Solana (SOL) has, by design, one of the most expensive networks to maintain, often requiring validators to look for Foundation’s subsidies or Maximum Extractable Value (MEV) techniques. This is the case with DeezNode, a Solana validator and RPC cluster provider who profited over $13 million in a single month from sandwich attacks against other SOL users – a report shows.
According to a post by vitorpy, founder of DarkLake, DeezNode’s sandwich bot executed 1.55 million transactions in December 2024. The exploitative spree resulted in 65,800 SOL profit for the attacker, worth over $13 million by vitorpy’s posting time.
Annualized, this would result in approximately 801,540 of SOL stolen from users, worth around $163.4 million.
Picks for you
In particular, this phenomenon results of what was promoted as a solution for the MEV-abuse problem, closing Jito’s public mempool. However, as reported, the issue increased as it pushed extraction to private networks from providers like DeezNode, amplifying the speed.
“After analyzing transaction flows across validators, one thing is clear – Jito’s public mempool shutdown didn’t eliminate MEV, it pushed extraction into private networks.”
– vitorpy
Notably, this is a recurrent issue for Solana. Previously, Finbold reported a similar (and even higher) exploit from Arsc, scooping over $60 million from MEV sandwich attacks.
What are sandwich attacks on Solana?
Essentially, sandwich attacks are a harmful exploit in decentralized exchanges (DEXes), when the attacker front runs users’ transactions for profit.
An MEV Sandwich Attack in Solana involves malicious actors exploiting transaction ordering to profit at the expense of regular users. This manipulation ensures the user always gets the worst price while the attacker reaps the benefits.
These actors, typically validators or those with access to private mempools, place two transactions around a target user’s transaction: one before buying the asset at a low price and another after selling it at a higher price, thus “sandwiching” the user’s trade.
This practice harms users by increasing their transaction costs and reducing the fairness of the trading environment. Only a few validators benefit, as they control the transaction order in Solana’s leader-based block production system.
Interestingly, Solana’s architecture makes it particularly conducive for such attacks due to its high-speed transaction processing and absence of an in-protocol mempool. Instead, some validators and RPC service providers use private mempools which allow them to see and manipulate transactions before they are finalized. This scenario has led to significant MEV revenue for these validators, often at the direct cost of user experience and network integrity.
Moreover, Solana’s architecture makes it difficult for external observers to spot MEV tactics like sandwich attacks, raising concerns about data obscurity and questions on how much of Solana’s Real Economic Value (REV) is actually coming from predatory value extraction.
This is especially relevant as SOL supporters often mention REV as a leading metric that puts Solana ahead of competitors like Ethereum (ETH). Yet, Mert—CEO of Helius Labs, Solana’s largest RPC provider—explained that Sandwich Attacks only amount to a small share of the chain’s REV.
“The last piece of data on this [sandwich attacks] is that it’s a single digit of total rev, this is what im referencing — the vast majority of revenue is via prioritizing [transactions] to land faster,” Mert said in a thread.
As things develop, traders, investors, users, and enthusiasts discuss the MEV sandwiching attacks and potential solutions. Blockchains like MultiversX (EGLD), BNB Chain (BNB), Algorand (ALGO), and Cardano (ADA), are known for actively looking at ways to mitigate these exploits.
Featured image from Shutterstock
