The Solana Validator Who Earned $13M In 30 Days Sandwiching Retail

A sandwich attack is a Maximum Extractable Value extraction pattern. The mechanics:

A retail trader submits a swap transaction to a Solana DEX — typically Raydium, Orca, or Jupiter aggregator. The transaction sits in the public mempool (on Solana, the leader's slot mempool) for a few hundred milliseconds before inclusion in a block. During those milliseconds, an attacker's bot observes the pending transaction.

The bot front-runs by submitting its own swap transaction that buys the same asset just before the victim's trade — moving the asset's pool price up. The victim's transaction then executes at the inflated price, paying more for fewer tokens than they would have at the pool's pre-frontrun price. Immediately after the victim's transaction, the attacker submits a back-running transaction that sells the asset back into the pool, recapturing the slippage paid by the victim. The attacker's net position is unchanged in asset terms; the gain is the slippage extracted from the victim.

The "wide" variant of the attack runs across multiple slots — the front-run, victim transaction, and back-run are not necessarily in consecutive blocks. Per Helius' aggregate data, 93 percent of Solana sandwich attacks during the 2024-2025 study window were wide variants.

This requires the attacker to know with high confidence which validator will produce the next block(s). That confidence is what brings the validator complicity into the story.

The validator address documented in the Helius MEV report is `HM5H6FAYWEMcm9PCXFbbiUFfFVLTN9UGy9AqmMQjdMRA`, operated by DeezNode.

DeezNode's stake at the height of the documented period: approximately 811,604.73 SOL — around $168.5 million notional. Network rank: 93rd by stake. The stake surged from 307,900 SOL at epoch 697 (November 13, 2024) to 802,500 SOL at epoch 709 (December 9, 2024). Approximately 19.89 percent of DeezNode's stake came from the Marinade mSOL liquid-staking pool.

The combined effect: a single validator with 0.1429 percent of Solana network stake produced approximately 12.5 percent of all extracted sandwich SOL during the documented window.

The disproportion is the story. Validators normally extract MEV proportional to their stake share, modulated by the efficiency of their internal block-building. A 0.14-percent stake should yield approximately 0.14 percent of MEV extraction — proportional and within normal variance. 12.5 percent is two orders of magnitude above proportional.

The mechanism per Helius' analysis: DeezNode operated a custom validator client modification that reordered transactions within its leader slots to facilitate sandwich attacks. The validator offered participating attacker bots a private mempool — meaning the bots had a pre-execution view of pending victim transactions that the public mempool did not provide. DeezNode reportedly offered participating validators a 50 percent revenue share for joining the private mempool, per Coinstelegram reporting.

Marinade Finance subsequently blacklisted DeezNode and over 50 additional validators identified by on-chain analyst 0xGhostLogs as operating anomalous block-ordering patterns. Jito banned 15 validators after a separate 0xGhostLogs report exposed 23 validators with anomalous patterns; six of the fifteen banned were also receiving Solana Foundation subsidies. The specific identities of the banned 15 have not been published; the bans are operational decisions made by Jito and Marinade as private actors, not public sanctions.

Academic confirmation: ACM IMC 2025 paper "Quantifying the Threat of Sandwiching MEV on Jito" provides peer-reviewable confirmation of the validator-level extraction concentration.

On April 8, 2026, Solana implemented a protocol-level mitigation. Per Cryptopolitan and Edgen reporting, the simple-sandwich variant became materially harder to execute. Daily losses fell to "transactions under $1 in most cases" per the reporting; MEV attackers paid only approximately 5 SOL in bot activity over the following month per a referenced Dune dashboard.

JitoBAM (Block Assembly Marketplace) launched as a TEE (Trusted Execution Environment)-based encrypted mempool, providing transaction privacy until execution. This is conceptually similar to Flashbots Protect on Ethereum but Solana-native.

The "solved" narrative is contested. PANews and Gate Learn reported through April-May 2026 that sandwich attacks are returning — now disguised as "protection fees" via priority-fee competition. The mechanism: attackers compete with retail in the priority-fee market, getting their transactions included by paying more, then executing the same sandwich pattern via the priority lane rather than via the public mempool. The attack vector has shifted, not disappeared.

