Vitalik Buterin’s token swap was front-run and back-run by the jaredfromsubway.eth bot on April 30, 2026, marking a high-profile demonstration of MEV sandwich attacks despite months of public advocacy by the Ethereum co-founder for encrypted mempools to combat the practice. The bot executed trades on both SushiSwap and Uniswap V2 around Buterin’s 26,544 XDB token swap, extracting value through transaction ordering even as the attack ultimately cost the bot $5.14 in gas fees.
How the Sandwich Attack Unfolded
The jaredfromsubyer.eth bot, which has operated continuously since 2023 and extracted $7 million cumulatively, positioned itself ahead of and behind Buterin’s swap in block 24993038. The bot deployed $1.14 million in WETH to manipulate XDB pricing across liquidity pools. Buterin received 0.00197 ETH (worth $4.56) for his 26,544 XDB tokens (valued at $3.86), with slippage losses estimated in the low cents range. The attack structure is textbook sandwich mechanics: front-run to move the price against the victim, execute the victim’s transaction at worse terms, then back-run to capture the price recovery.
MEV Volume and Bot Resilience
Sandwich attacks now represent 51% of total MEV volume on Ethereum, which has accumulated $1.2 billion in extracted value. The jaredfromsubway.eth bot’s longevity is notable—it has survived protocol upgrades and builder exploits since rising to prominence in 2023, when it accounted for 7% of network gas fees in April alone. Despite losing money on this particular transaction, the bot continues scanning the mempool for opportunities, demonstrating that MEV extraction persists regardless of individual trade profitability. The bot’s persistence highlights a structural problem: even unprofitable attacks remain economically rational at scale.
Encrypted Mempools and the 2026 Roadmap
Buterin has spent months campaigning for encrypted mempools as a core priority in Ethereum’s 2026 roadmap. The technology would hide pending transactions from public view until inclusion, theoretically eliminating the ordering advantage MEV bots exploit. This incident underscores the gap between advocacy and implementation—encrypted mempools remain undeployed despite their positioning as a toxicity cure. The attack on Buterin’s own transaction carries symbolic weight: if even the protocol’s founder cannot avoid sandwich attacks while publicly fighting them, the urgency of the technical fix becomes undeniable.
What Comes Next
No timeline for encrypted mempool deployment has been confirmed. The incident raises questions about interim defenses and whether application-layer solutions like threshold encryption or private order flow will gain adoption faster. Builders and searchers continue operating within current protocol rules, and until encrypted mempools are live, sandwich attacks remain a rational extraction strategy regardless of individual profitability. The MEV gods, as one observer noted, do not discriminate.
