Solana MEV in 2026 — Sandwich Attacks & Jito
Here is the question that breaks every Ethereum-trained intuition the first time you look seriously at Solana: Solana does not have a public mempool. Transactions are forwarded straight to the current leader validator over a private QUIC connection. There is no pending-pool that anyone can read. So how, exactly, is MEV a multi-hundred-million-dollar industry on this chain? Why does your Pump.fun buy still get sandwiched? Where is the leak? This piece answers that, slot by slot, then walks through what actually protects you in 2026 — and what is theater.
Why Solana MEV is fundamentally different from Ethereum
On Ethereum, MEV extraction is conceptually simple: the public mempool is a global broadcast channel. Anyone with an RPC connection sees every pending swap, every liquidation, every NFT mint transaction before it is included. Searchers race to bundle profitable orderings and pay validators (via Flashbots) to include them. Block times are 12 seconds, which is an eternity. The attack surface is "everyone can see everything."
Solana inverts almost every one of those assumptions:
- No public mempool. The Gulf Stream protocol forwards transactions directly to the next four leader validators based on the leader schedule. There is no global pending-pool to monitor. If you submit a tx via your own RPC node, the only people who see it before inclusion are those validators.
- Leader rotation, not auctions. Solana picks a leader for each ~400ms slot from the active validator set based on stake-weighted scheduling. The leader for slot N is known in advance. There is no per-block auction the way Ethereum has post- MEV-Boost.
- 400ms slot time. An entire epoch of opportunity lasts less than half a second. Defenders and attackers both have to operate on a network-latency budget that makes Ethereum-style tactics impossible.
- Compute units, not gas. Solana prices priority
not in gas-price but in
microlamports per compute unit, where a standard swap consumes around 150,000 CUs. The economic logic is identical but the math looks different.
So if there's no mempool, where is the MEV coming from? The answer is that parts of the transaction-forwarding pipeline are private, but parts are not. And the biggest non-private part is Jito.
The four MEV vectors on Solana in 2026
Before going deep on sandwiches specifically, here are the four revenue streams that searchers actually run on Solana right now. They are not equally common, and they are not equally avoidable:
- Sandwich attacks — frontrun + backrun a buy or sell on an AMM pool to capture the slippage delta. The single largest extraction category on memecoins. We cover this end-to- end below.
- Atomic arbitrage — exploit price discrepancies across DEXs (Raydium vs. Orca vs. Meteora) inside a single transaction. Largely a net-positive for users, since it tightens spreads. Searchers compete fiercely for these and pay massive tips.
- Liquidations — close undercollateralized lending positions on protocols like Kamino, MarginFi, Drift, and Solend. Less relevant to memecoin traders but a meaningful slice of Jito tip volume.
- JIT-LP (just-in-time liquidity) — searchers detect a large incoming swap, deposit single-sided liquidity into the pool's tight range right before the swap, capture the LP fee, then withdraw immediately after. Concentrated-liquidity-specific. Rare on memecoin AMMs but common on stable swaps.
For a memecoin trader the relevant one is almost always sandwich. Atomic arb makes your fills better. JIT-LP doesn't target your size class. Liquidations don't touch you unless you're using a lending protocol. So the rest of this piece is mostly about the first vector.
How a sandwich attack works on Solana, transaction by transaction
Let's walk through one explicitly. You decide to buy 20 SOL of a mid-cap memecoin on Raydium. Your wallet builds the swap transaction. Here is what actually happens in the next 800ms:
- Slot N, t = 0ms. You sign the transaction. Your wallet's RPC provider (let's say a public RPC) submits it. If that RPC also runs a Jito-connected searcher infrastructure, or if it forwards via the Jito Block Engine for fee revenue, your tx is now visible to anyone reading the Jito relayer feed.
- Slot N, t = 30ms. A searcher bot detects your pending swap. It parses the instruction, sees the pool address, sees the input amount (20 SOL), sees the slippage tolerance (let's say 10%). It runs a price-impact simulation: 20 SOL into this pool will move price by ~3.5%. It calculates the optimal sandwich size — typically 30-60% of your buy amount — so 8 SOL.
- Slot N, t = 80ms. The searcher constructs a
Jito bundle:
[searcher_buy_8_SOL, your_buy_20_SOL, searcher_sell_8_SOL_of_token]. They submit the bundle with a tip large enough to win the auction for this slot — say 50,000 lamports. - Slot N+1, t = 400ms. The next leader includes the bundle atomically. All three transactions land in the same block, in the order the searcher specified. Your trade executes between the searcher's buy and sell.
- Outcome. The searcher bought before you, pushing pool price up 1.4%. Your buy executed at the new inflated price, pushing it up another 3.5%. The searcher then sold at the post-your-buy price, capturing the ~1.4% delta on their 8 SOL position. Net to them: ~0.11 SOL. Net to you: you paid roughly 1.4% more than you would have on an empty pool.
