Flash loans are a relatively new financial instrument that are enabled by smart contracts on blockchain networks such as Ethereum. A flash loan is an uncollateralized loan that allows a user to borrow a specific amount of cryptocurrency for a very short period of time, typically just one transaction.
What is a Flash Loan?
A flash loan is a short-term loan that can be borrowed and repaid within the same transaction on a decentralized finance (DeFi) platform. Flash loans allow users to borrow funds without the need for collateral, but they must be repaid quickly, typically within a few seconds or minutes. Flash loan attack is commonly used to make a profit.
Flash loans allow the borrower to access a large number of funds for a very short period of time, typically just a few minutes, without having to put up any collateral. These loans are often used for arbitrage and other types of high-speed trading, but they can also be risky because the borrower must repay the loan in full before the end of the loan period or else face significant penalties.
What is a Flash Loan Attack?
A flash loan attack is an exploitation of a platform’s smart contract security in which an attacker takes advantage of the short-term nature and lack of collateral requirements of flash loans. Attackers can borrow large amounts of funds, manipulate the price of a cryptocurrency asset on one exchange before quickly selling it on another, and repay the loan before the market corrects itself, resulting in a profit for the attacker and a loss for other market participants.
Flash loans allow borrowers to quickly access capital for arbitrage opportunities, liquidity provision, and other forms of trading. However, flash loans can also be used for malicious purposes, such as flash loan attacks.
A flash loan attack occurs when a malicious actor borrows a large amount of capital from a DeFi platform and uses it to manipulate the market or exploit a vulnerability in the system. This can be done by buying up a large amount of a specific asset, manipulating the price of that asset, and then selling it back to the platform at a profit.
The Flow of Flash Loan Attack:
- An attacker borrows a large amount of token A from a protocol supporting flash loans.
- An attacker swaps token A for token B on a DEX (lowering the spot price of token A and increasing the spot price of token B on the DEX).
- The attacker deposits the purchased token B as collateral on a DeFi protocol that uses the spot price from the above DEX as its sole price feed. It uses the manipulated spot price to borrow a larger token A than should be possible.
- The attacker uses a portion of borrowed token A to fully repay the original flash loan and keep the remaining tokens, generating a profit using the protocol’s manipulated price feed.
- As the spot prices of tokens, A and B on the DEX are arbitraged back to the true market-wide price, the DeFi protocol is left with an undercollateralized position.
Flash Loan Attack Examples:
Following are some flash loan attack examples:
Blockchain Protocol: Avalanche
Date of Attack: April 17, 2022
Exploit Amount: $181M
Beanstalk Farm lost $182M on April 17, 2022, making it top the list of crypto platforms attacked by the flash loan exploits. It is a stablecoin protocol on Ethereum, who’s recently implemented governance mechanism—Curve LP Silos— got compromised.
Aided by the flash loans, the attacker secured significant voting rights. The attacker then used the governance mechanism to vote in favor of his own proposal— allowing him to send funds to his wallet address. And post that, the flash loan was repaid using the fund amount extracted from the protocol.
2. Cream Finance
Blockchain Protocol: Ethereum
Date of Attack: October 27, 2021
Exploit Amount: $130M
Second on the list causing a massive $130M loss is Cream Finance— Ethereum’s DeFi platform— which was hacked on October 27, 2021. In this case, it wasn’t a simple flash loan attack but was accomplished using complex tactics by the hacker, applying multiple deposits and withdrawals.
In summary, the hacker borrowed $1.5Bn in Yearn protocol’s USD vault shares against $2Bn in collateral. He then doubled the value of the shares by donating the same yUSD to yearn vault, making the debt on cream $3Bn against $2Bn in collateral. The $1Bn balance is the hacker’s profit, but since Cream had only $130M worth of assets, that became the hacker’s total gain.
3. Fei rari
Blockchain Protocol: Arbitrum
Date of Attack: May 1, 2022
Exploit Amount: $80M
On April 30, 2022, Fei protocol— Arbitrum’s DeFi platform— was hacked for over $80M. The attack was an amalgamation of both reentrancy and flash loan exploits.
The Reentrancy security flaw allowed the attackers to borrow assets while withdrawing all the submitted collateral. In particular, the attacker borrowed assets from the pool and flash loaned many tokens/WETH as collateral. The contract’s borrow function was without the check-effect-interaction pattern. It allows the transfer of ETH to the attacker’s contract prior to updating the attacker’s borrow records. The above-given steps were repeated for multiple tokens. Finally, the attacker returned the flash loan and transferred his profits routing through tornado cash.
How to Detect Flash Loan Attack:
- Monitor the Ethereum blockchain explorer for large and rapid transfers of funds.
- Check for any unusual spikes in a specific token’s trading volume or liquidity.
- Check for suspicious transactions that are made between multiple addresses in a short time frame.
- Keep track of the known flash loan addresses and their activities.
- Check for any irregular patterns in the trading prices of specific tokens.
- Review the smart contract code to see if it includes any flash loan functions.
- Collaborate with other DeFi stakeholders to share information and detect any potential attacks.
Automated Tools to Detect Flash Loan Attack:
- Mythril: a security analysis tool that uses formal verification to identify vulnerabilities in smart contracts.
- ConsenSys Diligence: a security audit firm that offers smart contract auditing services to identify potential security risks.
- ChainSafe: a blockchain security firm providing smart contract security services, including flash loan attack detection.
- OpenZeppelin: an open-source framework for writing secure smart contracts, including tools to detect flash loan attacks.
- SmartCheck: a smart contract security tool that offers automated analysis and reporting of potential security issues, including flash loan attacks.
- Remix: an online integrated development environment (IDE) for writing and testing smart contracts with built-in security analysis tools.
- Surya: a smart contract auditing tool that analyzes code to detect vulnerabilities, including flash loan attacks.
How to Mitigate Flash Loan Attacks:
To mitigate the risk of flash loan attacks, DeFi platforms can implement measures such as limiting the Amount of capital borrowed in a flash loan, implementing stricter lending and borrowing protocols, and increasing transparency and oversight of the platform. Users should also be vigilant and conduct thorough research before participating in any DeFi platform.
Another way to protect against flash loan attacks is to build secure smart contract and conduct regular auditing. This can help to identify and fix any vulnerabilities in the code before attackers can exploit them.
It’s also important to note that flash loan attacks can be unintended, where a user can accidentally cause market manipulation because of a lack of knowledge about the potential impact of their actions.
Use smart contracts: Implement smart contract security measures to prevent flash loan attacks, such as rate limiting or transaction throttling.
In summary, flash loan attacks are a potential vulnerability in the DeFi ecosystem, and it’s important for everyone to be aware of the risks and take steps to protect themselves. However, it is not appropriate to exploit such vulnerabilities, and instead, it is important to be responsible and ethical in all your actions.