MEV and Swap Protection

Last modified: June 14, 2026

What is MEV?

Maximal Extractable Value (MEV) is profit captured by reordering, inserting, or censoring transactions within a block. On EVM-compatible chains, block builders and searchers compete to extract MEV from pending transactions in the public mempool.

For swap users the most common extraction vector is the sandwich attack.

Sandwich attacks

A sandwich attack brackets a victim's pending swap:

Front-run — the attacker buys the same output token ahead of the victim, pushing the price up.
Victim's swap executes at a worse price than expected.
Back-run — the attacker sells immediately after, profiting from the inflated price.

The victim receives fewer tokens; the attacker pockets the difference.

The math

Consider a pool with reserves $x$ (CTN) and $y$ (USDC). The attacker front-runs the victim's $\Delta x_v$ with $\Delta x_a$ :

Step 1 — front-run:

\text{attacker\_output} = \frac{y\Delta x_a}{x+\Delta x_a}

\text{new reserves:}\quad x' = x+\Delta x_a,\quad y' = y-\text{attacker\_output}

Step 2 — victim swaps at degraded price:

\text{victim\_output} = \frac{y'\Delta x_v}{x'+\Delta x_v}

Step 3 — back-run at the now-elevated price.

The attacker's maximum profit is bounded by the victim's slippage tolerance $s$ :

\text{max\_extractable} \approx s\,\Delta x_v \left(\frac{y}{x}\right)

Example: A 10 CTN swap in a 100 CTN / 200,000 USDC pool with $2\%$ slippage tolerance:

\text{max\_extractable} \approx 0.02 \cdot 10 \cdot 2{,}000 = 400

In practice, profit is lower due to gas costs and competition among searchers.

Who is affected?

Any swap submitted to a public mempool is a potential target. Larger trades and higher slippage tolerances widen the attacker's profit margin.

How slippage tolerance protects you

The slippage tolerance (e.g., $1\%$ ) sets the minimum acceptable output. If a sandwich pushes the execution price beyond this threshold, the transaction reverts — the trader loses only gas.

Tolerance	Protection	Tradeoff
0.1 %	Very high — almost no extraction room	Swaps may fail in volatile markets
0.5 %	High — good default for most swaps	Small risk window
1–3 %	Moderate — necessary for volatile tokens	Larger extraction window
5 %+	Low — significant exposure	Reserve for tokens with built-in transfer fees

Rule of thumb: use the lowest tolerance that allows the swap to succeed.

Additional protection strategies

Private RPC / MEV protection services

Submitting transactions through a private relay bypasses the public mempool entirely, hiding pending swaps from searchers:

Flashbots Protect — routes transactions directly to block builders
MEV Blocker — broader builder coverage
Many wallets (e.g., MetaMask) now offer built-in MEV protection

Swap on L2 networks

L2 chains (Base, Arbitrum, Optimism) have sub-two-second block times, shrinking the sandwich window. Some sequencers also enforce ordering rules that make front-running harder.

Split large swaps

Breaking a large trade into several smaller transactions reduces per-swap price impact and makes each piece a less attractive sandwich target.

Limit orders or TWAP execution

For size, consider time-weighted average price (TWAP) execution or limit orders, which spread execution over time and cap per-trade impact.

Protocol-level safeguards

The smart contracts include three built-in defences:

amountOutMinimum — every swap specifies a minimum output; the transaction reverts if the actual output is lower.
deadline — swaps expire after a set timestamp, preventing stale transactions from executing at outdated prices.
Price-impact warnings — the interface alerts the user when a swap would have unusually high price impact.

These mechanisms do not prevent MEV, but they cap the trader's worst-case loss at the chosen slippage tolerance.