The critical observation here is in step 1: your transaction was visible to the attacker before it landed. Not because Solana has a mempool, but because the path your RPC chose to submit it goes through infrastructure that intentionally surfaces pending transactions to searchers. That infrastructure is, in 2026, almost entirely the Jito stack. So Jito is simultaneously the cause and the cure.
Enter Jito — the block engine that monetises MEV
Jito Labs runs three things that together account for most of Solana's MEV market:
- The Jito-Solana validator client, a fork of the reference validator that supports the Block Engine. As of 2026, a majority of staked SOL runs Jito-Solana.
- The Block Engine, an off-chain auction system that accepts bundles (ordered groups of transactions that land atomically or not at all) and pays Jito validators to include the winning bundle.
- The Relayer, which receives transactions and bundles from clients (RPC providers, searchers, bots) and forwards them to the Block Engine.
The mechanics in plain terms: when a Jito validator gets its leader slot, instead of just sequencing transactions by priority fee, it pulls in the highest-paying bundle from the Block Engine auction and inserts it at the top of the block. The "payment" is the bundle's tip — lamports sent to a designated Jito tip account inside one of the bundle's transactions. Validators keep 95% of tips. Jito keeps 5%.
This is the architectural change that made sandwich attacks economically viable at scale on Solana. Before Jito (early 2023 and earlier) sandwiching required spamming the leader directly with higher-priority-fee competing transactions and praying for the ordering to land correctly. Probabilistic and unreliable. With Jito bundles, the searcher can guarantee atomic ordering: their frontrun, your swap, their backrun, all in one indivisible unit. That guarantee turned MEV from a side hustle into an industry.
Jito bundles, tips, and how serious bots use them
For a trader, the same infrastructure that enables sandwiches also provides the strongest protection — if you use it correctly. A detailed walkthrough is in our Jito bundles guide, but the essentials:
- A bundle is up to 5 transactions submitted as one atomic unit. All land or none do. There is no partial inclusion.
- Bundles cost a tip in lamports, sent to one of eight rotating Jito tip accounts. Typical retail tips are 1,000 to 10,000 lamports (about $0.00015 to $0.0015 at $150 SOL). Searchers in sandwich races routinely tip 50,000 to 500,000 lamports ($0.0075 to $0.075) for valuable slots.
- Bundles submitted to Jito do not hit the public RPC pipeline. They go straight to the Block Engine and then to a Jito validator. Searchers reading the public relayer feed don't see them in time to construct a sandwich.
- If your bundle's tip is too low to win the auction, it simply doesn't land. You don't pay the tip on losing trades, which is a key difference from priority fees.
The result: bundling is the closest thing Solana has to a private mempool. Not perfectly private — the searcher infrastructure can still observe bundle composition if they win the auction or are embedded in the Block Engine — but private enough that the standard retail sandwich vector is closed.
Protection layer 1 — Jito bundles for atomic execution
The strongest defense, period. When your swap is wrapped in a bundle:
- The transaction does not appear in any feed that a searcher could observe before inclusion.
- If the bundle lands, it lands atomically — there is no slot in which a searcher could insert a frontrun.
- If a searcher tries to outbid your bundle's tip, they win the auction with their bundle. But their bundle doesn't contain your transaction, so they can't sandwich it. Worst case your tx just doesn't land that slot and you retry. No loss.
This is why every serious memecoin bot in 2026 routes through Jito by default — see our breakdown of automated trading on MoonHydra, where the snipe path is Jito-bundled out of the box. Manual buys also can be, depending on configuration.
The cost of this protection: the tip. On a 20 SOL trade, a 5,000- lamport tip is 0.0025% of the position. That is a rounding error against a 1-3% sandwich loss.
Protection layer 2 — Setting priority fees correctly
Priority fees and Jito tips are not the same mechanism, but they interact. A correctly-set priority fee guarantees your transaction is even considered for inclusion when the chain is congested. A Jito tip is what wins the bundle auction inside that inclusion. We have a full breakdown in Solana priority fees explained, but the MEV-specific implication is this:
If you only set a priority fee and skip Jito, your transaction enters the standard validator pipeline and is observable by searchers monitoring upstream RPC infrastructure. Your high priority fee gets you included faster, but it doesn't make you invisible — and "faster but visible" is exactly the condition sandwich bots are optimized to exploit.
Practical heuristic for memecoin trades in 2026:
- Quiet pool, no race, small size — 100,000 microlamports per CU, no Jito tip needed.
- Active memecoin pool, normal-size trade — 100,000 mLamps/CU and a 1,000-lamport Jito tip.
