The Graph Academy
Master The GraphBug BountyExplorer
  • Welcome to The Graph Hub
  • FAQs
  • Official Docs
    • Get Started
    • About The Graph
      • Introduction
      • Network Overview
    • Developer
      • Mastering Subgraphs
      • Quick Start
      • Define a Subgraph
      • Create a Subgraph
      • Publish a Subgraph to the Decentralized Network
      • Query The Graph
      • Querying from an Application
      • Distributed Systems
      • AssemblyScript API
      • AssemblyScript Migration Guide
      • GraphQL API
      • Unit Testing Framework
      • Quick and easy subgraph debugging using forks
      • Deprecating a Subgraph
    • Indexer
      • What are Indexers?
      • Revenue Streams
      • Reward Distribution
      • Allocation Lifecycles
      • Indexing & Querying
      • Hardware requirements
      • IPFS hash converter
      • Vulnerabilities
      • Indexer Subgraph Selection Guide
      • Testnet
        • Graph Protocol Testnet Docker Compose
        • Graph Protocol Testnet Baremetal
          • Architecture Considerations
          • Deploy and Configure Database
          • Deploy and Configure Graph-node
          • Deploy and Configure Indexer stack
      • Monitoring
        • Ethereum Node Chainhead Monitoring - no third parties
      • Best Practices
        • Failed subgraphs - Manually Closing Allocations
    • Delegator
      • Choosing Indexers
        • Network Page
        • Tools
        • Guides
      • Reward Statuses
    • Curator
    • Subgraph Studio
      • How to Use the Subgraph Studio
      • Deploy a Subgraph to the Subgraph Studio
      • Billing on the Subgraph Studio
      • Managing your API keys
      • Subgraph Studio FAQs
      • Transferring Subgraph Ownership
    • The Graph Explorer
    • Supported Networks
      • Building Subgraphs on NEAR
      • Building Subgraphs on Cosmos
      • Building Subgraphs on Arweave
  • The Graph Ecosystem
    • Network
      • Core Developer Teams
        • Edge & Node
        • Streamingfast
        • Figment
        • Semiotic
        • The Guild
        • GraphOps
      • The Graph Foundation
      • The Graph Council
      • Graph Advocates
      • Graph Advocates DAO
    • Infrastructure
      • Mainnet
      • Testnet
      • Network Migration
      • Multichain Migration
      • Firehose
      • Substreams
      • The Graph Client
Powered by GitBook
On this page

Was this helpful?

  1. Official Docs
  2. Indexer

Vulnerabilities

PreviousIPFS hash converterNextIndexer Subgraph Selection Guide

Last updated 4 years ago

Was this helpful?

Sandwich Attack

As described by : By monitoring changes in Indexer cuts using a delegator, with the assistance of Indexer_payne, picked up on a potential Sandwich Attack, first described and named by Indexer Nuviba. A genuine Sandwich Attack is a malicious attempt by an Indexer to pretend they will share the majority of rewards with their Delegators, but then take all the rewards for themselves and hide the fact that they did so.

This variant of a Sandwich Attack was explained by nuviba.eth | 0x62a0—fc8c4a

So what does this look like in the real world?

  1. Indexer has a low reward cut e.g. 20% (Indexer takes ~20% of rewards, Delegators get ~80% of rewards) which attracts new delegations

  2. At some point the Indexer changes the rewards cut to 100%

  3. Minutes later the Indexer settles on-chain and takes all pending rewards for themselves, Delegators get nothing

  4. Indexer quickly sets reward cut back to 20% to look appealing to new Delegators

  5. Delegators are either totally unaware they are being deceived, or are left wondering where their projected yield has gone

In a truly malicious Sandwich Attack, the above actions are performed in a short period of time in an attempt to hide the malicious activity from Delegators, and 100% of the rewards are taken. In the case that was seen on mainnet, the Indexer moved their cut from 20% to 80%, settled, then set their cut back to 20%. In explaining why, when confronted by their Delegators, the Indexer explained that they use this strategy in order to provide a fixed return to their Delegators. Does this seem like honest Indexing? The answer is up to you.

Jim / Cryptovestor
Stakemachine's dashboard