Sandwich attacks are one of the most talked-about threats in DeFi trading. On Ethereum, they've extracted billions from unsuspecting traders. On Solana, the dynamics are different — but the risk is real and evolving. Understanding how sandwich attacks work is essential for anyone trading on decentralized exchanges.
What Is a Sandwich Attack?
A sandwich attack is a form of MEV (Maximal Extractable Value) where an attacker places two transactions around your trade — one before (frontrun) and one after (backrun) — to profit at your expense.
Here's the sequence:
- You submit a swap: You want to buy Token X for 10 SOL on a DEX.
- Attacker frontruns: The attacker sees your pending transaction and submits a buy for Token X just before yours, pushing the price up.
- Your trade executes: You buy Token X at the now-inflated price, getting fewer tokens than expected.
- Attacker backruns: The attacker immediately sells the Token X they bought in step 2 at the higher price, pocketing the difference.
The attacker's profit comes directly from the price impact your trade creates. You end up paying more (or receiving less) than you would have without the attack. The attacker takes the difference.
A Concrete Example
Say you're swapping 100 SOL for a memecoin on Raydium:
- Without attack: You'd receive 1,000,000 tokens at the current price
- Attacker frontruns: Buys 50 SOL worth of the token, moving the price up 3%
- Your trade: Executes at the higher price, you receive 970,000 tokens instead
- Attacker backruns: Sells their tokens at the inflated price, netting ~1.5 SOL profit
You lost ~30,000 tokens (worth ~3 SOL). The attacker gained ~1.5 SOL after fees. The remaining value went to the liquidity pool as price impact.
How Sandwich Attacks Work on Solana
Solana's architecture is fundamentally different from Ethereum's, which changes how sandwich attacks operate.
Why Solana Is Different
On Ethereum, there's a public mempool where pending transactions wait to be included in blocks. Attackers monitor this mempool, identify profitable trades, and pay higher gas fees to get their frontrun transaction included first.
Solana doesn't have a traditional mempool. Transactions are forwarded directly to the current block leader (validator) via a protocol called QUIC. This means there's no public waiting room where attackers can easily see your pending transaction.
However, this doesn't make Solana immune to sandwich attacks.
How Attackers Find Targets on Solana
Despite no public mempool, attackers have several vectors:
1. Validator-level visibility: Validators who are currently producing blocks can see transactions as they arrive. A malicious or profit-seeking validator could reorder transactions within their block to sandwich profitable swaps.
2. QUIC stream monitoring: Attackers can run infrastructure close to validators and observe transaction propagation patterns, though this is less reliable than Ethereum's mempool.
3. Jito bundles (historical): Jito originally allowed anyone to submit transaction bundles with specific ordering, which could be used for sandwich attacks. Jito has since restricted this functionality, but the cat-and-mouse game continues.
4. Private infrastructure: Sophisticated attackers run their own RPC nodes and staked connections to gain visibility into pending transactions before they're confirmed.
The Jito Factor
Jito's block engine became central to Solana's MEV landscape. Jito tips (priority fees paid to validators through the Jito protocol) influence transaction ordering. While Jito has implemented policies against sandwich attacks and removed the public mempool feature from their block engine, the underlying economic incentives remain.
Validators still have the technical ability to reorder transactions within their blocks. The question is whether the incentive is strong enough and the risk of detection low enough to make sandwiching worthwhile.
How Much Are Traders Losing?
Quantifying sandwich attack losses on Solana is harder than on Ethereum because of the architectural differences. However, analysis of on-chain data reveals:
- Large swaps (50+ SOL) are the primary targets. The price impact from a 5 SOL swap usually isn't worth the attacker's effort and risk.
- Low-liquidity tokens are more vulnerable because smaller amounts of capital can move the price significantly.
- Peak activity periods (memecoin launches, major announcements) see higher attack frequency because more large trades are occurring.
Independent researchers estimate that Solana MEV extraction (including but not limited to sandwiching) runs into millions of dollars per month across all forms.
How to Protect Your Trades
1. Use Tight Slippage Settings
Slippage tolerance is your first line of defense. If you set 1% slippage, an attacker can only extract up to 1% of your trade value. The tighter your slippage, the less profitable (and more risky) a sandwich attack becomes.
On Jupiter, the default slippage is usually reasonable, but adjust it based on the token:
- Major tokens (SOL, USDC, JUP): 0.1-0.5% is usually fine
- Mid-cap tokens: 0.5-1%
- Memecoins/low liquidity: 1-3% may be necessary, but understand you're accepting more MEV risk
If your transaction fails due to slippage, that's actually the protection working — the attack would have cost you more than your slippage tolerance.
2. Use MEV Protection Features
Several Solana trading tools now offer MEV protection:
- Jupiter: Offers MEV protection through Jito integration. Transactions are routed through private channels that reduce frontrunning exposure.
