What Is MEV in Crypto? 2026 Guide to Extraction
On April 2, 2023, two MIT-educated brothers named Anton and James Peraire-Bueno ran sixteen Ethereum validators, baited three MEV bots into proposing tampered transaction bundles, and extracted about $25 million in roughly twelve seconds. A year later the US Department of Justice charged them with wire fraud and money laundering. It was the first criminal case ever brought specifically over the MEV supply chain. If you have ever wondered what MEV actually is and why it matters, that story is the shortest answer: an invisible layer of the blockchain where billions of dollars move between bots, validators, and unwitting users every year.
MEV stands for Maximal Extractable Value. It is the profit that block producers, and the searchers paying them, can earn by choosing which pending transactions go into a block, in what order, and which get left out. Everyone who trades a token on a decentralized exchange is exposed to it. Most retail users never notice. This guide walks through what MEV really is, how it works on Ethereum after the Merge and on Solana with Jito, which types of MEV are useful and which are toxic, how much value has been extracted through 2025, and the tools that actually protect your on-chain transactions in 2026.
What is MEV (maximal extractable value) in crypto
MEV is the maximum value a block producer can extract from block production beyond standard block rewards and gas fees by including, excluding, or changing the order of transactions in a block. That is almost verbatim the definition Ethereum.org uses, and every major educational source (Chainlink, a16z, CoW Protocol, CoinGecko) converges on the same idea. The original term was "miner extractable value" because on proof-of-work Ethereum miners controlled ordering. After the September 2022 Merge shifted Ethereum to proof-of-stake, the name was updated to maximal extractable value because validators now own that power, and the broader concept applies to every blockchain with a block producer making ordering decisions.
The term itself comes from an April 2019 Cornell IC3 paper called "Flash Boys 2.0" by Phil Daian and coauthors. That paper documented for the first time how arbitrage bots on Ethereum DEXs were already engaged in priority gas auctions, bidding up transaction fees to front-run each other. Six years later, MEV is a multi-billion-dollar industry built on top of the same basic mechanic: whoever decides the order of transactions can capture value that would otherwise go to the user submitting the trade.
How MEV works on Ethereum's blockchain post-Merge
Here is how extraction actually works, step by step, on a modern Ethereum block.
A user signs a transaction and sends it to the public mempool. The mempool is the pending-transactions waiting room that every node can see. Bots scan the mempool continuously, looking for lucrative MEV opportunities: a big DEX swap about to move a token to a higher price, a lending position about to become liquidatable through a smart contract call, an arbitrage gap opening between two pools. When a searcher spots a profitable MEV opportunity, it bundles its own transactions with the target transaction and submits the bundle to a specialized block builder, taking advantage of its ability to order transactions inside that block.
The block builder assembles a full block from many competing bundles, optimizing for the highest total fee plus MEV payment. Builders then send their proposed blocks to relays, which forward them to validators via MEV-Boost. Validators pick the most lucrative block and sign it. The user's trade executes, sometimes with worse slippage than they expected, sometimes unchanged, sometimes as part of an arbitrage trade the bot runs right after.
This supply chain is now the default. According to Blocknative and relayscan.io, more than 90 percent of Ethereum blocks are built via MEV-Boost, and on a 24-hour snapshot in April 2026, four relays (Ultra Sound, Titan, and two bloXroute variants) delivered roughly 80 percent of all payloads. Just seven relay operators now control 99 percent of the network. The mean reward per block is about 0.038 ETH according to Blockscholes research, and blocks delivered via MEV-Boost are on average 5.57 times more valuable than blocks validators build locally.
Each type of MEV: MEV examples and examples of MEV
MEV is not one thing. It is a family of strategies, and they are very different in how they affect normal users. Rough industry estimates from Arkham Research put the breakdown at roughly 60 percent arbitrage, 30 percent liquidations, and 10 to 15 percent toxic flow (sandwich attacks and generalized front-running). Searchers chase a profitable MEV opportunity the same way a high-frequency trader chases a latency edge in traditional markets. The potential MEV available in any given block depends on how much activity the mempool is showing at that moment and the price of the asset being traded.
- Arbitrage: bots exploit price differences between two pools or two exchanges atomically in a single block. EigenPhi recorded about $3.37 million in Ethereum arbitrage profits during a 30-day window in September 2025. This is usually considered useful MEV because it keeps prices aligned across DeFi.
- Liquidations: bots race to close out undercollateralized positions on Aave, Compound, or Maker. Lending protocols depend on this race to stay solvent. Also considered useful MEV.
