The viral txn of an MEV bot "selling 2.4 $APE for 946 ETH"
A few people asked me how this happened. In short, it didnt happen.
Seems like a lot of people that got hooked on NFTs weren't around during DeFi Summer in 2020 and arent familiar with MEV bots. Let me try to explain :)
A few people asked me how this happened. In short, it didnt happen.
Seems like a lot of people that got hooked on NFTs weren't around during DeFi Summer in 2020 and arent familiar with MEV bots. Let me try to explain :)
This txn is only 1 of 3 that are relevant. The bot didn't make $2.7M (and no trader paid $2.7M).
This is known as a sandwich attack. A lot of smart ppl have explained this, but Ill go over how this works with a real example (Im assuming you know how eth works on a high level).
This is known as a sandwich attack. A lot of smart ppl have explained this, but Ill go over how this works with a real example (Im assuming you know how eth works on a high level).
Every time you send a txn to eth, it doesn't get mined immediately and inserted into the blockchain. Your txn actually gets sent to a pool with other txns - this is known as the mem pool.
Your txn sits idle until a miner decides to pick up your txn and mine it.
Your txn sits idle until a miner decides to pick up your txn and mine it.
How does a miner decide which txns to mine first? That's based on gas fee, the higher the gas fee (reward to the miner for mining your txn), the more likely your txn will be mined faster.
Until your txn is mined, it will sit idly in the mempool (for however long)
Until your txn is mined, it will sit idly in the mempool (for however long)
An important thing to note is, 1 block contains many different txns in sequential order (determined by gas price).
For example if all these txns were for an NFT mint, txn1 would mint first, and then txn2, and then txn3 (maybe by this time it's sold out and txn fails).
For example if all these txns were for an NFT mint, txn1 would mint first, and then txn2, and then txn3 (maybe by this time it's sold out and txn fails).
After understanding this, we can get to the crux of a sandwich attack.
Essentially, a sandwich attach is when you send a txn to the mempool to swap tokens (ie swap $APE for $USDC) with slippage.
Slippage is the minimum number of tokens you're willing to receive.
Essentially, a sandwich attach is when you send a txn to the mempool to swap tokens (ie swap $APE for $USDC) with slippage.
Slippage is the minimum number of tokens you're willing to receive.
For example, if you're trying to buy $APE and it costs 10 $USDC, and you set your slippage to 2%, you're telling the DEX that if there is a price change by the time your txn is mined, you are willing to pay up to 10.20 $USDC per $APE
Can you guess how a bot might exploit this?
Can you guess how a bot might exploit this?
Let's use the swap example above to conduct a sandwich attack if we were a bot.
First, you send your swap txn and it gets sent to the mempool.
As a bot, I can look at EVERY single txn that is in the mem pool and I see your swap txn where you set your slippage to 2%
First, you send your swap txn and it gets sent to the mempool.
As a bot, I can look at EVERY single txn that is in the mem pool and I see your swap txn where you set your slippage to 2%
This is what your txn looks like to a bot.
I see that you set your slippage to 2%, so I know for a fact that you will buy $APE at $10.20 even though it only costs $10 right now.
Here are my steps to sandwich you:
I see that you set your slippage to 2%, so I know for a fact that you will buy $APE at $10.20 even though it only costs $10 right now.
Here are my steps to sandwich you:
1. Send a txn with correct gas where my txn gets executed before yours. This txn buys a shit ton of $APE causing the price to spike to $10.20
2. Send another txn with correct gas where this txn gets executed AFTER yours. This txn sells all the $APE I just bought.
2. Send another txn with correct gas where this txn gets executed AFTER yours. This txn sells all the $APE I just bought.
Because txns are executed in order in a block, your swap txn would be executed between 1 and 2.
So you bought $APE at a 2% higher price because of my initial buy txn, and then I'm selling all my $APE after you buy at the higher price -> I just profited by making you pay more.
So you bought $APE at a 2% higher price because of my initial buy txn, and then I'm selling all my $APE after you buy at the higher price -> I just profited by making you pay more.
I "sandwiched" your txn between my txns which allowed me to profit and you to lose 2%. This all happens in a single block, within milliseconds.
Even though I dont make that much money on this single trade (at most 1-2% gain), I do this 1000s of times a day.
Even though I dont make that much money on this single trade (at most 1-2% gain), I do this 1000s of times a day.
Let's take a look at a real life bot that does this. Thousands of txns a day on various coins.
Let's dive into a specific block that this bot has sent txns to (this is block 14404142).
dseezy.eth is trying to swap 1.5 ETH for $APE.
You can see that the bot submitted 2 txns before/after dseezy's txn. Unfortunately dseezy got sandwhiched...
dseezy.eth is trying to swap 1.5 ETH for $APE.
You can see that the bot submitted 2 txns before/after dseezy's txn. Unfortunately dseezy got sandwhiched...
If we look at the bots txns, we see that the first txn was buying $APE for 4.1364868 ETH that got executed before dseezy's.
dseezy's txn got executed immediately after this and faced slippage.
dseezy's txn got executed immediately after this and faced slippage.
After dseezy's buy order got executed, the bot sent this txn right after.
This txn sells the $APE it just bought for 4.4563609 ETH.
About ~0.3 eth profit in a single block, pretty crazy right?
This txn sells the $APE it just bought for 4.4563609 ETH.
About ~0.3 eth profit in a single block, pretty crazy right?
This was just a basic summary of how sandwich attacks work, pretty neat huh?
Also, don't try to blame DeFI for this problem. This type of attack first started in TradFi (brokers front-running clients), but now it's completely transparent and in theory anyone can participate ;)
Also, don't try to blame DeFI for this problem. This type of attack first started in TradFi (brokers front-running clients), but now it's completely transparent and in theory anyone can participate ;)
MEV botting like this is incredibly competitive so I would not suggest trying to get into it unless you're pretty experienced and willing to put in a lot of time and effort.
If you liked this, I'll do a follow up on how to prevent yourself from getting sandwiched :)
If you liked this, I'll do a follow up on how to prevent yourself from getting sandwiched :)
Follow up of this thread:
https://twitter.com/0x_Beans/status/1505725883595644928?s=20&t=KuOwQpR1jWX1vzjJLjwJrw
• • •
Missing some Tweet in this thread? You can try to
force a refresh