- Snipe at LP-add or migration — 500,000 to 2,000,000 mLamps/CU AND a 10,000-50,000 lamport Jito tip. See our Pump.fun sniper guide and the sniper feature page for context.
Protection layer 3 — Slippage discipline
Here is the unintuitive part that more advanced traders sometimes miss: your slippage tolerance is the upper bound on what a sandwich attacker can extract from you. If you set slippage to 20% because you don't want failed swaps, you are voluntarily handing every sandwich bot a 20%-tall extraction window. They will fill it.
The math: a sandwich's profit equals the difference between your fill price and the no-sandwich price. The attacker sizes their frontrun to maximize this delta without pushing your slippage tolerance over the edge (which would fail your tx and erase their profit). So your slippage setting is the ceiling on their take. A 1% slippage means they can extract at most ~1%. A 10% slippage means they can extract up to ~10%.
For most memecoin trades in 2026, slippage should be:
- 0.5–1% on deep pools (Jupiter route via top-tier liquidity, e.g. BONK/SOL on Orca Whirlpool).
- 2–3% on mid-cap memecoins on Raydium AMMs.
- 5–10% on fresh launches and Pump.fun graduates where price is genuinely volatile per-block.
- Avoid >15% except in emergency exits — that's a sandwich- attacker invitation.
The brutal truth: for the median trader, sloppy slippage costs more SOL per year than sandwich attacks themselves. MEV is a symptom of the leak, slippage is often the leak.
What MoonHydra does about MEV
To be specific and honest rather than vague:
- Jito routing is the default on snipe transactions. Every Pump.fun snipe and migration buy goes through a Jito bundle with a configurable tip. Default tip is 1,000 lamports, raise it in your config for competitive launches.
- Manual swaps are configurable. You can route
manual buys and sells through Jito or via standard priority-fee
submission. The default is standard for low-stakes trades because
the Jito tip is wasted on a $5 buy of a quiet token. Toggle in
/settings. - Slippage is per-trade, not a global default.
Buy and sell defaults are set in
/settings, but each manual trade can override. The sniper has its own per-token slippage config because LP-add slippage requirements are different from steady-state trading. - Encrypted keys, non-custodial path. All your wallet private keys are AES-256-GCM encrypted at rest. MoonHydra never holds your funds. The MEV pipeline is just one layer of defense — for the rest, see the security page. Multi-wallet operation is described under multi-wallet.
What we explicitly don't claim: zero MEV. No bot can promise that on Solana right now without lying. We claim that the trades where MEV would meaningfully cost you — snipes, large fills, fast exits — are bundle-routed by default, and the trades where bundle costs would be silly are not. That's the honest version. For a broader background piece on the same topic, see MEV protection explained, which covers the same ground in less technical depth.
The 2026 outlook — Helius validators, vote-credit-aware leaders, evolving block engines
Three structural shifts to watch this year:
- Helius and other RPC providers running their own validators. When your RPC provider is also a validator, the in-flight tx-routing path can be made fully private from submission to inclusion. Helius announced their validator stack late 2025 and several competitors are building similar pipes. This is a meaningful protection upgrade for anyone routing through their RPC.
- Vote-credit-aware leader scheduling. Solana governance is gradually shifting toward weighting leader slots by recent vote performance, which has the side-effect of shifting more block-space to high-performance Jito validators. Net effect: the MEV auction becomes even more dominant.
- Alternative block engines. A handful of teams are building competitors to Jito's relayer — some explicitly MEV-resistant by refusing to expose pending transactions to external searchers. Watch this space. If a credible non-extractive block engine reaches scale, the protection-by-default story for retail improves dramatically.
The bottom line
Solana MEV is real, structural, and not going anywhere in 2026. But it is also solvable for the cases that actually cost you money, using exactly the same infrastructure (Jito) that makes it possible. The recipe for a 2026 memecoin trader is boring and unromantic:
- Bundle anything where speed and frontrun-resistance matter together: snipes, migrations, fast exits.
- Don't bundle when the cost-to-benefit doesn't justify it: small manual buys, quiet-pool DCAs, withdrawals.
- Keep slippage tight — it caps attacker extraction.
- Use a competent RPC. Routing through public Solana endpoints in 2026 is a self-inflicted MEV tax.
Do those four things and you've closed the lid on 95% of the extractable value on your trades. The remaining 5% is the cost of doing business on a public, adversarial chain — and honestly, it's a price worth paying for the throughput Solana gives you.
Try the bot — @moonhydrabot. Read the engineering side — security. Or look at how the auto-trading layer composes against MEV by default — auto-trading.
Ready to put this into practice?
MoonHydra is a multi-wallet Solana memecoin trading bot on Telegram. 1% per trade. AES-256-GCM encrypted. Non-custodial.
Open MoonHydra