The Stablecoin Sandwich: How MEV Exploits Target Digital Dollar Swaps

Key Takeaways

• MEV Exploit: A stablecoin sandwich is a type of Maximal Extractable Value (MEV) attack in which a bot front-runs and back-runs a user's stablecoin swap on a decentralized exchange, extracting profit from the price slippage it creates. The sandwich model allows bots to exploit any crypto swap, but stablecoin pairs are a preferred target.
• Real Losses: In March 2025, a single trader lost over $215,000 swapping USDC to USDT on Uniswap v3 after an MEV bot drained nearly all the liquidity from the pool in under eight seconds—turning supposedly safe digital assets into an expensive lesson.
• Architectural Problem: Sandwich attacks exploit the transparent mempool and automated market maker (AMM) design of most blockchain networks—a structural vulnerability that harms the end user and does not exist on settlement layers like the Lightning Network.

‍

What Is a Stablecoin Sandwich?

A stablecoin sandwich is a sandwich attack that specifically targets a swap between two stablecoins—digital currency assets pegged to fiat currency like the US dollar (USD) or the euro (EUR) that should, in theory, trade at near-identical value. The attacker monitors the public mempool for a pending stablecoin swap, places a buy order directly before the victim's transaction (the front-run), and a sell order directly after (the back-run). By manipulating the liquidity pool in the brief window between these three transactions, the attacker forces the victim to execute at a worse price and pockets the difference. The term "sandwich" refers to how the victim's trade is squeezed between the attacker's two orders—a pattern distinct from the broader cryptocurrency volatility that most traders prepare for.

What makes stablecoin sandwiches particularly damaging is that users expect dollar-pegged assets to swap near 1:1. A trader swapping $220,000 of USDC for USDT does not anticipate losing 98% of the value to a bot. Yet this is exactly what happened in a widely reported March 2025 incident on Ethereum. The MEV bot drained the USDC-USDT liquidity pool on Uniswap v3, executed the victim's swap at a catastrophic rate, then restored the liquidity—all within a single block. Data from EigenPhi shows that 38% of all sandwich attacks on Ethereum in 2025 targeted stablecoin pools, making stablecoin transactions one of the most exploited categories in decentralized finance. As the stablecoin market surpasses $250 billion in total capitalization and transaction volume exceeds that of Visa and Mastercard combined, the attack surface for MEV bots—and the stakes for financial institutions using these rails—continue to grow.

‍

How a Stablecoin Sandwich Works

A sandwich attack exploits two structural features of public blockchain networks: the transparent mempool, where pending transactions are visible before confirmation, and the pricing mechanics of automated market makers (AMMs), which adjust token prices based on pool ratios. Unlike traditional payment systems that route transactions through trusted intermediaries, AMM-based DEXs on Ethereum and Solana expose every pending swap to the open network—giving MEV bots a window to manipulate prices around a victim's trade.

• Detection: The bot scans the mempool and identifies a large pending stablecoin swap—say, $100,000 of USDC to USDT on a decentralized exchange like Uniswap.
• Front-Run: The bot submits its own transaction with a higher gas fee to ensure it confirms first. This trade drains stablecoin liquidity from the pool, pushing the exchange rate away from the 1:1 peg.
• Victim Execution: The victim's swap now executes at a worse price because the pool's balance has been deliberately skewed. Instead of receiving close to $100,000 in USDT, the victim gets significantly less.
• Back-Run: The bot immediately sells back into the pool at the newly inflated price, restoring liquidity and capturing the spread as profit.
• Settlement: All three transactions are bundled into the same block. The entire attack takes seconds and is invisible to the victim until after the fact. No KYC check, no anti-money laundering (AML) screen, and no compliance layer intervenes—the bot operates as an anonymous participant on a permissionless network.

‍

Why Stablecoin Swaps Are Vulnerable

Stablecoins should be the safest crypto-assets to swap on a decentralized exchange—after all, a dollar should trade for a dollar. But the architecture of AMM-based DEXs creates exploitable mechanics even in pools with tightly pegged assets. This matters especially as stablecoin use cases expand beyond DeFi trading into cross-border payments, remittances, and everyday on-ramp and off-ramp flows between fiat currency and digital currency.