- Photon: Includes anti-MEV settings that route transactions through protected channels.
- BullX: Has MEV protection options for Solana trades.
- GMGN: Provides transaction protection features for memecoin trading.
These tools typically route your transactions through private submission channels (like Jito's block engine) rather than the public transaction pipeline, reducing the window for attackers to observe and react to your trades.
3. Split Large Trades
Instead of swapping 100 SOL in a single transaction, consider splitting it into smaller trades:
- 5-10 smaller swaps spread over a few minutes
- Each individual trade has less price impact, making sandwiching less profitable
- The total slippage might be slightly higher due to multiple swaps, but the MEV risk is much lower
This approach trades time for safety. For large positions, it's almost always worth it.
4. Use Limit Orders
Jupiter offers limit orders on Solana. Unlike market swaps, limit orders specify an exact price. There's no slippage to exploit because the trade only executes if the price matches your specified level.
Limit orders aren't vulnerable to sandwich attacks because the attacker can't force your order to execute at a worse price — the order simply won't fill if the price moves unfavorably.
5. Time Your Trades
While not foolproof, trading during lower-activity periods can reduce MEV risk:
- MEV bots are most active during high-volatility periods
- Off-peak hours (late night US time) tend to have less MEV activity
- Avoid trading immediately after major announcements when MEV bots are most aggressive
6. Use Private RPCs
Submitting transactions through a private or staked RPC connection reduces visibility to attackers. Standard public RPCs broadcast transactions more widely, giving attackers more time to observe them.
Many trading tools use staked connections by default. If you're building your own trading scripts, consider using a staked RPC connection from a provider like Helius or Triton.
Sandwich Attacks vs Other MEV
It's worth understanding where sandwich attacks fit in the broader MEV landscape:
| MEV Type | Mechanism | Impact on You |
|---|
| Sandwich | Frontrun + backrun your trade | Worse price |
| Frontrunning | Copy your trade before it executes | Worse price |
| Backrunning | Arbitrage after your trade | No direct cost |
| Liquidation | Liquidate your leveraged position | Loss of collateral |
| JIT Liquidity | Provide liquidity only for your trade | Usually beneficial |
Not all MEV is harmful. Backrunning and JIT (Just-In-Time) liquidity can actually benefit traders by improving execution. Sandwich attacks are explicitly extractive — they only benefit the attacker.
The MEV landscape on Solana is evolving rapidly:
Validator incentives: As Solana's validator economics develop, the incentive for validators to participate in MEV extraction (or allow it) changes. Some validators publicly commit to not reordering transactions for MEV.
Protocol-level solutions: There's ongoing research into protocol-level changes that could make sandwich attacks structurally harder. Encrypted mempools, threshold encryption, and fair ordering protocols are all being explored.
Better tooling: Trading tools are increasingly building MEV protection into their default configuration, making protection automatic rather than opt-in.
Regulatory attention: As MEV becomes better understood, regulatory scrutiny is increasing. Some forms of MEV extraction may face legal challenges in regulated jurisdictions.
Final Thoughts
Sandwich attacks on Solana are less pervasive than on Ethereum, but they're not negligible. The low transaction fees that make Solana great for users also make MEV extraction cheaper for attackers.
The practical defense is straightforward: use tight slippage settings, trade through MEV-protected channels, split large orders, and consider limit orders for significant positions. These steps don't eliminate MEV risk entirely, but they reduce your exposure dramatically.
As the Solana ecosystem matures, expect MEV protection to become more robust at both the protocol and application level. In the meantime, understanding how sandwich attacks work puts you ahead of most traders who don't think about execution quality at all.
For more on protecting yourself while trading on Solana, check out our MEV protection guide and wallet security checklist.
FAQ
Can I get sandwiched on Jupiter?
Yes, it's technically possible, but Jupiter has implemented MEV protection features that significantly reduce the risk. Using Jupiter's recommended settings (auto slippage, MEV protection enabled) provides good protection for most trades. Very large swaps on low-liquidity tokens remain the highest risk.
How do I know if I was sandwich attacked?
Check your transaction on Solscan or Solana Explorer. If you see a buy of the same token in the slot just before your trade (from a different wallet) and a sell just after, you may have been sandwiched. The telltale sign is that you received fewer tokens than the market price at the time you submitted the trade.
Are sandwich attacks illegal?
The legal status is unclear and varies by jurisdiction. In traditional markets, similar front-running is illegal. In DeFi, the regulatory framework is still developing. Some jurisdictions are beginning to classify certain MEV extraction as market manipulation, but enforcement on decentralized networks is challenging.
Does using Jito tips protect against sandwich attacks?
Using Jito for transaction submission can help because it sends your transaction through a private channel rather than the public pipeline. However, Jito tips alone don't guarantee protection — the validator producing the block still has some ability to reorder transactions. Combining Jito submission with tight slippage provides the best protection.
