Coins: 13,017
Exchanges: 963
Market Cap: $2.498T 2.0%
24h Vol: $128.934B
Gas: 50 GWEI
Go Ad-free

The Beginner's Guide to MEV

4.8 | by Khor Win Win

While the crypto space is fairly welcoming to newcomers, sometimes it can get a little challenging when more technical terms like MEV are constantly being thrown around. Often cited as a primary feature of blockchains, as opposed to a bug that needs to be fixed, MEV, or Maximal Extractable Value, refers to the maximum value that can be extracted from block production beyond the standard block rewards and transaction fees by including, excluding, and changing the order of transactions in a block. In other words, MEV is a means of obtaining additional value by analyzing and immediately taking advantage of other users’ transactions before they are finalized.

As pending transactions are queued in the network’s mempool, or assets become mispriced across various liquidity pools in DeFi, network participants known as ‘searchers’ lie in wait to capitalize on these movements through MEV transactions. True to their name, these searchers will run a variety of complex algorithms on the transaction data to detect profitable MEV opportunities and have automated MEV bots do the heavy lifting by rapidly submitting those profitable transactions to the network.

It is important to note that unlike wash trading, which is meant to generate false volumes in the DeFi and NFT space, MEV transactions are its antithesis, extracting additional real transaction volumes beyond conventional trading activity on decentralized networks in small yet meaningful ways. In this article, we will be jumping into the rabbit hole of the MEV industry, the various types of MEV transactions out there, how impactful these transactions can be, and how we can protect ourselves from malicious MEV attacks.


Types of MEVs

Before we get into the level of influence that MEV transactions have on any particular blockchain or network, it is important to recognize the various types of MEV techniques currently available. Some of the more common types of MEVs include arbitrage, sandwich attacks, liquidations, and just-in-time liquidity provision (JIT).

Broadly speaking, we can categorize these types of MEVs into two groups:

  • MEVs that require block space, such as arbitrages & liquidations.

  • MEVs that require timing, such as sandwich attacks and JIT. 

Most of the time, arbitrage and liquidations consist of a list of several actions, all performed simultaneously within a single transaction. These MEV techniques usually involve swapping assets between two or more liquidity pools. With DEX aggregators thrown into the mix, it becomes even more challenging to squeeze all the relevant token transfers into one transaction that fits on the network's block space.

On the other hand, JIT and sandwich attacks are performed over a series of separate transactions. However, they need to be executed within a set period of time to successfully complete the trade and capture a profit, adding a layer of difficulty in terms of timing the MEV opportunity. Although JIT and sandwich attacks similarly make use of multiple liquidity pools and protocols, the usage of numerous transactions is more integral to these types of MEVs.

Now that we've outlined the different kinds of MEV transactions, it's time to examine arbitrages, sandwich attacks, and liquidations in further detail. 



Much like how arbitrage is typically performed in the traditional markets, MEV transactions of this nature take advantage of the different asset prices across various liquidity markets to purchase tokens at a lower price and sell them at a higher price on different exchanges to generate a profit. Thanks to the explosive growth of various DEXs, aggregators, and cross-chain bridges, there are now more liquidity pools than ever before, giving rise to even more opportunities for MEV bots to take advantage of any price discrepancies that might occur.

As a result, arbitrage MEVs form an essential part of DeFi, ensuring that asset prices remain consistent across various exchanges and ecosystems, further improving the efficiency of the overall markets. To explain how an arbitrage transaction might look like, let’s dive into how arbitrage searchers take advantage of different token prices across a variety of exchanges.

As a basic example, let’s assume that a searcher, Alice, will undertake two transactions involving two tokens between two liquidity pools by utilizing the difference in pricing of the tokens. Let’s say she finds the exchange rate of USDC for WETH in a liquidity pool - called LP1 - on Uniswap V3 is 1,350:1, which means 1,350 USDC for 1 WETH. Meanwhile, the exchange rate of the same pair in another liquidity pool - called LP2 - on UniSwap v3 is 1,400:1, which means 1 WETH is equivalent to 1,400 USDC. 

