The 1inch RabbitHole: protection from sandwich attacks

The 1inch RabbitHole feature will protect MetaMask users from sandwich attacks, one of the most common ways of extracting MEV in DeFi.

The 1inch Network is thrilled to introduce the 1inch RabbitHole, a brand new feature that aims to protect MetaMask users swapping on 1inch from sandwich attacks — the most common type of front-running.

Sandwich attacks explained

When making swaps on decentralized exchanges, users can potentially become victims of a so-called “sandwich attack,” a way of getting maximal extractable value (MEV). Although technically not illegal, sandwich attacks are still a type of manipulating crypto prices by taking advantage of decentralized exchanges’ underlying tech. And a sandwich attack could lead to significant losses for a user.

To run sandwich attacks, specifically created bots are used that scan decentralized exchanges’ memory pools (mempools) where transactions are waiting to be processed. If a bot detects a large pending swap trade, it initiates two transactions: one before the trade and the other one after the trade, basically “sandwiching” the victim’s trade. To get the first transaction directly before the victim’s trade, extra gas fees are paid.

Say, a user wants to buy 1,000 X tokens for 20 Y tokens with a 1% slippage tolerance — meaning that the minimum amount of X tokens they agree to receive is 1,000–1% = 990.

A sandwich bot detects the trade and places a buy transaction for Y directly before the victim’s trade and a sell transaction for Y directly after the victim’s trade. Subsequently, three transactions are executed.

• Transaction 1: the bot executes the buy transaction, and the high purchase of asset Y pumps its price.
• Transaction 2: the victim buys Y at a higher price than originally expected, and the large trade pumps Y’s price even higher.
• Transaction 3: the bot sells Y, pocketing the price difference.

As a result, the user loses their 1% entirely.

The very first sandwich attack is believed to be carried out on Bancor on February 27, 2018:

• Position In Block: 28
• Position In Block: 29
• Position In Block: 30

Since then, users have lost substantial funds due to sandwich attacks, which hit roughly 4% of all swap transactions. In 2022 so far, estimated losses have amounted to the equivalent of at least $800 mln.

The 1inch RabbitHole: a shield from sandwich attacks

The 1inch RabitHole is a feature that solves the problem of sandwich attacks by sending swap transactions on 1inch directly to validators and avoiding putting them to the mempool where sandwich bots can attack them.

To achieve that, the RabbitHole aggregates providers, such as Flashbots, BloXroute, Eden and Manifold, that enable sending swap transactions directly to validators.

The RabbitHole will specifically benefit MetaMask users, as, while some crypto wallets (including the 1inch Wallet, Ledger and Trezor) are capable of creating and signing a transaction, but not broadcasting it immediately, MetaMask is not.

The RabbitHole is designed as a proxy, connecting 1inch users’ MetaMask wallets and Ethereum validators. Its unique algorithm will check swap transactions on 1inch for the threat of a sandwich attack, and, if such a threat is detected, the transaction will be sent directly to validators, using one of the aggregated providers.

For a testing period, the RabbitHole will be free to use. Upon receiving feedback from the community, a decision will be made regarding payment options for the RabbitHole. One possible option could be staking a certain amount of 1INCH tokens.

A step-by-step guide on using the 1inch RabbitHole is available in the Help Center.

Stay tuned for more 1inch Network’s news and updates!