Case Study 2: The Jaredfromsubway.eth Saga — $34 Million Profit from Sandwich Attacks

The Most Profitable Predator in DeFi

In April 2023, on-chain analysts began tracking an Ethereum address that was executing sandwich attacks at an unprecedented scale. The address, labeled "jaredfromsubway.eth" (a dark joke referencing Jared Fogle, the former Subway spokesperson convicted of sex crimes — the name itself was provocative trolling), was spending millions of dollars per day on gas fees and extracting even more from DEX traders.

Within its first two months of operation, the bot had spent over $90 million in gas fees and generated over $34 million in net profit — making it one of the single most profitable entities in the Ethereum ecosystem during that period. On some days, jaredfromsubway.eth was the single largest gas consumer on Ethereum, accounting for over 7% of all gas used on the entire network.

This case study examines how the bot operated, what it reveals about DEX design, and why the community's reaction was so conflicted.

The Mechanics: How Jaredfromsubway.eth Operated

Detection

The bot continuously monitored Ethereum's public mempool — the set of pending transactions waiting to be included in a block. It filtered for swap transactions on major DEXs (primarily Uniswap V2 and V3, SushiSwap, and other AMMs) and analyzed each pending swap to determine:

  1. The token pair being traded.
  2. The swap amount (how large is the trade?).
  3. The slippage tolerance (how much price movement will the victim accept?).
  4. The pool liquidity (how much will this trade move the price?).

For each potential target, the bot calculated the expected profit from a sandwich: the revenue from buying before and selling after the victim's trade, minus the gas cost of the front-run and back-run transactions and the priority fee needed to ensure correct transaction ordering.

Execution

When a profitable opportunity was identified, the bot constructed a bundle of three transactions:

  1. Front-run: Buy the target token on the same pool, pushing the price up.
  2. Victim's trade: The original swap, now executing at a worse price.
  3. Back-run: Sell the tokens acquired in step 1 at the price inflated by the victim's trade.

The bundle was submitted to MEV-aware block builders (primarily through Flashbots and similar infrastructure) with a priority fee calibrated to ensure the bundle was included in the correct order. The builder would include the bundle only if it was profitable for the builder as well (builders receive a share of the MEV as a priority fee).

Scale and Optimization

What distinguished jaredfromsubway.eth from thousands of other sandwich bots was its operational sophistication:

Custom smart contracts. The bot used highly optimized smart contracts written in assembly-level Solidity (and reportedly Yul or even raw bytecode) to minimize gas consumption per transaction. Lower gas costs meant lower break-even thresholds, allowing the bot to profitably attack smaller trades that other bots would skip.

Massive volume. The bot did not cherry-pick only large, highly profitable attacks. Instead, it operated as a high-frequency, low-margin operation — attacking thousands of transactions per day with average profits of a few hundred dollars each. The sheer volume of attacks generated enormous aggregate profit.

Multi-pool awareness. The bot could construct attacks across multiple pools and multiple DEX protocols, identifying the optimal execution path for both the front-run and back-run legs of the sandwich.

Dynamic gas bidding. The bot adjusted its gas bids in real-time based on competition from other searchers, network congestion, and expected profitability. On highly competitive attacks (where multiple bots were competing to sandwich the same victim), it would bid up to the point where the attack was barely profitable, effectively engaging in a Bertrand competition that drove most profit to the block builder.

The Numbers

Detailed on-chain analysis by firms including EigenPhi, Flashbots, and independent researchers produced the following estimates for the bot's first year of active operation:

Metric Estimate
Total gas spent $90+ million
Total revenue from sandwiches $124+ million
Net profit $34+ million
Average daily attacks 2,000-4,000
Average profit per attack $50-$500
Peak daily gas consumption 7%+ of Ethereum total
Total victim losses Estimated $100-150 million

The discrepancy between the bot's net profit ($34M) and estimated victim losses ($100-150M) reflects that a significant portion of the extracted value went to block builders and validators as priority fees, and to the Ethereum network as gas (which was partially burned under EIP-1559).

