Skip to content

Contract Analysis

DISCLAIMER // NFA // DYOR

This analysis is based on observations of the contract bytecode. We are not smart contract security experts. This document aims to explain what the contract appears to do based on the code. It should not be considered a comprehensive security audit or financial advice. Always verify critical information independently and consult with blockchain security professionals for important decisions.

This analysis is based on decompiled bytecode, which may not perfectly represent the original source code.

⊙ generated by robots | curated by humans

Analysis Date: 2026-01-05

Metadata

Primary Contract

PROPERTY VALUE
Contract Address 0x1f2f10d1c40777ae1da742455c65828ff36df387 (etherscan)
Network Ethereum Mainnet
Contract Type Standalone MEV Bot
Deployment Date ~August 1, 2024
Contract Creator 0x4d521577f820525964c392352bb220482f1aa63b (etherscan)
Bytecode Size 13,835 bytes
Total Functions ~50+ entry points (encoded selectors)
External Contract Dependencies 8+ major protocols
Upgrade Mechanism ☑ None - Not Upgradable
Verification Status ☒ Unverified
Audit Status ☒ Not Audited (private MEV bot)
TYPE ADDRESS NOTES
Operator/Owner 0xae2Fc483527b8ef99eb5d9b44875f005ba1FaE13 (etherscan) jaredfromsubway.eth - Sole authorized caller
WETH 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2 (etherscan) Wrapped Ether
USDC 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48 (etherscan) USD Coin
USDT 0xdAC17F958D2ee523a2206206994597C13D831ec7 (etherscan) Tether
Balancer Vault 0xBA12222222228d8Ba445958a75a0704d566BF2C8 (etherscan) Balancer V2 Vault
Uniswap V2 Factory 0x5C69bEe701ef814a2B6a3EDD4B1652CB9cc5aA6f (etherscan) Pair creation
Uniswap V3 Factory 0x1F98431c8aD98523631AE4a59f267346ea31F984 (etherscan) Pool creation
Previous Bot (Jared 1.0) 0x6b75d8af000000e20b7a7ddf000ba900b4009a80 (etherscan) Deprecated August 2024

Executive Summary

This contract is the second iteration of the notorious jaredfromsubway.eth MEV bot, commonly referred to as "Jared 2.0." It is a highly optimized, multi-protocol trading bot designed to execute Sandwich Attacks and arbitrage across multiple decentralized exchanges.

Primary Purpose: Extract MEV (Maximal Extractable Value) from pending transactions by front-running and back-running victim trades.

Intended Audience: Single operator (jaredfromsubway.eth) - the contract enforces strict access control that only allows transactions from one specific EOA.

Key Mechanisms:

  • Multi-DEX routing (Uniswap V2/V3, Balancer, Curve, DODO)
  • Concentrated liquidity manipulation (Uniswap V3 mint/burn/collect)
  • Optimized calldata encoding for gas efficiency
  • Stateless design (no storage slots used)
  • Jump table dispatch for function routing

Significant Trust Assumptions: None from an external user perspective - this contract is not designed to be interacted with by anyone other than its operator.

Notable Observations:

  • The contract has processed over 2.39 million transactions
  • Generated 765+ ETH in builder rewards in its first two weeks
  • Implements "multi-layer" sandwich attacks (5-layer and 7-layer)
  • Uses liquidity provision as an attack vector, not just swaps

Architecture

graph TD
    subgraph Operator["Operator (jaredfromsubway.eth)"]
        EOA["0xae2Fc4...FaE13"]
    end

    subgraph Bot["Jared 2.0 MEV Bot"]
        AC["Access Control<br/>(tx.origin check)"]
        JT["Jump Table<br/>(Function Router)"]

        subgraph Strategies["Attack Strategies"]
            S1["Simple Sandwich"]
            S2["5-Layer Sandwich"]
            S3["7-Layer Sandwich"]
            S4["CEX-DEX Arbitrage"]
        end
    end

    subgraph DEXs["Integrated DEXs"]
        UV2["Uniswap V2<br/>(swap, pair calc)"]
        UV3["Uniswap V3<br/>(swap, mint, burn, collect)"]
        BAL["Balancer V2<br/>(swap via Vault)"]
        CRV["Curve<br/>(exchange)"]
        DODO["DODO<br/>(sellBase, sellQuote)"]
    end

    subgraph Tokens["Core Tokens"]
        WETH["WETH"]
        USDC["USDC"]
        USDT["USDT"]
        OTHER["Any ERC20"]
    end

    subgraph Builders["Block Builders"]
        BB["Beaverbuild"]
        TT["Titan"]
        OTH["Others"]
    end

    EOA -->|"tx.origin must match"| AC
    AC -->|"decode selector"| JT
    JT --> Strategies
    Strategies --> DEXs
    DEXs <--> Tokens
    Bot -.->|"builder tips"| Builders

Figure 1: Jared 2.0 architecture showing operator access control, multi-DEX integration, and builder relationships.

