In just two months, a sophisticated bot named “arsc” exploited Solana users, raking in around $30 million through Maximal Extractable Value (MEV) sandwich attacks.
Understanding MEV Sandwich Attacks
MEV sandwich attacks involve an attacker strategically placing their own transactions before and after a victim’s transaction. This tactic manipulates token prices to the attacker’s advantage, allowing them to buy tokens at a lower price and sell them at a higher price within the same block.
Discovery of “arsc”
On June 15, Ben Coverston, founder of cryptocurrency company MRGN Research, highlighted the activities of “arsc.” He discovered that this bot has been silently profiting from unsuspecting users on the Solana network. The bot operates primarily from a wallet labeled “9973h…zyWp6” and appears to use a cold storage strategy to safeguard its funds.
Wallet Insights
This primary wallet now holds over $19 million in total funds, including approximately $17 million in Solana tokens and $1.1 million in Circle’s USD Coin (USDC) stablecoin. It also contains smaller amounts of other tokens like Kabosu (KAB), Cringe Coin (CRINGE), and Wrapped Solana (wSOL).
Coverston also identified a second significant wallet, “Ai4zq…VXKKT,” which is actively engaged in decentralized finance (DeFi) activities. This wallet is steadily converting SOL to USDC using Jupiter’s dollar-cost averaging (DCA) feature, which minimizes slippage by placing orders at specific price levels. This wallet holds over $9.9 million, primarily in non-SOL tokens, including significant positions in Kamino and other liquidity-staking tokens.
Additionally, a third wallet, “BCbrp…vi58q,” serves as arsc’s “main SOL bank,” holding substantial SOL funds. Together, these three wallets have a combined value of $29.8 million at current market prices, indicating the operator’s efforts to maintain a low profile.
MEV Bot Activities Across Networks
MEV sandwich bots use advanced algorithms to identify and exploit profitable opportunities. These activities are not unique to Solana; similar exploitations have been observed on Ethereum. For instance, an MEV arbitrage bot operated by “2Fast” made a staggering $1.8 million from a single transaction bundle earlier this year.
Under 2Fast’s control, the bot turned an initial investment of 703 SOL, worth around $70,000, into 19,035 SOL, valued at approximately $1.9 million. Additionally, 890 SOL was awarded to Figment, a well-known network validator.
Regulatory Scrutiny
As MEV bot activities gain attention, regulatory bodies are beginning to investigate. The European Securities and Markets Authority (ESMA) is currently examining MEV as a potential form of illegal market abuse under its proposed technical standards for the Markets in Crypto-Assets (MiCA) regulation.
Conclusion
The actions of MEV bots like “arsc” highlight the complexities and vulnerabilities within the cryptocurrency market. As these sophisticated bots continue to exploit unsuspecting users, increased regulatory scrutiny and protective measures will be essential to safeguard the integrity of the market.