Until additional data through Q2 2026 settles the dispute, the conservative read is: simple sandwich attacks fell after April 8, sophisticated priority-fee-based attacks may be substituting. The $500 million cumulative extraction figure may stabilize; it has not been documented to reverse.

Zero of the publicly identified sandwich operators — DeezNode, Vpe, arsc, B91 — has been criminally charged or civilly sued as of May 15, 2026. The reason is structural, not investigative.

The legal precedents:

**Eisenberg (Mango Markets)**: Avraham Eisenberg was convicted in 2024 for the October 2022 Mango Markets manipulation that extracted $110 million via oracle price manipulation. The conviction was **overturned by SDNY on May 23, 2025** on venue and insufficient-evidence grounds. SEC and CFTC civil suits remain ongoing but no new criminal trial has been scheduled.

**Peraire-Bueno brothers ($25M Ethereum MEV case)**: Anton and James Peraire-Bueno, MIT graduates, were charged with wire fraud and money laundering for a $25 million Ethereum MEV extraction in April 2023. The case went to trial in Q1 2026. The jury **deadlocked** — jurors were reported crying, sleepless, and unable to reach a verdict. DOJ requested a retrial; The Block reported in February 2026 that prosecutors are seeking a new trial date.

The two outcomes together — Eisenberg's conviction overturned, Peraire-Bueno mistrial — demonstrate that US juries are not consistently willing to apply wire-fraud or money-laundering statutes to MEV-style extraction. The conduct is on-chain, the technical mechanism is novel, and the jury instructions struggle to bridge the gap between "this is how Solana works" and "this is criminal."

Until DOJ produces a clean conviction in an MEV case, sandwich-attack operators face minimal legal risk. Civil class actions are theoretically available — retail victims could sue collectively — but the per-victim damages ($8.67 average per sandwich) make conventional class-action economics unfavorable.

Practical consequence: sandwich operators are publicly identified by handle and wallet, profile-piece by Helius and Crypto.news, ranked in academic literature, banned by Marinade and Jito at the private-actor level — and not prosecuted. The economic incentive to operate continues. The April 8 fix is a technical mitigation; the legal landscape has not changed.

For an AML/compliance vendor, sandwich attacks are operationally adjacent rather than central. The proceeds are technically lawful (no statute has consistently criminalized the conduct), the victims are anonymous retail traders, and the recovery mechanism is non-existent. Standard wallet-screening engines do not tag sandwich-operator wallets as Critical because the conduct does not meet the standard risk categories (sanctions, terrorism, fraud, theft).

Sanctuary's approach: sandwich-operator wallets carry the entity_type `mev_bot` with elevated risk weighting for transactions that interact with retail-protective rails. A CEX or wallet UI that integrates Sanctuary's screening can — at customer discretion — flag MEV-bot-adjacent counterparties for additional surveillance, particularly when the counterparty is the receiving end of a customer's swap.

For Solana protocol teams: the April 8 fix and JitoBAM should be evaluated as table-stakes. Protocols that do not integrate at least one of these protections are leaving customers exposed to the priority-fee-based sandwich revival.

For institutional traders: Astralane, Merkle private relay via QuickNode, and Jito Bundles provide MEV protection that materially reduces sandwich exposure. The cost is a small premium over public-mempool execution; the saving is the per-trade slippage that would otherwise go to operators like Vpe.

For policy: the absence of MEV prosecutions through May 2026 is a regulatory gap that may persist. If the DOJ secures a clean conviction in the Peraire-Bueno retrial, the calculus changes. Until then, sandwich-attack operation in Solana is a gray-zone profession with public operators, named addresses, and no legal consequence.

A validator with 0.14 percent of stake should produce 0.14 percent of MEV. DeezNode produced 12.5 percent. The math is not subtle.

For Solana retail traders: use protected execution paths. For protocols: integrate JitoBAM or equivalent. For policy: the legal framework has not caught up to the operational reality. The chain is public. The wallets are named. The prosecutions are not happening.

Screen the chain. The operators are on it.