Alice sees an arbitrage opportunity here: the price of WETH for USDC in LP2 is lower than in LP1. Here is what Alice can do:

  1. Alice sells 10 WETH in LP2 and receives 14,000 USDC. 

  2. Alice sells 14,000 USDC in LP1 and receives 10.37 WETH.

arbitrage MEV eigenphi Source: EigenPhi

Once the transactions have been completed, Alice will end up with 10.37 WETH, generating a gross profit of 0.37 ETH. However, Alice will also have to account for the transaction costs paid for performing the two transactions. Assuming that the total gas cost is 0.008 WETH, Alice will obtain a net profit of 0.362 ETH.

Next, let’s have a look at what a real-world transaction might look like.

arbitrage mev transaction etherscanSource: Etherscan

From the transaction above, we can tell that the searcher swapped USDC and WETH between 2 different liquidity pools on Uniswap V3 liquidity pools and acquired 1,104 USDC in gross profit. The cost of performing this single arbitrage transaction is 0.063 WETH (~$92). Ultimately, the searcher profited $1,012. You can visit this arbitrage’s page on EigenPhi to get a clearer Profit & Loss analysis and explore its token flow as below. 

eigenphi arbitrage transaction flow

It is important to note that arbitrage transactions are usually more complex than the examples above. Searchers tend to swap more than 2 tokens among 3 different avenues, which requires them to be informed of various price movements across a vast selection of liquidity pools.

In the world of Web3, arbitrage opportunities are not limited to just tokens but also from digital assets such as NFTs.  A searcher flipped an Otherdeed NFT for a profit of $1.6K. In another transaction, the searcher traded the ENS “collectbtc.eth” and made a profit of $11K, more than 10 times their initial cost of $1K.


Sandwich Attack

A sandwich attack, also known as front-running, involves ‘sandwiching’ the victim's transactions between two transactions initiated by the searchers/attackers, whose reordering of the transactions instantly inflicts an implicit loss on the affected user and possibly benefits the attackers. These types of attacks are nothing new, as the same methodologies are frequently applied in the world of high-frequency trading (HFT) in the traditional financial markets.

The beginning of a sandwich attack occurs in a network’s mempool, the waiting area for the transactions that have yet to be confirmed and added into a block by the block's miner or builder. In the event that a user sets a high slippage tolerance for the transaction, the searcher could take advantage of the opportunity by

  • Setting higher gas fees and incentives for the block builder/miner to accept the searcher’s transaction first before the victim’s.

  • Then, the searcher would send another transaction with equal or lower gas fees to ensure the second transaction is accepted later by the builder/miner than the victim’s, thus sandwiching the user’s transaction.

But, how exactly does the attacker generate profits from this process? Here is an example:

  1. In a Uniswap liquidity pool, Bob is a retail investor who wants to trade 10 WETH for USDC. His transaction has been sent to the mempool, making him the victim of a sandwich trade. The transaction is marked as ①  in the figure below. Bob is eager to swap his WETH because he wants to use the USDC for other immediate purposes. Therefore, he is willing to set the maximum slippage as 6%, which means that he is willing to execute the trade even if the price of WETH moves within 6%.

  2. Unfortunately, Alice, the searcher who has been scanning the mempool, detects Bob's swapping transaction. 

  3. Alice makes a transaction of selling 65 WETH and sends it to the mempool. In the end, she receives 87,750 USDC at the exchange rate of 1 WETH for 1,350 USDC. The block's builder/miner accepts this swap transaction first because Alice had paid higher gas fees or provided higher incentives. The trade causes the exchange rate to change to 1 WETH for 1,280 USDC. This transaction and the second transaction Alice sent after Bob's are marked as ② in the figure below. 

  4. Bob's transaction goes through the mempool and is added to the block, causing him to sell 10 WETH for 12,800 USDC, but he should have been able to get 13,500 USDC. The DEX allows the trade to be executed because he has set the slippage at 6% beforehand. 