The Victim Perspective

Who Was Affected?

Sandwich attacks disproportionately affected:

  1. Retail traders using default slippage settings. Most DEX frontends default to 0.5% or 1% slippage tolerance. A trader swapping $10,000 with 1% slippage tolerance could lose up to $100 to a sandwich — small enough that many users never noticed.

  2. Large "whale" trades where the absolute dollar value of extractable MEV was highest. A $500,000 swap with 0.5% slippage could yield $2,500 in MEV — well worth the gas cost for the attacker.

  3. Traders of low-liquidity tokens where even moderate trade sizes caused significant price impact, creating wide sandwiching opportunities.

  4. Users of frontends without MEV protection. Traders using the default Uniswap frontend without Flashbots Protect, MEV Blocker, or similar private transaction services were fully exposed.

A Concrete Example

On-chain analysts documented individual attacks in granular detail. One representative example from May 2023:

  • Victim transaction: A trader attempted to swap 42 ETH (~$75,000) for a memecoin on Uniswap V2.
  • Slippage tolerance: 2% (set high because the memecoin was volatile).
  • Front-run: jaredfromsubway.eth bought 15 ETH worth of the memecoin, pushing the price up by approximately 1.5%.
  • Victim execution: The trader's swap executed at the inflated price, receiving approximately 1.5% fewer tokens than they would have without the attack.
  • Back-run: The bot sold its memecoin tokens for approximately 15.8 ETH.
  • Bot profit: 0.8 ETH (~$1,440), minus ~$30 in gas = ~$1,410 net.
  • Victim cost: Approximately $1,125 in worse execution (the remainder went to the pool and builder).

The victim likely never knew they were attacked. Their transaction succeeded. They received tokens. The 1.5% worse execution was within their slippage tolerance and would be indistinguishable from normal market movement.

Community Reaction: Predator, Parasite, or Rational Actor?

The community's response to jaredfromsubway.eth was deeply divided, revealing fundamental disagreements about what DEXs should be.

The "Predator" View

Critics argued that sandwich attacks are straightforwardly harmful:

  • They extract value from ordinary traders who are unaware of the attack.
  • They increase the effective cost of trading on DEXs, making them less competitive with CEXs.
  • They represent a transfer of wealth from unsophisticated to sophisticated participants — the opposite of DeFi's democratizing mission.
  • The gas consumed by MEV bots (7%+ of Ethereum's capacity) is a negative externality — it crowds out other transactions and contributes to network congestion.

Prominent DeFi researcher Hasu wrote that sandwich attacks represent "theft by any reasonable ethical framework" because they involve deliberately degrading another person's transaction execution for profit.

The "Rational Actor" View

Defenders (and the more neutral analysts) offered a different framing:

  • Sandwich attacks exploit a design flaw in AMMs, not a vulnerability in victims' behavior. Blaming sandwich bots for sandwiching is like blaming water for flowing downhill — the protocol permits the behavior, so the protocol must be fixed.
  • The value extracted by sandwichers creates an incentive to develop MEV mitigation solutions (Flashbots Protect, CoW Protocol, MEV-aware DEX designs) that will ultimately make the ecosystem more robust.
  • In the MEV supply chain, most of the extracted value flows to block builders and validators, subsidizing Ethereum's security budget. If sandwich MEV disappeared overnight, validator revenue would drop and, at the margin, network security would decrease.
  • The attacker is operating within the rules of the protocol. Every transaction is valid. No smart contract was exploited, no vulnerability was used. The attacker simply submitted transactions that the protocol correctly executed.

The "Design Problem" Synthesis

The most widely shared view was that jaredfromsubway.eth exposed a design problem that the ecosystem needed to solve:

  • Transparent mempools are a feature (censorship resistance) that has a cost (MEV extraction). The solution is not to make mempools opaque (that reintroduces centralization) but to design protocols that function correctly even with transparent transaction ordering.
  • User-facing defaults matter enormously. If DEX frontends defaulted to private transaction submission (via Flashbots Protect or similar), most sandwich attacks would become impossible.
  • AMM design can mitigate sandwiches. Protocols that use batch auctions (CoW Protocol), encrypted mempools (Osmosis), or time-weighted execution (TWAMM) are inherently resistant to sandwiching.

