Solana Cracks Down on MEV Malicious Activities! 30 Validators Permanently Removed for Participating in Sandwich Attacks

MEV (Maximum Extractable Value) bot attacks are common in DeFi, such as frontrunning and sandwich attacks. Recently, the Solana Foundation removed a group of validator node operators from its delegation program due to their participation in "sandwich attacks." This is a rare case of node qualification being revoked due to arbitrage issues like MEV on a public chain.

A sandwich attack occurs when an attacker sets orders before and after a transaction to manipulate the price, ensuring their own profit while causing retail investors to get the worst possible price.

Solana Foundation Removes Over 30 Validators

Tim Garcia, Solana's Director of Validator Relations, recently announced on Discord that malicious validators would be removed from the delegation program. These malicious activities include participating in private memory pools for sandwich attack transactions or otherwise harming Solana users. Garcia emphasized:

Anyone found engaging in such activities will be rejected from the program, and any SOL delegated from the Foundation will be immediately and permanently revoked.

Note: The Solana Foundation’s delegation program allows SOL holders to transfer their staking rights to staking pools or validators, reducing the burden on validators to hold a large number of tokens.

The validators involved in sandwich attacks were using Mempools (memory pools) that allowed these attacks to occur. Mempools are where validator nodes store transactions that have yet to be confirmed by the blockchain. Attackers can monitor upcoming transactions to execute sandwich attacks.

These validators violated Solana Foundation's rules by participating in these attacks. The rules prohibit validators from engaging in malicious activities. Although these validators still retain their validator status, they are no longer eligible to receive rewards for validating transactions on the Solana blockchain.

According to CoinDesk, a total of over 30 validators were removed from the Solana Foundation’s delegation program, and many of the operators were Russian.

Is Solana Foundation’s Action Too Centralized? Will It Affect Solana’s Operations?

Mert Mumtaz, co-founder of Solana remote procedure call provider Helius, explained on X the issue of node operators seeking to profit from retail users. He stated that sandwich attacks were originally impossible on Solana because the client did not have a memory pool. Therefore, some participants proactively added private memory pools to their validators to conduct sandwich attacks and profit on Solana.

Responding to community concerns about centralization, Mumtaz replied:

These node operators can still operate freely on the network since Solana is a permissionless network; they just won’t receive subsidies from the Foundation.

Additionally, removing these validators engaged in sandwich attacks has a limited impact on the entire Solana network. The Solana Foundation only delegates tokens to validators with less than 16% of the total staked amount. Furthermore, CoinDesk quoted sources indicating that the 32 targeted operators only hold a total of 1.5 million SOL, representing a small proportion of the Foundation’s token delegation program at just 0.5%. Thus, revoking these validators’ delegations will not significantly impact the network's overall operation.

However, it is worth noting that similar MEV malicious activities are considered default legal behavior on Ethereum and other EVM chains. While criticized by some in the Ethereum community, it is largely seen as a necessary evil in the short term, with plans to address it through future architectures like sharding.