Solana sandwich attacks ‘way down’: Anza’s Max Resnick

Data shows frontrunning has declined on the network compared to last year

article-image

wanderlustun and r4films/Shutterstock and Adobe modified by Blockworks

share

This is a segment from the Lightspeed newsletter. To read full editions, subscribe.


When Anza’s lead economist Max Resnick came on Lightspeed recently, I asked him a question that frequently gets brought up in conversations about Solana’s economics: What should be done about the sandwich attack problem?

His answer surprised me. “The sandwiching rate [is] way down,” Resnick said. 

Solana’s speed makes it an ideal venue for timing games at the expense of unsophisticated users. A sandwich attack happens when a toxic market participant both frontruns and backruns a trade to profit at the expense of the trader.

Sandwiching has historically been a big concern for Solana and its developers. In early 2024, Solana infrastructure shop Jito shut down its mempool over sandwiching concerns. A couple months later, the Solana Foundation cut suspected sandwichers from its stake delegation program. Jito’s DAO also voted to blacklist malicious validators from its stake pool. 

None of these fixes turned out to be panaceas, however, and the sandwich attacks continued

But the story Resnick tells is that sandwich attacking was blunted not by blacklisting bad actors — who may be able to re-emerge with a different online identity — but by improving Solana’s code.

Basically, sandwich attacks are numbers games for the attackers.

In 2024, when landing transactions on Solana was much more difficult, transactions were sprayed widely to validators in hopes of getting user transactions to the blockchain. This meant toxic validators saw a lot of transactions and had more chances to frontrun them. As Solana’s transaction “targeting” has improved, fewer validators see each transaction on average, so sandwichers have fewer opportunities to mess with transactions, Resnick said.

Now, “a 10% stake that’s sandwiching is able to see only 10% of the transactions, which is what it should be,” Resnick added.

The data seems to bear this point out as well. A report from sandwich attack tracker Ghost shows Solana sandwichers profited less in March and April of this year than in the same months last year — despite the fact that the chain’s REV was roughly the same during both periods.

Ghost’s report also said Solana stake pool provider Marinade had become the primary staking source for sandwichers. In response, Marinade has begun penalizing sandwich attackers using its stake auction marketplace.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Unlocked by Template (11).png

Research

Union’s technical design brings measured improvements to crosschain interoperability. By combining a consensus-verified hub with novel constructs like state lenses and ZK proofs for client updates, Union achieves an interoperability protocol that is highly performant, trust-minimized, and scalable.

article-image

Singapore’s largest bank is issuing crypto-linked structured notes on Ethereum, but the tokens will remain permissioned

article-image

Jupiter borrows Fluid’s innovative risk engine

article-image

Exchange says all validators now run in distributed clusters, boosting decentralization and fault tolerance

article-image

Retail FOMO is back, with CEX onboarding and search terms up

article-image

The stablecoin payments processor previously raised from the likes of a16z Crypto and Archetype