Automated Market Makers (AMMs) hold over $30 billion in total value locked. They're also constant targets for manipulation. AMM pools face sandwich attacks, virtual reserve manipulation, LP token inflation, first-depositor exploits, and concentrated liquidity position abuse. Understanding these risks is essential for anyone building or using a DEX.
1. Sandwich Attacks on Pools
MEV bots place trades before and after large user swaps to extract value from the price impact. Large trades on low-liquidity pools are most vulnerable.
2. First-Depositor / Empty Pool Attack
// VULNERABLE: First depositor sets the price ratio
// Attacker deposits 1 WEI of Token A and 1000 ETH of Token B
// Initial price is massively skewed
// Subsequent depositors get terrible rates
// MITIGATION: Require minimum initial liquidity
// Or: Use virtual reserves (initializing with non-zero k)3. LP Token Share Inflation
Related to the ERC-4626 vault donation attack: if an attacker can inflate the pool's reserves without minting LP tokens (via direct transfer), subsequent depositors' LP shares are diluted to zero.
4. Oracle Exploitation via Pool Manipulation
If another protocol uses your pool's spot price as an oracle, attackers can manipulate your pool to exploit that protocol — even if your pool itself is fine.
AMM Security Best Practices
- ✅ Enforce minimum liquidity on initial deposit
- ✅ Use virtual reserves or dead shares to prevent donation attacks
- ✅ Implement slippage protection for all swaps
- ✅ Add TWAP oracle functionality for external consumers
- ✅ Rate-limit large withdrawals
- ✅ Monitor for abnormal trading patterns
- ✅ Consider MEV protection (batch auctions, private mempools)
Pool-Specific Attack Vectors
| Vector | Affected Pools | Mitigation |
|---|---|---|
| Sandwich attacks | All AMMs | Private mempools, slippage limits |
| First depositor exploit | New/empty pools | Minimum liquidity, virtual reserves |
| LP inflation | Simple xy=k pools | Dead shares, donation protection |
| Concentrated liquidity abuse | Uniswap V3-style | JIT detection, position monitoring |
| Stale pool pricing | Low-volume pools | Maximum staleness checks |
How Vultbase Audits AMM Contracts
- Pattern DB — AMM-specific patterns covering sandwich, donation, inflation, and oracle exploitation
- DeFi Challenge — Simulates pool manipulation scenarios with flash loans
- Economic Analysis — Reviews incentive alignment and manipulation resistance
AMM security determines whether LP funds are safe. Audit your pool contracts before attracting liquidity.