  5. Alice's second transaction to purchase WETH using 87,750 USDC passes through the mempool and is added to the block, allowing her to receive 67.5 WETH. The trading venue’s market-making mechanism calculated this price, which is higher than the original price of USDC against WETH.

  6. All three transactions are marked as ③ in the figure below, which shows the order the miner/builder accepts them.

sandwich attack mev eigenphi Source: EigenPhi

Once all the transactions are finalized, we can see that Alice generated an additional 2.5 WETH. Assuming that the gas fees and miner/builder incentives to reorder her transactions amount to 1.2 WETH, she would have made a net profit of 1.3 WETH. Meanwhile, Bob suffered a 700 USDC loss, as he could have gotten up to 700 USDC more if he had set the slippage at close to zero. As such, we can see why sandwich MEV transactions can be devastating to unsuspecting users, especially for large transactions.

Although it can be difficult to determine whether a transaction is part of a sandwich attack on Etherscan, tools like EigenPhi, Nansen, and Zeromev can help you identify them. EigenPhi’s Sandwich module provides an intuitive way to explore a sandwich’s Profit & Loss and its token flow chart. 

eigenphi sandwich attack transaction token flow

The key to executing a successful sandwich attack is to get the miner/builder to accept the reordered transactions. In the past, searchers used to guess how much gas fees they needed to pay to the miners/builders to guarantee that their transactions were still accepted while maintaining profitability. As such, searchers were forced to try and outdo one another, resulting in high gas prices, network congestion, and artificially scarce block space. 

These days, tools such as Flashbots Auctions have been designed to create a permissionless, transparent, and fair ecosystem for efficient MEV extraction, where searchers can submit their transaction bundles via a private auction mechanism. Yet, there are some concerns that the auction mechanism has increased centralization around builders and validators. 



For many crypto firms that have gone bust, such as Celsius, 3AC, and FTX, liquidations are an inevitable part of the bankruptcy proceedings, meant to protect creditors and allow them to retrieve any remaining funds that may otherwise be lost. However, the entire process could take months or even years, and most reclaimed assets will eventually end up with lawyers, leaving just a small share to the original debtees.

On the contrary, liquidations in DeFi can happen almost instantaneously. As the crypto markets continued to slide downwards in June 2022, 3AC was liquidated at $400 million without being interrupted by any attorneys. 

The lightning speed of DeFi’s liquidations comes from the smart contracts of lending protocols such as Aave and Compound, which are executed automatically once the conditions for liquidation are met. Moreover, MEV searchers, who act as the liquidators, are incentivized to trigger these liquidations, allowing them to obtain the borrower’s collateral at a discounted price, along with additional rewards, which are taken from the borrower as a penalty.

Searchers often compete in analyzing blockchain data quickly to identify borrowers that are eligible to be liquidated to rapidly submit a liquidation transaction and earn the additional incentives before the others. During periods of increased market volatility, it is not uncommon to see these fees being driven up even higher, further incentivizing liquidators to perform their tasks quickly. While it may seem unfortunate for the borrowers, liquidations are necessary to maintain the overall health of the lending platform, minimizing the possibility of incurring bad debt. 

Below is a simplified example of a liquidation process in DeFi:

  1. Bob deposits 10 ETH to a lending protocol and borrows 6 ETH worth of USDC.

  2. The protocol uses a figure known as Health Factor to represent Bob’s loan-to-collateral ratio. If it is > 1,  it indicates that Bob’s loan is healthy, meaning there is little possibility of becoming bad debt. 

  3. The market’s volatility has caused Bob’s Health Factor to drop below 1, which makes his loan open for liquidation. 

  4. As an avid liquidator, Alice has been monitoring the liquidation opportunities on the protocol. She sees the chance and decides to repay Bob's debt and collect the extra 5% reward in ETH. 

  5. The protocol’s rule for liquidators is that one liquidator can only repay up to 50% of one borrower’s borrowed amount. So Alice repays the USDC debt, worth 3 ETH. 

