Sandwiched and Silent: Behavioral Adaptation and Private Channel Exploitation in Ethereum MEV

TL;DR

This paper empirically investigates user behavioral changes after sandwich attacks in Ethereum, revealing significant migration to private routing, concentration of attacks, and ongoing vulnerabilities despite private channels.

Contribution

It provides the first detailed empirical analysis of user adaptation and private channel exploitation in Ethereum MEV, with new insights into attack patterns and user responses.

Findings

40% of victims migrate to private routing within 60 days

Private sandwich attacks caused over $700,000 in losses and profits

Private routing does not fully prevent MEV exploitation

Abstract

How users adapt after being sandwiched remains unclear; this paper provides an empirical quantification. Using transaction level data from November 2024 to February 2025, enriched with mempool visibility and ZeroMEV labels, we track user outcomes after their n-th public sandwich: (i) reactivation, i.e., the resumption of on-chain activity within a 60-day window, and (ii) first-time adoption of private routing. We refer to users who do not reactivate within this window as churned, and to users experiencing multiple attacks (n>1) as undergoing repeated exposure. Our analysis reveals measurable behavioral adaptation: around 40% of victims migrate to private routing within 60 days, rising to 54% with repeated exposures. Churn peaks at 7.5% after the first sandwich but declines to 1-2%, consistent with survivor bias. In Nov-Dec 2024 we confirm 2,932 private sandwich attacks affecting 3,126 private victim transactions, producing \$409,236 in losses and \$293,786 in attacker profits. A single bot accounts for nearly two-thirds of private frontruns, and private sandwich activity is heavily concentrated on a small set of DEX pools. These results highlight that private routing does not guarantee protection from MEV extraction: while execution failures push users toward private channels, these remain exploitable and highly concentrated, demanding continuous monitoring and protocol-level defenses.