Difference between revisions of "Front running"
Jimcrypted (talk | contribs) m (added link to Metamask) |
|||
(One intermediate revision by one other user not shown) | |||
Line 1: | Line 1: | ||
Front running, also called a sandwich attack, occurs when an attacker buys an asset before a traders big purchase and sells right after (vice-versa for big sells). The price goes up after a big purchase and the attacker profits from the difference. This is common with AMMs like [[Uniswap]] because of [[Slippage]] and are often executed by [[MEV|MEV bots]]. | |||
== Front running in traditional finance == | == Front running in traditional finance == | ||
Line 8: | Line 8: | ||
=== How it works === | === How it works === | ||
When a user sends a transaction, like buying ETH on | When a user sends a transaction, like buying ETH on [[Uniswap]] with [[MetaMask]], the transaction gets sent to the [[Mempool]] (pending transactions) before included in a block (getting confirmed). A bot can detect this and send a buy order with slightly more gas. This ensures the bot's buy order executes before the user's. Bots usually sell immediately after. | ||
This results in users getting paying a higher price which bots profit off. | This results in users getting paying a higher price which bots profit off. | ||
Line 35: | Line 35: | ||
<references /> | <references /> | ||
[[Category:Tools]] | [[Category:Tools]] | ||
[[Category:Glossary]] |
Latest revision as of 01:54, 11 May 2022
Front running, also called a sandwich attack, occurs when an attacker buys an asset before a traders big purchase and sells right after (vice-versa for big sells). The price goes up after a big purchase and the attacker profits from the difference. This is common with AMMs like Uniswap because of Slippage and are often executed by MEV bots.
Front running in traditional finance
Front running is not new. In traditional finance, it can occur when an external party such as a broker obtains insider knowledge of a large future transaction and buys the stock before that. The stock price increases after the big purchase, and the external party profits. This is usually illegal. [1]
Front running in DEXes
Front running is common in crypto because it is unregulated and easy to execute. These are also known as sandwich attacks.
How it works
When a user sends a transaction, like buying ETH on Uniswap with MetaMask, the transaction gets sent to the Mempool (pending transactions) before included in a block (getting confirmed). A bot can detect this and send a buy order with slightly more gas. This ensures the bot's buy order executes before the user's. Bots usually sell immediately after.
This results in users getting paying a higher price which bots profit off.
Examples
Sandwich attacks usually happen in pools with low liquidity because of increased slippage. Some websites detect these attacks.
The screenshot (taken from dextools.io) shows a real sandwich attack where the attacker drained 0.14 ETH at the expense of the buyer.
Avoiding front running
Although front running in crypto is difficult to avoid, most normal users would not be too affected by it. Front running is only profitable with large transactions or low liquidity pools.
Lowering slippage tolerance
Lowering slippage tolerance would cause the transaction to fail if the price changes too much. This usually makes the transaction fail should a bot front-run, but is not guaranteed. Most major DEXes automatically set the slippage tolerance to around 0.5%, which is usually good enough. Do read more at Slippage.
Splitting into multiple transactions
Splitting a large transaction into a few smaller trades greatly reduces the front running risk because it makes a sandwich attack less profitable. However, this would cost the user more gas.
Private transactions / MEV
MEV allow users to send transactions directly to the miner. It skips the mempool therefore would not get detected by bots. Another solution is shielding the trade by sending an encrypted transaction. However, these solutions are still highly technical and difficult to access for the average person.
Front running resistant exchanges/services
There are some emerging services and DEXes that use private transactions or MEV to protect users – this article needs to be updated with more