Understanding MEV attacks
One of the key drivers of blockchain protocol stability is MEV (Miner or, more modernly, Maximum Extractable Value) — the profit a miner or validator can make by reordering, including or excluding transactions in the blocks they mine.
MEV attacks that aim to manipulate this profit-oriented mechanism are a fairly serious problem for networks. MEV attacks can manipulate markets, harm users, traders and liquidity providers, and destabilize the blockchain network.
The basics of MEV
MEV is the profit that miners / validators can make by manipulating the order of transactions in a block. They select and order tx from a mempool — a pool of pending transactions — usually based on gas fees. However, they may prioritize txs that maximize their profits, even if that means reordering or excluding other transactions.
For example, imagine a DEX where a user makes a large transaction that changes the market price. The validator could spot this trade in the mempool, insert their own trade in front of it (front running), and profit from the price movement. This is a classic MEV opportunity.
MEV originated with PoW and miners, but it is not just about miners anymore. In PoS systems, validators play a similar role. In addition, searchers — specialized participants that scan the mempool for MEV opportunities — collaborate with validators through MEV auctions, making the ecosystem even more complex.
MEV attacks have become more prominent with the rise of DeFi, where complex smart contract interactions — such as arbitrage, liquidation, and trading — create profitable opportunities for MEV exploitation.
How MEV attacks work
MEV attacks exploit the ability to manipulate transaction ordering or block content. Here are the main types of MEV attacks and how they function:
Front-running
Front-running occurs when a miner or searcher inserts their transaction before a target transaction to profit from its impact. For example:
A user submits a large buy order on a DEX, which will increase the price of a token.A searcher spots this in the mempool and places their own buy order with a higher gas fee, ensuring it executes first.The searcher’s trade executes, the price rises, and they sell at a profit, while the original user pays a higher price.
Back-running
Back-running involves placing a tx immediately after a target tx to capitalize on its outcome. For instance:
A large trade creates an arbitrage opportunity between two DEXs.A searcher submits an arbitrage transaction to execute right after the trade, profiting from the price discrepancy.
Sandwich attacks
Sandwich attacks combine front-running and back-running for maximum profit:
A searcher spots a large trade in the mempool.They place a buy order before the trade (front-running) to drive up the price.After the user’s trade executes, they place a sell order (back-running) to profit from the inflated price.The user suffers from slippage, paying more than expected.
Liquidation attacks
In DeFi lending protocols, searchers monitor the mempool for liquidation opportunities — when a borrower’s collateral falls below a threshold. By front-running the liquidation transaction, they can claim the collateral at a discount, often harming the borrower.
The impact of MEV attacks
MEV attacks have far-reaching consequences for blockchain ecosystems:
MEV attacks like sandwiching increase transaction costs for users through slippage and higher prices. This erodes trust in DeFi platforms, as users feel manipulated by invisible actors.Searchers bidding high gas fees to prioritize their MEV transactions can clog the mempool, driving up gas prices for everyone. During peak MEV activity, Ethereum users have faced gas fees spiking to hundreds of dollars.MEV incentivizes miners to collude or form cartels to maximize profits, undermining blockchain decentralization.
Mitigating MEV attacks
The blockchain community is actively working on solutions to curb MEV attacks. Here are some promising approaches:
MEV and Order flow auctions
One of the earliest and most widespread approaches is the use of off-chain auctions to facilitate competition for MEVs.
Order flow auctions, on the other hand, aim to address the negative externalities experienced by users. OFA auctions allow users to selectively share information about their transactions with searchers.
Encrypted mempools
Encrypting the mempool aims to hide transaction details from searchers until they’re included in a block.
Protocol-level solutions
Some DeFi protocols are implementing MEV-resistant designs like Chainlink’s FSS (Fair Sequencing Services) that proposes decentralized transaction ordering to prevent front-running or Uniswap V3 that introduced features like concentrated liquidity to reduce slippage, indirectly mitigating sandwich attacks.
MEV redistribution
Instead of letting miners or validators keep all MEV profits, some propose redistributing them to users or the network.
Layer 2 solutions
Layer 2 scaling solutions can reduce MEV opportunities by batching txs and limiting mempool visibility. However, they introduce their own security challenges, such as data availability risks.
For users, protecting against MEV attacks involves practical steps:
Use limit orders on DEXs to minimize slippage.Leverage MEV-resistant protocols like those integrating Chainlink FSS.Monitor gas prices to avoid submitting transactions during high-MEV periods.
Conclusion
MEV attacks are a stark reminder that even decentralized systems aren’t immune to manipulation. MEV manipulations raise ethical questions about fairness in decentralized systems. Is it acceptable for miners or validators to profit at users’ expense? Should MEV be viewed as a legitimate market mechanism or a form of exploitation?
Some argue that MEV is an inevitable consequence of open, permissionless systems, akin to arbitrage in traditional finance. Others see it as a flaw that undermines the egalitarian promise of Web3. Striking a balance between incentivizing network security and protecting users is a key challenge. These debates are far from over, but with collaborative efforts, the blockchain community might turn this hidden threat into an opportunity for growth and resilience.
SmartState: Top-notch smart contract audits & blockchain security solutions
About SmartState
Launched in 2019 and incorporated in Dubai, SmartState is an independent Web3 security company providing top-notch external security audits and enterprise level blockchain security services.
We’ve built a professional team of skilled white-hat hackers, cyber security experts, analysts and developers. The SmartState team have extensive experience in ethical hacking and cyber security, blockchain & Web3 development, financial and economic sectors.
We’ve conducted 1000+ security audits so far. None of code audited by SmartState had been hacked. Blockchains like TON, large projects like EYWA, 1inch and CrossCurve & exchanges such as Binance and KuCoin rely on our experience.
🚀 Concerned about your project & assets security? Book free security consultation! Let’s get in touch: info@smartstate.tech
Stay tuned for more updates from SmartState and follow us on social media to learn about our latest auditing services and success stories:
WebsiteX (formerly Twitter)LinkedInTelegramInstagram
Disclaimer
Always DYOR. This article is for informational purposes only, does not constitute legal, financial, investment advice and / or professional advice, and we are not responsible for any decisions based on our analysis or recommendations. Always consult with a qualified security expert and conduct thorough testing before deploying smart contracts.
Understanding MEV attacks was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.