- Backrunning: a bot places a transaction right after a user's trade to capture the resulting arbitrage. CoW Protocol calls this the least harmful form of MEV because the user's trade already executed at their expected price.
- Front-running: a bot sees a pending swap and submits the same trade first with a higher gas fee, pushing the user's execution price worse. Classic toxic MEV. Frontrunning is the most cited form of MEV in academic papers.
- Sandwich attacks: the most damaging variant. A bot submits a buy before the user's trade and a sell right after, trapping the victim's order between two hostile transactions and pocketing the price impact.
- JIT liquidity: a bot adds concentrated liquidity to a Uniswap v3 pool immediately before a large swap and pulls it out right after, capturing the swap fees at zero risk.
- Generalized front-running: advanced bots copy any pending transaction, replace the address with their own, and simulate execution to check for profit. Then they submit the copy with a higher fee.
- NFT MEV: a niche form of MEV where bots front-run NFT mints or exploit pricing errors on marketplaces.
Not all of these forms of MEV are harmful. Useful MEV keeps DeFi markets efficient and helps bots extract value that makes prices align across venues. Toxic MEV is pure value transfer from users to searchers with no efficiency benefit at all.
Frontrunners and the MEV mempool supply chain
The cast of characters inside the MEV supply chain is small but specialized. Frontrunners are the bots that scan the public mempool for profitable patterns, compete for block inclusion, and submit bundles optimized for a specific outcome. Searchers write and run those bots, and they are the ones willing to pay the highest tips to capture MEV. Builders assemble the actual blocks, stitching together a profitable MEV transaction sequence from competing bundles. Relays are the trusted couriers between builders and validators. Validators propose the final block. Everyone takes a cut at a different point in the MEV work chain.
For the user whose transaction is in the mempool, that complexity is mostly invisible. What you see is the result: your slippage was slightly worse than you quoted, your swap took longer than expected, or your gas fee spiked right when you hit confirm. That is the MEV supply chain reaching into your trade and redistributing a small amount of value upstream.
MEV extraction: searchers, builders and validators
Extraction is the actual process of turning a pending transaction into value for someone other than the user. Searchers submit bundles with tips that go to builders. Builders keep a slice and pass the rest up to validators via the MEV-Boost auction. Validators just sign the winning block and collect the proposer tip. The searcher does the analytical work, the builder runs the optimization software, the validator earns passive income from being lucky in the proposer rotation. This division of labor is what allows searchers to submit bundles against almost any user's transaction without every validator needing to know how the underlying strategy works.
Blockscholes research pegs the mean reward per Ethereum block at 0.038 ETH, but the distribution is heavily skewed. Most blocks generate nothing unusual. A small number of blocks on busy days generate orders of magnitude more. The single-day record came in August 2023 when a Curve exploit triggered extraction of 6,006 ETH (about $11.1 million) in 24 hours, as reported by The Block. That is the kind of event that distorts every average you compute afterward.
Flashbots and MEV-Boost on Ethereum after the Merge
Flashbots was the research collective that first tried to drag MEV into the open. Before Flashbots, MEV extraction on Ethereum happened through priority gas auctions in the public mempool, which congested the chain and made gas fees worse for everyone. Flashbots built a private communication channel between searchers and miners, then later validators, so that bundles could be submitted without spamming the mempool. That channel became MEV-Boost after the Merge, and MEV is now extracted in an orderly private auction rather than a gas-fee arms race on the public mempool.
MEV-Boost is now the default Ethereum block production path. It is an opt-in piece of software that validators run alongside their client, which connects to a chosen list of relays, receives block proposals from competing builders, and picks the most profitable one. The system works. It has also produced a new problem: relay concentration. On the April 2026 snapshot from relayscan.io, Ultra Sound held about 32 percent, Titan about 23.5 percent, and the two bloXroute relays combined for another 27 percent. Seven operators cover 99 percent of the network. That concentration is exactly what Ethereum's enshrined Proposer-Builder Separation proposal (EIP-7732) aims to replace, targeted for the Glamsterdam upgrade in the first half of 2026.
Jito and MEV on Solana: a different blockchain technology playbook
Solana's MEV story is structurally different from Ethereum's. Solana has no traditional public mempool; transactions are forwarded directly to the current leader. That made the classical sandwich attack harder in theory but far from impossible in practice. Then Jito Labs shipped Jito-Solana, a modified validator client that adds an auction-based bundle mempool to Solana, and the whole blockchain network changed. Every major Solana blockchain network design decision since then has had MEV considerations baked in.
