
- Crypto Telegram Signals | Crypto Trading Bot
- Best Crypto Exchange | Best Crypto Exchange in India
- Best Crypto APIs for Developers
- Best Crypto Lending Platform
- An ultimate guide to Leveraged Token
- 7 Best Zero Fee Crypto Exchange Platforms
- Best Online Casinos | Futures Trading Bots
- Decentralized Exchanges | Bitbns FIP
- 10 Best Places to Buy Crypto with Credit Card
- Best Crypto Trading bots in Canada | Bybit vs Binance