  6. In return, Alice collects 3 + 0.15 ETH as revenue for repaying 50% of the USDC debt. 

  7. If the markets continue to be volatile, the amount of USDC used to repay the debt is now higher compared to the price of ETH when the liquidation was processed, Alice may incur an unrealized loss. To lock in her profits, she immediately sells 3 ETH back into USDC.

  8. In the end, Alice’s profit from this liquidation is 3.15 ETH - the current worth of the USDC in ETH - gas fee - liquidation fees for the protocol. 

Again, this is a much-simplified version of liquidation. An actual liquidation can be very complicated. There are about 200 lending protocols for the moment, each of which has its own set of parameters and risk-managing approach, resulting in increased complexity and higher risk for the liquidators. 

This can be seen from the token flow of a real-life liquidation, performed by a specially-made liquidation smart contract, as shown below.

aave liquidation mev eigenphi

It goes step by step like this: 

  1. Step 0: Aave’s smart contract writes off the CRV debt of the borrower. 

  2. Step 1: The smart contract transfers the collateralized amount of 5288 USDC to the liquidator.

  3. Step 2: The receipt of the collateralized USDC is then burnt, indicating that the collateral has been released.

  4. Step 3: The liquidator repays the CRV debt of the borrower to Aave. 

Note that since all the actions are carried out in a single transaction, the transaction can be executed without any errors since all of the relevant actions occur simultaneously. That’s why the liquidator receives the USDC in Step 1 first, even though it seems as if the liquidator had not repaid the loan until Step 3. 

Ultimately, the liquidator receives an additional $128.50 worth of USDC. After deducting gas costs and tips to block builders or miners totaling $18.70, the transaction generated a net profit of $109.80.

While lending protocols have continued to proliferate across DeFi, providing opportunities for more liquidators to become involved, the competition is incredibly ruthless. As time goes by, liquidation MEVs have become more and more centralized, with the top 3 liquidators accounting for 87% of total liquidation volumes among the top 10 liquidators. 


Just-in-time Liquidity Provision (JIT)

A relatively new type of MEV that has become increasingly popular is just-in-time liquidity provision, abbreviated as JIT. Similar to how sandwich attackers operate,  JIT searchers will monitor a network’s mempool for any incoming trades across various liquidity pools. When they detect a large pending transaction, the MEV bots will add liquidity to the targeted pool ‘just-in-time’ before the swap is confirmed. This way, the searcher can obtain a significant share of the trading fees and then quickly remove their liquidity immediately after that. With Uniswap V3's new concentrated liquidity feature, JIT bots play the role of highly active liquidity providers that extract additional swap fees away from other passive liquidity providers.

Similar to sandwich attacks, JIT requires several transactions to obtain a profit. However, unlike sandwich MEVs, JIT transactions actually benefit DEX users by providing larger amounts of liquidity, thereby lowering the slippage and providing better prices for traders.

Let’s look at a simple example

The image below shows the first three transactions of block 13601096. 

transaction 1 jit liquidity mevSource: Etherscan

In the first transaction, the searcher added dual-sided WETH and USDC liquidity to the Uniswap V3:USDC pool.

transaction 2 jit liquidity mev Source: Etherscan

In the next transaction, a large-volume trader swaps 1.9M USDC for 409 WETH in the pool.

transaction 3 jit liquidity mev Source: Etherscan

In the final transaction, the searcher then removes their liquidity from the Uniswap V3:USDC pool.

transaction 4 jit liquidity mev Source: Etherscan

By adding liquidity before the large transaction and removing it right after, the searcher managed to earn 5309 USDC in trading fees.

In terms of  MEV revenues on Uniswap V3, JIT searchers are making far less compared to arbitrageurs and sandwich attackers, which makes sense, given that this MEV technique is still in its infancy. 


Insights and Impacts from MEV

Now that we’ve covered some of the common types of MEVs in crypto, you might be wondering just how big the MEV industry really is. Since the beginning of DeFi summer back in 2020, all the way to the NFT season of 2021, the MEV space has grown by leaps and bounds, with billions of dollars worth of MEV transactions happening daily. On Ethereum alone, the numbers below truly highlight the significance of MEV on the network. 

