Blockchain Examiner Identifies Massive Sandwiching Problem in Dodo’s USDT/DAI Pool

by
Blockchain
Blockchain Examiner Identifies Massive Sandwiching Problem in Dodo’s USDT/DAI Pool

According to Twitter user Mike B (@DefiGod5), there is a massive sandwiching problem in the USDT/DAI pool in Dodo DEX. In the thread, his very first tweet poses the question of how a stableswap pool with less than 10m in liquidity gets 50-100m in daily volume. It appears some traders are leveraging MEV to exploit traders in the pool. 

Sandwich Attack in Dodo USDT/DAI Pool

Mike B explained how one trader capitalizes on trades with MEV to force profits from traders. According to Mike B, wallet 0xf480 sandwiches every single sizable trade on the USDT/DAI pool.

The Twitter user highlighted an actual case where trader 0x5b5a exchanged USDT for DAI. 1 DAI is normally equal to 1 USDT. Due to the sandwiching, the trader got 0.97 DAI for 1 USDT. The trader paid 282700 USDT and received 277017 DAI. 

Immediately before and after trader 0x5b5a’s trade, there is a $3 million trade in each direction from wallet 0xf480. As such, Dodo, an exchange with less than 10 million in liquidity, sometimes records volumes hitting over $100 million. 

This was just one of the many cases involving wallet 0xf480 where absolute sandwiching occurred. In each of the cases, 0xf480 capitalizes on transactions with extractable MEV. This will result in a $2.4 to $4 million volume in each direction, meaning every trade with extractable MEV results in over $5 million. 

Dodo Sandwich Problem: Slippage and 0 Trading fees

The DEX world is not new to Sandwich attacks. A sandwich attacker gets information from the blockchain when a trader starts their trade. The attacker buys the asset beforehand, materially manipulating prices. The average trader will buy the asset at hiked prices and make losses. The attacker then sells their asset for a profit, but at the trader’s expense—sandwich attacks force profits from any trade with MEV.

The Dodo Sandwich problem is mainly because of the low fees and high slippages. Mike B said that the platform charges 0 fees. Hence, an investor can freely “push the market anywhere and back for 0$. This makes trades going through this pool vulnerable to really efficient sandwiching.”

Slippages are the price difference between when you submit a transaction and when the confirmation on blockchain occurs. Normal DEXes set slippages at 0.1%, meaning any price changes above will autonomously cancel your transaction. 

However, Mike B noted that Dodo sets massive rates as slippage, hitting 30%. If the price difference does not surpass 30%, the trader will complete the trade even though expensive. These slippages and free transactions make it possible for sandwich attacker 0xf480 to take advantage of other traders.

Mike B ended the thread advising Dodo:

“My advice to Dodo is to add a fee to the pool. It reduces the manipulation surface greatly. Secondly, change the default slippage. Even non-stableswap trades should never default to 3%!”

This year alone, investors have lost hundreds of thousands, if not millions, due to such activities. On May 21st, Twitter user @bertcmiller highlighted another case of Sandwich attacks on Curve Finance traders. Bertcmiller said:

“A highly profitable bot is sandwiching @CurveFinance stablecoin trades with $100m+ swaps through a fascinating strategy to get leverage.”

Dodo Could Be Culpable for the Attacks

Some people in the thread’s comment section noted that Dodo exchange is probably the party conducting the sandwiching attack. Another one wondered why people are still using DEX platforms in 2022. Generally, it’s indeed possible that Dodo controls wallet 0xf480; hence, it’s not stopping the attacker or even setting high trading fees to discourage such activities.