The Walls Have Ears: Unveiling Cross-Chain Sandwich Attacks in DeFi

TL;DR

The paper identifies a novel cross-chain sandwich attack vector wherein attackers exploit information leaked by cross-chain protocols to front-run on the destination chain before the victim's transaction enters the mempool. It develops a theoretical framework, implements a detection algorithm, and conducts an empirical study using two months of Symbiosis data, finding approximately $5{,}273{,}857$ USD in profit (about $1.28\%$ of bridged volume) with notable concentration on the BSC network; a standout case achieved a $21.4\%$ profit rate. It also releases the first large-scale dataset of cross-chain sandwich attacks and discusses mitigations, including private relayers, encrypted calldata, and shifting calldata generation to the destination chain, while noting the challenges of centralization and practicality. The work highlights a critical new security risk introduced by cross-chain interoperability and provides design principles to guide more robust DeFi defenses against cross-chain MEV. Overall, the study demonstrates that cross-chain MEV can dwarf single-chain MEV in certain bridges and motivates further research into detection, mitigation, and broader cross-domain attack surfaces.

Abstract

Cross-chain interoperability is a core component of modern blockchain infrastructure, enabling seamless asset transfers and composable applications across multiple blockchain ecosystems. However, the transparency of cross-chain messages can inadvertently expose sensitive transaction information, creating opportunities for adversaries to exploit value through manipulation or front-running strategies. In this work, we investigate cross-chain sandwich attacks targeting liquidity pool-based cross-chain bridge protocols. We uncover a critical vulnerability where attackers can exploit events emitted on the source chain to learn transaction details on the destination chain before they appear in the destination chain mempool. This information advantage allows attackers to strategically place front-running and back-running transactions, ensuring that their front-running transactions always precede those of existing MEV bots monitoring the mempool of the destination chain. Moreover, current sandwich-attack defenses are ineffective against this new cross-chain variant. To quantify this threat, we conduct an empirical study using two months (August 10 to October 10, 2025) of cross-chain transaction data from the Symbiosis protocol and a tailored heuristic detection model. Our analysis identifies attacks that collectively garnered over \(5.27\) million USD in profit, equivalent to 1.28\% of the total bridged volume.

Figures (8)

• Figure 1: Overview of the sandwich attack on liquidity pool based cross-chain swaps. ①-⑧ represent normal cross-chain swap steps, while ➍,➎,➑ are the attacker's operations. Matching numbers indicate that the user and the attacker perform those steps concurrently.
• Figure 2: The workflow of the cross-chain messaging protocol.
• Figure 3: Visualization of possible transaction orderings. $T_v$ is the victim transaction. $T_{A1}$ and $T_{A2}$ are cross-chain sandwich attack transactions. $T_{B1}$ and $T_{B2}$ are single-chain sandwich attack transactions. $T_1-T_{n}$ and $T_{n+1}$ are other noisy transactions with unknown swap directions.
• Figure 4: Visualization of profits across different blockchains. The left nodes represent the source chains and the right nodes are the destination chains. The width of a node represents the attacker’s profit in USD realized on the destination chain.
• Figure 5: The distribution of the time interval between the event is emitted on the source chain and the swap is executed on the destination chain in the Symbiosis protocol.

Theorems & Definitions (1)

• Definition 1: Cross-Chain Messaging Protocol