The Aftermath and Ecosystem Response

The jaredfromsubway.eth saga accelerated several developments:

Private transaction relays became mainstream. Flashbots Protect, MEV Blocker, and similar services saw adoption surge. By late 2023, a significant fraction of Ethereum transactions were submitted through private channels rather than the public mempool.

DEX frontends added MEV protection. The Uniswap frontend integrated MEV protection by default. MetaMask added private transaction submission. Wallet providers began competing on MEV protection as a feature.

New DEX designs gained traction. CoW Protocol's batch auction model, which is inherently MEV-resistant, grew significantly in volume and market share. Research into encrypted mempools, threshold encryption, and MEV-aware order types intensified.

Regulatory attention. The SEC and other regulators began examining MEV as a potential form of market manipulation. While no enforcement actions had been taken against sandwich operators as of early 2025, the legal status of MEV extraction remained ambiguous in most jurisdictions.

The bot itself evolved. Jaredfromsubway.eth's operator (still anonymous as of 2025) adapted to the changing landscape, reportedly shifting to more sophisticated MEV strategies (cross-domain MEV, L2 attacks, long-tail token sniping) as sandwich attack profitability on Ethereum L1 declined due to increased use of private transaction relays.

Lessons for DEX Design

  1. Transparency has costs. The public mempool is essential for censorship resistance but creates an adversarial environment for traders. DEX designers must account for this adversarial environment explicitly, not treat it as an edge case.

  2. Defaults determine outcomes. Most users will never change their slippage tolerance from the default, never enable private transaction submission manually, and never understand MEV. The responsibility falls on protocol and frontend designers to protect users by default.

  3. Economic incentives are relentless. If a protocol design permits value extraction, someone will build a bot to extract it. This is not a bug in human behavior — it is a feature of open, permissionless systems. The only durable solution is protocol-level design that makes extraction impossible or unprofitable.

  4. MEV is a spectrum. Not all MEV is harmful. Arbitrage MEV (which aligns AMM prices with the broader market) is beneficial. Liquidation MEV (which keeps lending protocols solvent) is necessary. Sandwich MEV (which degrades trader execution) is harmful. Protocol design should distinguish between these categories.

  5. Scale reveals truth. Small-scale sandwich attacks existed long before jaredfromsubway.eth. What made this bot notable was its scale — which made the problem visible, quantifiable, and impossible to ignore. The ecosystem's response (private relays, MEV-aware designs, frontend protections) might not have happened as quickly without a single, dramatic example to galvanize action.

Analysis Questions

  1. Ethical framing. Is a sandwich attack on a DEX analogous to front-running in traditional finance (which is illegal)? Or is it more analogous to a high-frequency trader exploiting latency advantages (which is legal but controversial)? Justify your position using specific structural comparisons.

  2. Design responsibility. Should the blame for sandwich attacks fall on (a) the attacker, (b) the AMM protocol designer, (c) the frontend developer who sets default slippage, or (d) the user who used a public mempool? Distribute 100% of "responsibility" across these four parties and defend your allocation.

  3. The efficiency argument. Some researchers argue that MEV extraction is economically efficient — it transfers value from less-informed to more-informed participants, similar to how informed trading in traditional markets contributes to price discovery. Evaluate this argument for the specific case of sandwich attacks (as opposed to arbitrage).

  4. Regulatory implications. Should sandwich attacks be illegal? Consider: they occur in a permissionless system with no geographic jurisdiction, the attacker's identity is pseudonymous, and the "victim" voluntarily set a slippage tolerance that permitted the attack. What regulatory framework, if any, could address this?

  5. The arms race. As private transaction relays become standard and DEX designs become MEV-resistant, what happens to the MEV ecosystem? Will MEV extraction simply move to other domains (cross-chain, L2s, new protocol types), or will it diminish overall? What are the implications for Ethereum's security budget if validator MEV revenue declines?