How to Serve Your Sandwich? MEV Attacks in Private L2 Mempools

TL;DR

This paper analyzes the feasibility and profitability of sandwich attacks on Ethereum rollups with private mempools, finding that such attacks are rare and often unprofitable, contrasting with their prevalence on Ethereum L1.

Contribution

It extends formal models of MEV attacks to private L2 environments and provides empirical analysis showing reduced attack viability in these settings.

Findings

Sandwich attacks are less frequent in private mempool rollups.

Most detected sandwich patterns are false positives.

Median net return for attacks is negative in rollups.

Abstract

We study the feasibility, profitability, and prevalence of sandwich attacks on Ethereum rollups with private mempools. First, we extend a formal model of optimal front- and back-run sizing, relating attack profitability to victim trade volume, liquidity depth, and slippage bounds. We complement it with an execution-feasibility model that quantifies co-inclusion constraints under private mempools. Second, we examine execution constraints in the absence of builder markets: without guaranteed atomic inclusion, attackers must rely on sequencer ordering, redundant submissions, and priority fee placement, which renders sandwiching probabilistic rather than deterministic. Third, using transaction-level data from major rollups, we show that naive heuristics overstate sandwich activity. We find that the majority of flagged patterns are false positives and that the median net return for these attacks is negative. Our results suggest that sandwiching, while endemic and profitable on Ethereum L1, is rare, unprofitable, and largely absent in rollups with private mempools. These findings challenge prevailing assumptions, refine measurement of MEV in L2s, and inform the design of sequencing policies.