According to DeFiLlama, total trading volume across DEXs on Ethereum amounted to $664.83B in 2022, with EigenPhi recording $350.9B in arbitrage and sandwich transactions in the past year. MEV transactions made up 53% of total volumes across Ethereum-based DEXs. Unfortunately, sandwich attacks made up the majority of MEV volume, transacting over $309.9B in 2022 (88%).

In 2022, 173,283 crypto users lost $129.9M to 457 searchers via 599,023 sandwiches. On average, each user lost approximately $750 to sandwich attacks. Yet, not all of this lost revenue is redirected back to the searchers. In fact, a large part of their income goes to miners (before The Merge) or block builders and validators (after the merge) as incentives for accepting the sandwich transactions. 

As to where these MEV searchers tend to operate, we can see that MEV activity thrived on the most popular DEXs on Ethereum, such as Uniswap and Curve. According to the most popular dashboard on Dune about Uniswap V3 MEV activity, the average daily percentage MEV volume, including arbitrages and sandwiches, reached 43.40% as of Jan 10, 2023. 

Dune Analytics daily mev volume uniswap v3Source: Dune Analytics

On Uniswap V3 alone, over $236B worth of sandwich transactions were completed, with the top 3 most targetted pools being the Diamond Heart DAO pool, the WETH:USDC pool, and the USDC:USDT pool. Unsurprisingly, the leading decentralized exchange on Ethereum has also proven to be the most popular destination for arbitrageurs, with over $19B transacted.

EigenPhi has also done detailed research on the impact of MEV on Curve, commissioned by the protocol itself. The report shows that, from Jun 1 to Oct 31, 2022, 

“The MEV volume crossed 20% of the total volume on most days. And there are some single days when the MEV volume is roaring to dominate the total volume”

Although Curve has seen much lower sandwich volumes compared to Uniswap, it has become the second most targeted protocol by MEV arbitrageurs. Curve’s multi-asset liquidity pools, such as the 3pool and Tricrypto pool, saw the most action, recording $2B and $1.7B in arbitrage volumes, respectively.


How to Prevent Bad MEVs?

After walking through these different MEVs and taking a glimpse into the numbers, it’s clear that bad MEVs, primarily sandwich attacks, have significantly impacted users in the crypto space. As such, it should be no surprise that crypto natives would want some level of protection against these attacks, lest they become other unwilling victims. According to the paper, SoK: MEV Countermeasures: Theory and Practice, there are four major categories of MEV countermeasures: 

  1. MEV auctions
    Platforms like Flashbots and Eden Network are designed to make MEVs more efficient, decentralized, and transparent. These platforms intend to minimize negative externalities by providing a first-price sealed-bid auction mechanism between searchers and miners to improve the ease and efficiency of MEV extraction. They also provide private channels and RPC endpoints, such as Flashbots Protect or the Eden Network RPC, to help users protect themselves from being discovered by sandwich chefs monitoring the public mempool.
  2. Time-based ordering
    It requires the majority of blockchain nodes to respect the chronological order of transactions, minimizing the risk of re-ordered transactions. Networks such as Hedera use time-based ordering, while widgets, such as Wendy, can be plugged into other blockchains to enable this feature for certain transactions.
  3. Content-agnostic ordering
    In content-agnostic ordering, the order of transactions is determined independently of transaction content. Projects such as Shutter Network helps to mask your transaction data while ensuring that they will still be verified by the network. This way, searchers won’t be able to see the tokens and trading amount except for specific metadata. 
  4. MEV-aware application design
    For applications that are highly involved in MEV, such as DEXs, it’s possible to implement some design to mitigate the effects of MEV. Protocols such as CoW Swap are already offering these services by introducing a trade-matching system and using batched auctions to counter transaction re-ordering.

