Maximal Extractable Value (MEV)
DeFi's silent thief
TLDR:
MEV is a silent tax on DeFi users, bots watch the mempool for pending transactions and extract value by controlling the order trades are processed in.
Over $1.38bn has been extracted in DeFi from Ethereum alone, with examples of individual sandwich attacks wiping out 97% of a single trade.
Solutions exist like Flashbots Protect and MEV Blocker, DEX aggregators like 1inch, and intent-based protocols like CoW Protocol to reduce your exposure.
Most people have no idea this is happening, understanding MEV gives you a better grasp of how DeFi works and some of the risks beyond hacks.
There’s been a lot of discussion recently on hacks in DeFi and last week I wrote about “DeFi United” and the great effort that Aave and Stani put into reducing the damage from the recent KelpDAO hack. Hacks and hackers like this are a very visible enemy in DeFi.
However, there’s another form of malicious behaviour that’s very common in DeFi yet a lot less visible that’s called Maximal Extractable Value (or MEV for short). MEV has been quietly extracting value from crypto users since the early days of DeFi yet most people have no idea it's happening, so I decided to write about it today.
If this post resonates with you and you enjoy the content then please share it with a friend and get rewarded for doing so!
This blog goes out weekly to over 20,000 subscribers. Please message me if you’re interested in sponsorships or partnerships.
MEV
Most people are aware of hackers who steal money in crypto by hacking projects since it’s often publicised and visible, but far fewer people are aware of the silent thief that is MEV, which has been quietly extracting value from crypto users since the early days of DeFi.
“MEV” stands for Maximal Extractable Value, and refers to the profit that can be extracted in DeFi by controlling which transactions go into a block and in what order.
The concept was first defined in 2019 in a paper called “Flash Boys 2.0” as “Miner Exctractable Value” because Ethereum node operators were primarily described as miners back then, but after Ethereum’s Merge in 2022, they became known as validators, so the name changed to the more general “Maximal Extractable Value”.
To understand why MEV is possible you need to remember that when you submit a transaction on any public blockchain, it doesn’t go straight into a block. First it sits in a public waiting room of sorts called the “mempool” before validators pick it up.
The mempool has to be public because that’s how the network propagates transactions across all its nodes. But it also means your trade is visible to anyone who’s watching the mempool before it’s confirmed. And there’s always lots of bots watching.
Validators have the ability to reorder, include, or exclude any transaction they want while constructing blocks. In practice, they often sell that ability to the highest bidder. Bots pay extra in gas fees to get placed exactly where they need to be relative to your transaction, and that’s where the “extractable value” comes from.
How MEV works
There are three main ways MEV gets extracted and they vary quite a bit in how harmful they are.
“Frontrunning” is the simplest.
A bot spots your large pending buy order in the mempool, copies it, and submits its own version with a higher gas fee to jump ahead of you in the queue. By the time your trade executes, the bot has already bought and pushed the price up. You get a worse price, and the bot sells into your trade and pockets the difference.
“Sandwich attacks” are more targeted.
Every DEX trade has a “slippage tolerance”, a setting that tells the protocol how much price movement you’re willing to accept. Bots read this and use it against you.
The bot buys just before your trade to push the price up, lets your trade go through at the worst price your slippage tolerance allows, then immediately sells. It’s a precise extraction: in, out, profit, all within a single block.
Then there’s MEV “arbitrage.”
A bot notices that ETH is trading at slightly different prices on Uniswap and Curve, buys on the cheaper side and sells on the more expensive side simultaneously.
This one is less predatory and actually helps keep prices consistent across the ecosystem, but it still counts as MEV, and these bots compete fiercely against each other in what are sometimes called “gas wars,” bidding up fees to get their arbitrage transaction in first.
There are also other forms of MEV such as liquidations (for undercollateralised positions), backrunning (adding transactions after yours), JIT liquidity (liquidity in and out in 1 block), sniping (on new tokens), and more. What they all have in common is that onchain value gets extracted by fast bots peeking into the mempool.