Jito-Solana is now run by over 90 percent of Solana's stake weight. Jito tips paid to validators and stakers have reached roughly $674 million cumulatively, peaked at about $210 million in a single month in November 2024, and contributed to Solana out-earning Ethereum in Q4 2024 on real economic value ($1.4 billion in tips and fees). JitoSOL blends staking and priority-fee income into a single APY of around 7.18 percent through roughly 1,040 validators according to Jito's own dashboard.
The dark side: Solana sandwich extraction between late 2023 and early 2025 ran between $370 million and $500 million over a 16-month window, according to sandwiched.me data presented at Solana Accelerate 2025. A single bot cluster linked to an address starting with Ai4zq made approximately $287 million over six months ending November 2024. An earlier bot known as "arsc" earned around $30 million in two months during mid-2024 alone. Jito Labs has occasionally blacklisted the worst sandwich bots from its mempool, but private off-chain auctions quickly replaced them. Solana is the most active MEV environment in crypto today, and not always in a healthy way.
MEV attacks on traders and how big they actually are
The good news for Ethereum traders is that sandwich attacks are shrinking. EigenPhi data shared with Cointelegraph in December 2025 showed that sandwich bots drained about $40 million from Ethereum users across 2025, down from nearly $10 million a month in late 2024 to roughly $2.5 million a month by October 2025. Monthly sandwich counts stayed high at 60,000 to 90,000, but average profit per attack collapsed to just over $3. About a third of all sandwich bots now operate at breakeven, and another 30 percent run at a net loss.
One searcher dominates the rest. The address jaredfromsubway.eth is behind roughly 70 percent of all Ethereum sandwich activity. Lifetime, that bot has generated about 82,679 ETH in revenue against 76,850 ETH in gas, netting around 5,829 ETH or roughly $22 million since March 2023 according to The Block. In its first three months of operation in 2023, the bot cleared about $34 million in proceeds on $40 million in revenue.
| Metric | Ethereum 2025 | Solana 2024-2025 |
|---|---|---|
| Sandwich extraction from users | ~$40M (full year) | $370M-$500M (16-month window) |
| Monthly sandwich count | 60k-90k | Not publicly aggregated |
| Dominant single actor | jaredfromsubway.eth (~70%) | Ai4zq cluster (~$287M in 6 months) |
| MEV-Boost / Jito stake share | >90% of blocks via MEV-Boost | >90% of stake via Jito-Solana |
| Cumulative builder/relay tips | Hundreds of thousands of ETH since Sep 2022 | ~$674M in Jito tips cumulative |
The contrast is stark. Ethereum's MEV ecosystem has matured enough that toxic extraction is shrinking. Solana's is still in its land-grab phase. The impact of MEV on Solana users has become one of the biggest debates in the blockchain industry as a whole, and MEV can also be harmful to liquidity providers there, not just retail traders.
Negative externalities of MEV for everyday users
The negative externalities of MEV are the quiet costs the average trader pays without realizing it. Slippage above the expected level is the most common. Failed transactions during gas spikes add up too, and so do worse execution prices on large swaps routed through public AMMs. CoW Protocol calls MEV "a hidden tax on all types of Ethereum transactions" and estimates that toxic MEV has cost Ethereum users more than $1.3 billion to date. Other sources put the broader figure above $1.8 billion since 2020 once Solana and other blockchain networks are included. The value extraction of MEV falls disproportionately on retail users who have not yet switched to protected RPC endpoints, and the digital asset they are trading is usually the same stablecoin or blue-chip token that a more informed user would route through a private channel.
There is a subtler cost too. Loss-versus-rebalancing (LVR) hits liquidity providers when an AMM's posted prices lag behind external markets, letting arbitrage bots repeatedly pick off stale quotes. Research from CoW Protocol and Paradigm argues that LVR alone accounts for more value leakage than every other form of MEV combined. For LPs on Uniswap v2 and v3, LVR is the reason impermanent loss is worse than simple price divergence would predict.
MEV protection tools: CowSwap, MEV Blocker, Shutter
Practical MEV protection for retail users exists in 2026, and it is easier to turn on than it used to be. The short list worth knowing:
- Flashbots Protect RPC: launched in 2022, routes your transactions to the Flashbots block builder instead of the public mempool. Your transaction becomes invisible to sandwich bots until it is included in a block, so searchers cannot submit MEV bundles against it.
- MEV Blocker: a CoW DAO-backed RPC endpoint that submits to multiple competing builders (Flashbots, Titan, Beaver, BuilderNet, bloXroute). Sandwich attempts are blocked by design, and users get back up to 90 percent of any value searchers capture through backrunning. MEV Blocker is probably the single most important mitigation layer for retail users in 2026.