Each category is not a one-size-fits-all solution, and they come with their own pros and cons. While we highly recommend exploring all the possible alternatives that are already available, it is always important to take the necessary precautions before interacting with these. platforms. Doing your own research and only testing with funds you are willing to lose will go a long way in protecting yourself in the permissionless world of crypto.



While MEV transactions may seem somewhat unethical, not all of them are equal, and some benefits come as a result of MEV searchers operating on the open market. MEV technology is constantly under scrutiny, and for some, the power of MEVs on a network that is decentralized and permissionless by nature may be a cause for concern. 

Some types of MEVs, like arbitrages, help increase market efficiency by ensuring asset prices are balanced between the multitude of markets in DeFi. At the same time, JITs serve to minimize slippage and promote better pricing for large-volume traders by increasing liquidity. On the other hand, sandwich MEVs can be detrimental to unsuspecting users, making them pay higher prices for a particular asset or receive back less than what they wanted. 

Regardless of the techniques used, the exponential growth of the crypto space will ensure that the MEV industry will continue to remain relevant in the near future. Subsequently, the crypto community should aim to curb destructive behavior from malicious MEVs by enhancing transparency and increasing awareness and knowledge about the importance of MEVs in DeFi, NFTs, and various other ecosystems.


This article was written in collaboration with EigenPhi, the leading on-chain data analysis research platform. You can follow them on Twitter here and check out more of their research here. You can also contact the team through

Tell us how much you like this article!
Vote count: 4
Khor Win Win
Khor Win Win

Win Win is an avid gamer, interested in navigating the vast world of NFTs and the cryptoverse. Follow the author on Twitter @0x5uff3r

More Articles

Continue in app
Track prices in real-time
Open App
Select Currency
Suggested Currencies
US Dollar
Indonesian Rupiah
New Taiwan Dollar
South Korean Won
Japanese Yen
Russian Ruble
Chinese Yuan
Fiat Currencies
United Arab Emirates Dirham
Argentine Peso
Australian Dollar
Bangladeshi Taka
Bahraini Dinar
Bermudian Dollar
Brazil Real
Canadian Dollar
Swiss Franc
Chilean Peso
Czech Koruna
Danish Krone
British Pound Sterling
Georgian Lari
Hong Kong Dollar
Hungarian Forint
Israeli New Shekel
Indian Rupee
Kuwaiti Dinar
Sri Lankan Rupee
Burmese Kyat
Mexican Peso
Malaysian Ringgit
Nigerian Naira
Norwegian Krone
New Zealand Dollar
Philippine Peso
Pakistani Rupee
Polish Zloty
Saudi Riyal
Swedish Krona
Singapore Dollar
Thai Baht
Turkish Lira
Ukrainian hryvnia
Venezuelan bolívar fuerte
Vietnamese đồng
South African Rand
IMF Special Drawing Rights
Bitcoin Cash
Binance Coin
Bitcoin Units
Silver - Troy Ounce
Gold - Troy Ounce
Select Language
Popular Languages
język polski
Tiếng việt
All Languages
suomen kieli
Magyar nyelv
Bahasa Indonesia
lietuvių kalba
Limba română
slovenský jazyk
slovenski jezik
украї́нська мо́ва
Login to track your favorite coin easily 🚀
By continuing, you agree to CoinGecko Terms of Service and acknowledge you’ve read our Privacy Policy
Forgot your password?
Didn't receive confirmation instructions?
Resend confirmation instructions
IT'S FREE! Track your favorite coin easily with CoinGecko 🚀
By continuing, you agree to CoinGecko Terms of Service and acknowledge you’ve read our Privacy Policy
Password must contain at least 8 characters including 1 uppercase letter, 1 lowercase letter, 1 number, and 1 special character
Didn't receive confirmation instructions?
Resend confirmation instructions
Forgot your password?
You will receive an email with instructions on how to reset your password in a few minutes.
Resend confirmation instructions
You will receive an email with instructions for how to confirm your email address in a few minutes.
Get the CoinGecko app.
Scan this QR code to download the app now App QR Code Or check it out in the app stores