Economic
high severity
Economic Attack Vectors
Economic attacks exploit the financial logic of DeFi protocols — including sandwich attacks, front-running, MEV extraction, liquidity manipulation, and incentive misalignment.
How It Works
Attackers exploit economic incentive structures rather than code bugs. This includes front-running pending transactions, manipulating liquidity pool ratios, exploiting reward distribution logic, or gaming governance mechanisms.
Real-World Examples
Sandwich Attacks
2023
$500M+ annually
MEV bots front-run and back-run user swaps on DEXes, extracting value from ordinary traders.
Euler Finance
2023
$197M
An economic exploit in the donation and liquidation mechanics drained the protocol.
Code Examples
Vulnerable Code
// VULNERABLE: No slippage protection
function swap(address tokenIn, uint256 amountIn) external {
uint256 amountOut = getAmountOut(amountIn);
// No minimum output check - sandwich attackable!
token.transfer(msg.sender, amountOut);
}Secure Code
// FIXED: Slippage protection with minimum output
function swap(address tokenIn, uint256 amountIn, uint256 minAmountOut) external {
uint256 amountOut = getAmountOut(amountIn);
require(amountOut >= minAmountOut, "Slippage too high");
token.transfer(msg.sender, amountOut);
}Prevention
- Implement slippage protection (minimum output amounts) on all swap functions
- Use commit-reveal schemes for sensitive operations
- Add deadline parameters to prevent stale transaction execution
- Model economic incentives and game theory before deployment
Related Vulnerabilities
Scan Your Contract for Economic Attack Vectors
Our AI-powered auditor automatically detects economic attack vectors and 20+ other vulnerability types. Get a detailed report in minutes.