- CoW Protocol: uses frequent batch auctions where all trades in a batch settle at the same price, which mechanically removes the ordering advantage that sandwich bots rely on. The protocol reports that sandwich attacks generate roughly $1 million per week in profit for searchers on regular AMMs, which is the gap CoW is trying to close.
- 1inch Fusion and UniswapX: intent-based DEX aggregators that use Dutch auctions and private solver networks to route orders away from the public mempool.
- Wallet-level MEV protection: MetaMask, Rabby, Ledger Live and Trust Wallet all now ship some form of opt-in or automatic MEV protection on swaps, though coverage varies by chain.
- Shutter Network: an encrypted mempool that hides transaction contents until they are safely included, eliminating front-running at the protocol level.
None of these tools are perfect. Every single one adds some latency or limits chain coverage. They all beat routing an unprotected swap through a raw public RPC.
Mitigating MEV: ePBS, SUAVE and encrypted mempools
The ecosystem-level fixes for MEV live at the protocol layer. They are part of the Ethereum ecosystem roadmap itself, not just third-party tools, and they aim to change how MEV is extracted at the layer-1 blockchain level. Three are worth knowing about.
Enshrined Proposer-Builder Separation (ePBS), tracked as EIP-7732, would bake the MEV-Boost auction directly into Ethereum's consensus protocol. Today validators rely on seven relay operators they must trust. After ePBS, the protocol would handle the proposer-builder auction itself, removing the relay as a trust point and spreading block production more fairly. Target fork: Glamsterdam, first half of 2026, after the Fusaka hard fork landed in December 2025. Ethereum researchers (SoK paper, arXiv 2506.18189) flagged a liveness risk where builders could withhold payloads during volatile moments, leaving up to 6 percent of blocks empty. The tradeoff is live.
SUAVE (Single Unifying Auction for Value Expression) is Flashbots' bigger swing. It is a cross-chain, MEV-aware encrypted mempool that aims to let any searcher on any chain submit preferences and bundles to a single sequencer without revealing their strategy until execution. Still in testnet as of 2026. Ambitious and largely unproven.
Encrypted mempools in general, including Shutter Network on Ethereum mainnet, hide transaction contents from everyone, including block builders, until the moment of inclusion. That eliminates classic front-running by design, but it makes the block-building process harder and slower. The MEV community is debating whether encryption is worth the overhead.
Effects of MEV on trades and the Ethereum ecosystem
The effects of MEV on the Ethereum ecosystem cut in both directions. Useful MEV (arbitrage and liquidations) keeps prices aligned, lending markets solvent, and DEX execution reasonable across venues. Toxic MEV (sandwich attacks, generalized front-running, JIT exploitation) siphons value from users to a narrow set of specialized actors. MEV plays a role in nearly every meaningful block on Ethereum today, and MEV is possible on any chain that has a mempool and a DEX, so the question is never whether extraction happens but how much of it flows back to users. The industry's bet is that the useful component is structurally permanent while the toxic component can be shrunk by a combination of better mitigation tools, protocol-level changes like ePBS, and user-facing RPCs that route around the worst of it.
The 2024-2025 data supports that bet on Ethereum: monthly toxic extraction is down roughly 75 percent from late 2024 levels. The same cannot be said for Solana, where sandwich extraction remains in nine-digit territory because the protocol-level defaults and user tooling have not caught up. The MEV problem is not unique to any one chain, but the maturity of the response varies widely.
For trades under a few thousand dollars, the practical advice has not changed: use a protected RPC or a protected DEX, set reasonable slippage, and check whether your wallet ships MEV defenses by default. For larger trades, always route through an intent-based aggregator or a protected venue. MEV is not going away, but for the first time since 2022, the tools are tilting in the user's favor.
The bottom line on what MEV is in crypto
MEV is the quiet, load-bearing layer of DeFi economics. It is where searchers, builders, and validators compete for additional value generated by your transaction order, and where roughly $1.3 to $1.8 billion has been extracted from users since 2020 depending on who counts and which chains you include. Understanding MEV is not optional for anyone trading regularly on a DEX or holding positions in lending markets. The good news is that in 2026, the mitigation stack is real, the toxic slice of Ethereum extraction is shrinking, and ePBS is finally moving from whitepaper to deployment. The bad news is that Solana remains a wild west for bot activity and that relay concentration on Ethereum is still a single point of failure nobody has fully solved.
If you remember nothing else from this guide: route your swaps through Flashbots Protect, MEV Blocker, or CoW Swap. That one habit removes roughly 95 percent of the toxic MEV exposure a normal retail user will ever face.