System Overview

The Jared 2.0 MEV bot is a stateless, highly-optimized contract designed for one purpose: extract value from pending transactions across multiple DEX protocols. The contract operates through:

  • A strict access control mechanism at the entry point checking tx.origin
  • A jump table that routes encoded calldata to specific attack strategies
  • Pre-encoded function selectors and template data for gas-efficient execution
  • Direct integration with Uniswap V2, Uniswap V3, Balancer, Curve, and DODO

The contract does not:

  • Store any state between transactions
  • Have any administrative functions
  • Allow any external interaction (by design)
  • Emit events (to minimize gas and information leakage)

Design Patterns Used

  • Jump Table Dispatch: The contract uses computed jumps based on the first bytes of calldata to route to different attack strategies. This is extremely gas-efficient compared to standard Solidity function dispatch.

  • Stateless Design: No storage slots are used. All operation parameters are passed via calldata. This reduces gas costs and eliminates storage-related vulnerabilities.

  • Pre-encoded Templates: Function selectors and partial calldata for common operations (WETH deposit/withdraw, ERC20 transfers) are embedded in the bytecode to minimize runtime computation.

  • Inline Address Computation: Uniswap V2 pair addresses are computed inline using CREATE2 formulas rather than querying the factory, saving gas on each swap.

Access Control

Roles & Permissions

ROLE ASSIGNED BY REVOKABLE CALL COUNT
Operator Hardcoded in bytecode No Unlimited

Permission Matrix

Function jaredfromsubway.eth Anyone Else
Any function

Access Control Mechanism

The contract enforces access control at the bytecode level:

0x3460ff164260ff161473ae2fc483527b8ef99eb5d9b44875f005ba1fae13331416602857613476565b

This translates approximately to:

require(tx.origin == 0xae2Fc483527b8ef99eb5d9b44875f005ba1FaE13);

The check uses tx.origin (the original transaction sender) rather than msg.sender, which means:

  • Only transactions initiated by the operator EOA can execute any code
  • Even if another contract calls this bot, the check will fail
  • This is intentional for MEV bots to prevent flash loan attacks

Time Locks & Delays

ACTION TIME LOCK CAN CANCEL PURPOSE
All operations None N/A ☑ Immediate execution required for MEV

Economic Model

Revenue Generation

The bot generates revenue through several mechanisms:

  1. Sandwich Attacks: Front-run victim transactions, let them execute at worse prices, back-run to capture spread
  2. Arbitrage: Exploit price differences across DEXs
  3. Liquidity Manipulation: Add/remove concentrated liquidity to create favorable price impacts

Fee Structure

FEE TYPE AMOUNT RECIPIENT PURPOSE
Builder Tips Variable Block builders Priority inclusion
Gas Fees Variable Ethereum validators Transaction execution
DEX Fees 0.3% (typical) Liquidity providers Swap execution

Builder Reward Distribution (First 2 Weeks)

BUILDER ETH RECEIVED PERCENTAGE
Beaverbuild 526 ETH 61.9%
Titan 209 ETH 24.6%
Others 116 ETH 13.5%
Total 851 ETH 100%

Summary of Observations

The Jared 2.0 MEV bot represents a sophisticated evolution in on-chain value extraction. Based on the bytecode analysis:

Contract Purpose: This is unambiguously an MEV extraction bot. The multi-DEX integration, concentrated liquidity functions, and stateless design all point to a system optimized for executing sandwich attacks and arbitrage at scale.

Technical Sophistication:

  • The jump table dispatch mechanism is highly gas-optimized
  • Pre-encoded selectors eliminate runtime computation
  • Inline Uniswap V2 pair address calculation saves factory calls
  • Uniswap V3 liquidity functions (mint, burn, collect) enable the documented "multi-layer" attack strategies

Financial Scale:

  • 2.39 million transactions processed (as of January 2026)
  • 851 ETH ($2.2M) distributed to block builders in first two weeks
  • 765 ETH ($1.97M) in builder rewards from ~40,000 sandwiches

Security Observations:

  • The contract is not designed to hold funds long-term
  • Access control is hardcoded and cannot be changed
  • No upgrade mechanism exists
  • No administrative backdoors detected

This analysis was performed for educational purposes and should not be considered an official security audit or financial advice. The contract is intentionally designed to extract value from other users' transactions - interaction with this contract as a victim is by definition involuntary.

References

RESOURCE NOTES
EigenPhi: Jared 2.0 Analysis Primary source for attack mechanics and statistics
The Block: Jaredfromsubway Returns News coverage of Jared 2.0 launch
Etherscan: Contract On-chain transaction history
jaredfromsubway.eth Deep Dive Comprehensive entity analysis
Foundry Documentation Cast commands used for bytecode analysis

Changelog

DATE AUTHOR NOTES
2026-01-05 Artificial. Generated by robots.
2026-01-05 Denizen. Reviewed, edited, and curated by humans.