MEV explained: maximal extractable value and how it affects every DeFi user

Every time you swap tokens on a DEX, your pending transaction sits in the public mempool — visible to everyone — for several seconds before it's included in a block. During that window, sophisticated bots race to exploit your trade. This practice, broadly known as MEV (Maximal Extractable Value), extracted over $1.4 billion from Ethereum users in 2025 alone. Understanding it is the first step to protecting yourself.

What is the mempool?

When you sign a transaction, it's broadcast to the network's mempool (memory pool) — a waiting room for unconfirmed transactions. Every full node on the network can see these pending transactions. Validators (miners in the old PoW world) pick transactions to include in the next block. Normally, they prioritize by gas fee (the tip you pay). But there's an additional opportunity: by reordering transactions strategically, the block producer can extract additional profit.

Sandwich attacks: the most common MEV attack

Imagine you submit a Uniswap transaction to buy $10,000 of ETH. The bot sees this in the mempool. It immediately submits two transactions: (1) a buy order just before yours, paying a higher gas fee to cut in line, which pushes the ETH price up slightly; and (2) a sell order just after yours. Your trade executes at the artificially elevated price. The bot sells into your buy and pockets the spread — often $10–$200 per attack on large trades. With slippage tolerance set to 1%, the bot can extract up to 1% of your entire trade size.

This is called a "sandwich attack" because your transaction is sandwiched between the bot's buy and sell. It's entirely automated — bots monitor thousands of pending transactions per second, executing these attacks on any trade large enough to be profitable after gas costs.

Developer analyzing smart contract code on laptop — MEV bots are sophisticated programs that simulate pending transactions, calculate profit opportunities, and submit competing transactions — all within the same block's ~12-second window.

Arbitrage MEV: the "good" kind

Not all MEV is harmful to users. DEX arbitrage — where bots notice that ETH is $2,100 on Uniswap but $2,105 on SushiSwap, and trade to equalize the price — is a net positive for the market. These arbitrageurs keep prices in sync across liquidity pools, reducing the spread you face when trading. This type of MEV is estimated to account for roughly 40% of total MEV by value.

Liquidation MEV

On lending protocols like Aave, positions fall below their collateral threshold during sharp price drops and become eligible for liquidation. MEV bots compete to be the first to liquidate these positions, collecting the liquidation bonus (typically 5–10% of the position). During the May 2022 crash, over $600M in positions were liquidated in 24 hours — the majority captured by MEV bots rather than regular users who would have earned the same bonus manually.

Flashbots and MEV-Boost: how the ecosystem responded

Flashbots is a research organization that built infrastructure to "democratize" MEV — making it more transparent and less chaotic. MEV-Boost separates block building from block proposal: specialized "block builders" compete to construct the most profitable block (including MEV opportunities), then sell those blocks to validators. Today, 94% of Ethereum validators use MEV-Boost, meaning nearly all blocks are built with MEV extraction in mind.

Types of MEV and how to protect against each

MEV type	Impact on users	Size	Protection
Sandwich attack	Direct financial loss on swaps	~$2M/day	Flashbots Protect, CoW Protocol
DEX arbitrage	Neutral/positive (tighter spreads)	Large	No protection needed
Liquidation	Neutral (unavoidable by design)	Medium	Maintain healthy collateral ratio
Long-tail MEV	Unpredictable transaction ordering	Small	Private mempool RPCs

How to protect yourself from sandwich attacks

1. Use Flashbots Protect RPC: Add https://rpc.flashbots.net as a custom RPC endpoint in MetaMask. Transactions sent here go directly to block builders privately — never exposed to the public mempool. This eliminates sandwich attack risk for ~98% of users.
2. Use CoW Protocol (formerly Gnosis Protocol): CoW Protocol uses a batch auction mechanism where all orders in a batch trade at the same clearing price, making front-running structurally impossible.
3. Set low slippage tolerance: Reducing slippage from 1% to 0.1% makes sandwich attacks unprofitable on most trades — at the cost of more failed transactions during volatile periods.
4. Trade on-chain DEXs with private orderbooks: Platforms like Hashflow or 1inch's Fusion mode use a request-for-quote system that bypasses the public mempool entirely.