Table of Contents
Fetching ...

How to Serve Your Sandwich? MEV Attacks in Private L2 Mempools

Krzysztof Gogol, Manvir Schneider, Jan Gorzny, Claudio Tessone

TL;DR

It is suggested that sandwiching, while endemic and profitable on Ethereum L1, is rare, unprofitable, and largely absent in rollups with private mempools, and the design of sequencing policies is challenged.

Abstract

We study the feasibility, profitability, and prevalence of sandwich attacks on Ethereum rollups with private mempools. First, we extend a formal model of optimal front- and back-run sizing, relating attack profitability to victim trade volume, liquidity depth, and slippage bounds. We complement it with an execution-feasibility model that quantifies co-inclusion constraints under private mempools. Second, we examine execution constraints in the absence of builder markets: without guaranteed atomic inclusion, attackers must rely on sequencer ordering, redundant submissions, and priority fee placement, which renders sandwiching probabilistic rather than deterministic. Third, using transaction-level data from major rollups, we show that naive heuristics overstate sandwich activity. We find that the majority of flagged patterns are false positives and that the median net return for these attacks is negative. Our results suggest that sandwiching, while endemic and profitable on Ethereum L1, is rare, unprofitable, and largely absent in rollups with private mempools. These findings challenge prevailing assumptions, refine measurement of MEV in L2s, and inform the design of sequencing policies.

How to Serve Your Sandwich? MEV Attacks in Private L2 Mempools

TL;DR

It is suggested that sandwiching, while endemic and profitable on Ethereum L1, is rare, unprofitable, and largely absent in rollups with private mempools, and the design of sequencing policies is challenged.

Abstract

We study the feasibility, profitability, and prevalence of sandwich attacks on Ethereum rollups with private mempools. First, we extend a formal model of optimal front- and back-run sizing, relating attack profitability to victim trade volume, liquidity depth, and slippage bounds. We complement it with an execution-feasibility model that quantifies co-inclusion constraints under private mempools. Second, we examine execution constraints in the absence of builder markets: without guaranteed atomic inclusion, attackers must rely on sequencer ordering, redundant submissions, and priority fee placement, which renders sandwiching probabilistic rather than deterministic. Third, using transaction-level data from major rollups, we show that naive heuristics overstate sandwich activity. We find that the majority of flagged patterns are false positives and that the median net return for these attacks is negative. Our results suggest that sandwiching, while endemic and profitable on Ethereum L1, is rare, unprofitable, and largely absent in rollups with private mempools. These findings challenge prevailing assumptions, refine measurement of MEV in L2s, and inform the design of sequencing policies.
Paper Structure (27 sections, 2 theorems, 27 equations, 3 figures, 4 tables)

This paper contains 27 sections, 2 theorems, 27 equations, 3 figures, 4 tables.

Key Result

proposition thmcounterproposition

Consider a constant-product AMM with proportional fee $\phi$ and depth $L$. Let $V_f$ and $V_v$ denote the attacker and victim inputs. In the small-trade regime, the attacker's incremental profit (conditioning on the presence of the victim) admits the quadratic approximation where the term $2\phi V_f$ represents the swap fees paid on the frontrun and backrun legs. The unique interior maximizer is

Figures (3)

  • Figure 1: Density heatmaps of swap sizes (USD) for front, victim, and back legs. The top row plots back-run versus front-run swaps; a genuine sandwich would concentrate mass along the diagonal $b=f$, yet observed densities scatter widely away from it. The bottom row plots victim versus front-run swaps; here too, the absence of clustering along the diagonal $v=f$ indicates that attacker trades do not scale with victim size.
  • Figure 2: Violin distribution of estimated net PnL in USD. The distributions are tightly centered around zero, with heavy tails, confirming that median profits are negligible and most candidate sandwiches are not profitable.
  • Figure 3: Histograms of sandwich efficiency per bot across L2s (Jan--Sep'25). Efficiency is defined as the share of sandwiches among a bot’s total transactions. Across all rollups, the vast majority of bots exhibit extremely low efficiency, indicating that most sandwich-like patterns are not genuine MEV attacks.

Theorems & Definitions (2)

  • proposition thmcounterproposition: Small-trade approximation on CPMMs
  • proposition thmcounterproposition: Optimal frontrunning across CLMM ticks