• Shallow Liquidity: Many stablecoin pools hold relatively modest liquidity. A $200,000 swap in a $20 million pool creates enough price impact for a bot to extract meaningful profit from the slippage.
• Public Mempools: On Ethereum and most smart contract platforms, every pending transaction is broadcast to a public mempool before confirmation. This transparency—designed to promote openness—gives MEV bots a preview of every trade before it settles.
• Slippage Tolerance: Users set a maximum acceptable price deviation for their swap. If this tolerance is too high, bots can push the price to the edge of that range and capture the full allowed slippage.
• AMM Pricing: Automated market makers calculate price algorithmically based on pool ratios. Unlike an order book, there is no hidden liquidity or limit orders to absorb price manipulation—every trade moves the price predictably.
• Growing Real-World Adoption: As businesses in emerging markets increasingly use stablecoin swaps to bypass slow wire transfers and expensive traditional banking rails, more high-value transactions flow through AMM pools—precisely the kind of large swaps that MEV bots target. Users accustomed to legacy banking systems rarely anticipate that their on-chain swap can be exploited before it settles.

‍

The Scale of the Problem

Sandwich attacks are not a theoretical risk. They are the single most common form of MEV on Ethereum and represent a growing concern on Solana and other high-throughput chains. For regulators drafting sanctions enforcement and anti-money laundering regulatory frameworks, sandwich attacks also raise uncomfortable questions about market integrity—MEV bots operate in a gray area that existing financial services regulation was not designed to address.

• Ethereum: EigenPhi data covering November 2024 to October 2025 recorded over 95,000 sandwich attacks on Ethereum, resulting in approximately $60 million in annual losses for traders. Monthly extraction peaked near $10 million in late 2024 before declining to roughly $2.5 million by October 2025 as competition among bots compressed margins.
• Solana: On Solana, sandwich bots extracted between $370 million and $500 million over a 16-month period ending in May 2025, according to data presented at the Accelerate 2025 conference. Jito's public mempool—a key enabler of sandwich attacks—was shut down in March 2024, but private mempools have since filled the gap.
• Concentration: On Ethereum, a single entity known as "Jaredfromsubway.eth" controlled approximately 70% of all sandwich attacks in 2025, while average profit per attack dropped to just $3—illustrating how the practice has become industrialized, high-volume, and dominated by a few sophisticated operators. This level of concentration mirrors the kind of market manipulation that fintech companies and traditional exchanges actively police.
• Stablecoin Targeting: An estimated 38% of sandwich attacks on Ethereum targeted stablecoin pools specifically, as the predictable price range of dollar-pegged assets makes the front-run/back-run calculation more reliable for bots.

‍

How to Protect Against Stablecoin Sandwiches

While no single solution eliminates sandwich risk entirely on AMM-based DEXs, a combination of user-level precautions and protocol-level functionality can significantly reduce exposure.

• Low Slippage Tolerance: Setting a tight maximum slippage—say, 0.1% for a stablecoin-to-stablecoin swap—limits the profit a bot can extract. If the price moves beyond the tolerance, the transaction simply reverts.
• Private Transaction Routing: Tools like Flashbots Protect and MEV Blocker allow users to submit transactions through private relays that bypass the public mempool, hiding pending trades from MEV bots. By early 2025, private routing had grown to handle over 50% of all Ethereum transactions.
• Smaller Trade Sizes: Breaking a large swap into multiple smaller transactions reduces the per-trade price impact, making each individual swap less attractive to bots.
• MEV-Resistant DEXs: Protocols like CoW Swap and Balancer use batch auction or request-for-quote (RFQ) mechanisms that execute trades at a uniform clearing price, eliminating the transaction-ordering advantage that bots exploit. Each payment service implements its own approach to interoperability across liquidity sources.
• Deeper Liquidity Pools: Swapping in pools with high total value locked (TVL) reduces the price impact of any single trade, narrowing the window for sandwich extraction.

‍

Stablecoin Sandwiches vs. Lightning Network Settlement

The stablecoin sandwich is fundamentally an architecture problem—it exists because public mempools broadcast user intent and AMMs allow predictable price manipulation. The Lightning Network sidesteps both of these attack vectors entirely.

On Lightning, payments are routed through private, encrypted channels between counterparties. There is no public mempool to scan, no pending transaction to front-run, and no pool-based pricing mechanism to manipulate. A stablecoin transfer settled over Lightning—such as a payment routed through Lightspark Grid—moves directly from sender to recipient through a pre-established channel path. The value is locked and delivered atomically: either the entire payment completes or it does not. There is no intermediate state for a bot to exploit.

This architectural difference matters for businesses moving value at scale. A company disbursing $200,000 in stablecoin payouts across cross-border payments does not need to worry about losing funds to MEV when the settlement layer does not expose its transactions to adversarial ordering. Recipients can convert to local currency and deposit to a bank account without ever touching an AMM pool. Lightspark's Spark protocol enables stablecoins to be issued and transferred natively on Bitcoin's infrastructure, combining dollar-pegged stability with Lightning's MEV-immune settlement—delivering the benefits of stablecoin payments without the risks of AMM-based execution.