The scale of it
MEV bots extracted over $700 million from Ethereum users in 2024 alone. The cumulative total since researchers started tracking has exceeded $1.38 billion, and that’s just on Ethereum! The same dynamics play out in DeFi on all public chains from standalone L1s like Solana to L2s like Base.
In the most extreme cases this can be very damaging, for example on March 12th 2025, a trader tried to swap $733,000 USDC for ETH on Uniswap. A sandwich bot intercepted the transaction and left them with just $19,000, causing a 97% loss on what should have been a routine trade!
The most notorious bot in this space is “jaredfromsubway.eth,” who has earned more than $22 million through sandwich attacks alone and has been one of the most active addresses on Ethereum for years.
Jared’s not a person sitting at a keyboard, it’s an automated system running around the clock, scanning pending transactions for an opportunity.
For most people the damage isn’t so dramatic. A slightly worse execution price here, a bit more slippage there. But it’s happening on every single swap so across millions of transactions it represents a significant tax on the ordinary DeFi users.
What's being done
The Ethereum ecosystem has put serious effort into reducing this problem. Flashbots in particular have spent a lot of time building solutions in this space, such as MEV-Boost, Flashbots Protect and MEV Blocker.
Before Flashbots bots flooded the mempool with competing transactions and drove gas fees up for everyone in chaotic bidding wars. MEV-Boost brought order to this by creating a marketplace where specialised block builders compete to produce the most profitable blocks and share revenue with validators.
With MEV-boost the MEV still happens but it’s more structured and far less damaging to the onchain experience.
“Private mempools” are the most direct protection for individual users. Services like Flashbots Protect and MEV Blocker let you route transactions to validators privately, bypassing the public mempool entirely. A bot can’t frontrun or sandwich a transaction it never sees,
However you do still need to trust a third-party like Flashbots with these solutions. The deeper fix that Ethereum is working toward is “Proposer-Builder Separation” (PBS), which bakes this separation between block building and block proposing into the protocol itself rather than relying on external software.
This is a longer-term architectural change that would make the system more resistant to centralisation among a handful of powerful builders.
Other approaches are being attempted altogether too, such as with “CoW Protocol” where instead of submitting a transaction to be executed, you submit an “intent” where you say what you want to achieve and a solver network figures out the best way to do it.
This “intent-based” model is increasingly influential in how people are thinking about DEX design more broadly. Because there’s no visible pending transaction sitting in the mempool there’s nothing for a bot to sandwich.
What this means for you
The most important thing to know is that protection exists and it’s not complicated to set up.
For large trades you can add a private RPC endpoint to MetaMask using something like Flashbots Protect or MEV Blocker, which are both free and take about two minutes to configure. Once it’s on, your transactions go directly to validators without touching the public mempool.
Using a DEX aggregator like 1inch or Paraswap also helps. They split trades across multiple liquidity pools, which reduces the slippage a sandwich bot can exploit. A trade that’s spread across five pools is much harder to sandwich than one going into a single pool.
Your slippage tolerance setting matters too. Many wallets default to 0.5% or higher, which gives bots a comfortable margin to work with. Tightening it reduces what they can extract, though it also means your trade might fail if prices move during execution so there’s a balance.
Low-liquidity pools are where the worst attacks happen. A $10,000 trade in a thin pool moves the price a lot, which is exactly what bots are scanning for. The bigger the price impact of your trade, the more attractive you are as a target.
MEV is ultimately a structural feature of how public blockchains work. Your transactions are visible while they wait to be confirmed, and that visibility has a cost. Most people trading on DEXs have no idea any of this is happening, they take a worse price than expected and assume that's just how it works.
Knowing about MEV doesn't make you immune to it, but it changes how you engage with DeFi: which pools you trust, which aggregators you reach for, what a suspiciously bad execution price actually means. The tools to protect yourself are out there when you need them and now you know why they are important!
Whenever you’re ready, these are the main ways I can help you:
Want high crypto returns? Earn up to 14% APY with your own Yieldseeker agent!
Love Web3 & AI? Follow @afoxinweb3 on X for insights!
Entrepreneur using AI? Join our AI community to accelerate your results!