Bad Sandwich: DeFi Trader 'Poisons' Front-Running Miners for $250K Profit

A DeFi trader tricked Ethermine's sandwich bot into purchasing "Salmonella" and "Listeria" tokens for some 130 ETH.

AccessTimeIconMar 22, 2021 at 3:33 p.m. UTC
Updated Sep 14, 2021 at 12:30 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Front-running Ethereum miners are suffering from a bout of food poisoning.

Maximal Extractable Value (MEV) – the practice of manipulating a transaction queue to squeeze profits from other unsuspecting traders – is making a hot splash in Ethereum’s decentralized finance (DeFi) markets. But players in the know aren't always as safe as they might think, as evidenced by one trader who netted 130 ETH, worth an estimated $250,000, by preying on the predators. 

Friday, bot trader and LocalCoin Swap CTO Nathan Worsley released two token contracts named “Salmonella” and “Listeria” on the Ethereum blockchain with the intention of luring unsuspecting bot traders into an ambush. Mining pool Ethermine – which only publicly announced its MEV strategy last Wednesday – became entangled in the token trap, netting Worsley a quarter-million dollars after a few hours’ work.

Ethermine, Worsley and other MEV trailers are playing the blockchain equivalent of high-frequency trading (HFT) strategies that recently came into the public spotlight with the Robinhood, r/WallStreetBets and Melvin Capital spectacle. 

Trades on decentralized exchanges (DEX) are sitting ducks while they remain idle in the processing queue. A small cohort of developers can and do take advantage of this lag time between hitting the trade button and the trade executing on-chain by front-running, back-running or, in this case, “sandwiching” a transaction.

Worsley’s gambit was a “poisoned” sandwich trade. In a sandwich, a transaction is both front-run and back-run (the bread), which causes price slippage for the transaction in between (the meat, or perhaps cheese).

“In layman's terms, you see that someone will buy an asset, so you buy it first to artificially inflate the price, before selling afterwards at a profit,” Worsely explained in a post mortem.

A ‘poisoned’ sandwich for front-running bots

Nimble solo bot traders can take advantage of large players moving into the market. One method Worsley developed was poisoning a sandwich trade.

Worsley deployed a proprietary token contract with tweaked parameters, including notifications if anyone was trying to trade with the toxic contract. Additionally, the contract would return only 10% of the asked-for tokens in the Uniswap pool Worsely setup.

“It has some special logic to detect when anyone other than the specified owner is transacting it, and in these situations it only returns 10% of the specified amount – despite emitting event logs which match a trade of the full amount,” he said.

Worsley then sent out transactions with a both a low transaction fee and high slippage. Ethermine’s bots raced ahead to take advantage of the slippage as Worsley's bait lingered in the transaction queue. 

“Instead of giving them a juicy payout, the token itself in the trade exploits the sandwich trader by giving them only a fraction of the tokens they thought the swap would yield,” Worsley explained. “After this happens, the ‘sell’ order of the sandwich trader now fails and they are left holding the Salmonella token. Instead of making a bunch of ETH in profit from my bait, they are instead left with a stomach full of Salmonella.”

Worsley remains unapologetic about his MEV strategy, telling CoinDesk DeFi is merely a game of poker.

“Nothing against Ethermine or the other traders personally, but this is a game of high-stakes poker and they sat down at the table intending to take all of my chips. Maybe next time they will be the ones walking home with all my chips. That's the game,” he said.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.