Build with AI – Add Flow’s knowledge base to Cursor and start building faster than ever. Learn more.
Ecosystem
April 11, 2025

MEV Bots Suck: Here's How to Avoid Them

By
Jared Krystyan
and
MEV Bots Suck: Here's How to Avoid Them

Maximal Extractable Value (MEV) has become a significant concern in the blockchain ecosystem, leading to unfair advantages for unscrupulous developers and substantial losses for regular users. Understanding MEV and its associated attacks is crucial for safeguarding your assets.​

Flow was built from the ground up to be gas efficient, scalable, fast, and safe for users. One of the most important features of Flow is that it is resilient to MEV attacks. This means that any developer building on Flow or anyone participating in DeFi activities on Flow can feel secure navigating the blockchain. 

What is MEV?

MEV refers to the maximum value that block producers, or third parties, can extract from transaction manipulation within a block, beyond standard block rewards and gas fees. This profit is achieved by reordering, including, or excluding transactions to their benefit. Such practices undermine the fairness and integrity of decentralized systems.

When a miner, validator, or sequencer completes their role in blockchain block production, they get to choose the order of transactions - or whether or not a given transaction is included at all. This authority is a necessary part of the mechanics that make blockchain work, but it can also be abused by block producers or manipulated by third parties.

How Do MEV Attacks Work?

A sandwich attack (which is nearly impossible on Flow) is a common MEV strategy where an attacker places two transactions around a victim's transaction. Here's a simplified breakdown:​

  1. Front-Running: The attacker observes a pending transaction containing a large buy order and inserts their own buy order before the victim's transaction, which drives the price up.  Block producers can simply order the transactions this way.  A third party can manipulate the system by offering a higher priority fee than the victim’s transaction or by paying a cut of the profit to a validator.

  2. Victim's Transaction: The victim's transaction executes at a higher price due to the attacker's preceding buy order, driving the price even higher.​

  3. Back-Running: The attacker then places a sell order to capitalize on the price increase caused by the victim's transaction.​ Once again, the block producer can dictate the sequence, or a third party attacker can offer a lower priority fee than the victim’s transaction.

All of this happens within a single block, as orchestrated by the attacker. This manipulative sequence allows the attacker to profit at the expense of the victim, who ends up with unfavorable trade terms.​

Notable MEV Attacks

April 10, 2025: Wayfinder Pauses Airdrop Due to MEV Attack

Users attempting to claim $PROMT from Kaito Yapping are reporting issues that MEV bots are stealing their airdrops.  Technical details are scarce the day of the incident, but it appears that the attackers exploited a contract vulnerability in which the airdrop contract does not verify that the sender of the transaction is the address allocated an airdrop.  MEV bots see the transaction to transfer the airdrop, and create a new transaction at higher priority to instead send that address's allocation to the attacker’s address.

March 12, 2025: Uniswap Stablecoin Swap Exploit

On March 12, 2025, a crypto trader attempted to swap $220,764 worth of USD Coin (USDC) for Tether (USDT) on Uniswap v3. An MEV bot executed a sandwich attack, resulting in the trader receiving only $5,271 USDT, effectively losing over $215,000. 

Source: https://cointelegraph.com/news/crypto-trader-loses-least-215000-stablecoins-from-sandwich-attack 

December 2024: Solana Validator Extracts $60 Million

In December 2024, a Solana validator identified as "Arsc" reportedly extracted over $60 million in profits within a month through sandwich attacks. Solana's high-throughput design and lack of transaction ordering constraints allow validators more flexibility in determining the sequence of transactions, which can open the door to MEV strategies. This design made it easier for the validator to reorder transactions in a way that hurt regular users.. This raised significant concerns about the centralization of MEV and its impact on Solana's decentralization. ​

Source: https://www.cryptonews.net/news/security/30213223/ 

Flow Blockchain: An MEV-Resilient Solution

While MEV attacks are prevalent in many blockchain networks, Flow removes the usual vulnerabilities, so anyone can explore DeFi comfortably. Flow's unique multi-role node architecture separates transaction selection, ordering, and execution, significantly reducing the potential for MEV extraction. ​

Key Features of Flow's MEV Resistance:

  1. Separation of Duties: Flow divides responsibilities among different node types—Collection Nodes select transactions, Consensus Nodes determine ordering, and Execution Nodes execute transactions, and verification nodes validate the results. This separation helps ensure no single entity can manipulate transactions for MEV because no one entity can see the transaction details and transaction sequence at the same time.​

  2. Strict Execution Rules: Execution Nodes must process transactions exactly as ordered by Consensus Nodes. Verification nodes independently validate the correctness of the order and results of the transactions and any deviation results in penalties, preventing manipulation.​

  3. Parallel Processing: Flow's pipelined execution model processes multiple blocks simultaneously, making it exceedingly difficult for attackers to predict and manipulate transaction outcomes.​
    By design, Flow ensures equitable access and minimizes the risks associated with MEV, providing a safer environment for users.​

How to Protect Yourself from MEV Attacks

Choosing MEV-resistant platforms like Flow is a proactive step, so here are a few Defi protocols on Flow that are MEV-resistant: 

  • Kittypunch - Flow’s EVM DEX where users can swap, stake, and yield farm. 
  • Ankr - Allows for Liquid Staking for Flow on EVM 
  • Increment Finance - Stake, lend, borrow, supply liquidity, & earn yields. All in one place.   
  • More Markets Earn elevated APYs with automated vaults on Flow. Access risk-managed lending, leverage onchain credit, and enjoy exclusive incentives.

While using Flow is the best way to avoid MEV attacks, there are also measures that can help safeguard against MEV when using other blockchains:

  • Set Appropriate Slippage Tolerance: Adjust slippage settings cautiously to limit the price difference you're willing to accept during a trade.​

  • Use Private Transactions: Utilize services that conceal your transactions from the public mempool, reducing the risk of front-running.​

  • Split Large Trades: Divide substantial trades into smaller transactions to make them less attractive targets for MEV bots.​

  • Stay Informed: Regularly update yourself on emerging threats and best practices within the DeFi space.​

By understanding MEV and employing strategic precautions, you can navigate the decentralized finance landscape more securely and confidently.

If you’re a developer interested in building a fast, scaleable, MEV resistant app with low gas fees. Head over to the developer portal to get started: https://developers.flow.com/ 

Related Content
Flow celebrates another #1 spot as the most built on L1 at ETHGlobal Taipei
Ecosystem
April 11, 2025
Flow celebrates another #1 spot as the most built on L1 at ETHGlobal Taipei
Following standout appearances at ETHGlobal events from San Francisco to Bangkok, Flow made a powerful mark at ETHGlobal Taipei, showcasing why it’s quickly becoming the Layer 1 of choice for Developers. From an amazing sunset cruise to strong hackathon participation, Flow continued its mission: empowering developers to create real-world consumer applications that scale.
MFL: Building the Future of Football Management on Flow
Ecosystem
April 8, 2025
MFL: Building the Future of Football Management on Flow
Fantasy football has always flirted with the idea of ownership and strategy — but few have delivered an actual living ecosystem where users own, manage, and grow digital clubs quite like Metaverse Football League (MFL).