Flash Loans are a new invention in the DeFi space that was first introduced to the blockchain space by Ethereum based lending protocol AAVE in January of 2020. A flash loan is an uncollateralized extremely short-term loan. The loans are borrowed and repaid in the same transaction run by a smart contract. AAVE among others understands the importance of smart contract audits as it pertains to their DeFi protocols. However, smart contract audits are not a perfect solution as there can be vulnerabilities not in the code but in the design of a protocol. Let’s take a look at how flash loans exposed one such type of vulnerability, but first, we need to better understand flash loans.
Unsecured loans seem inherently extremely risky, however, in the case of flash loans, they are actually quite the opposite. In the event that the loan isn’t repaid in the same transaction, the transaction fails, making it as though the loan never happened.
One of the major distinctions of flash loans, and the reason that they are called flash loans is due to the instantaneous nature of the loan. A normal loan requires an application, review, approval, and has a fixed repayment schedule. Until the advent of smart contracts, an instant and uncollateralized loan was impossible without taking on outsized risk for the lender.
Flash loans present a unique opportunity for high-frequency traders as well as arbitrage traders. In the event that two exchanges have different prices for the same token, the ability to instantaneously access capital can allow a trader to sell on one exchange and purchase on another. This is called arbitrage and is considered a very low-risk strategy for earning money in crypto. Arbitrage was much more common in the early days of crypto when liquidity was low and exchanges didn’t use each other as price feeds. Today arbitrage opportunities are few and far between, but flash loans allow traders to take advantage of these opportunities when they do present themselves. High-frequency traders on the other hand use algorithms to make hundreds or thousands of transactions per day. They often look to take advantage of market inconsistencies before the rest of the market recognizes the opportunity.
A price oracle is a way to feed real-world data on-chain. Smart contracts don’t have a direct connection to the real world, and thus can only execute transactions based on the data that they are fed. In the crypto space, these oracles are usually price feeds of different tokens and exchanges. Accurate price feeds are necessary for exchanges and smart contracts to operate and to create an efficient market. In the case that an exchange is being fed a price incorrectly, that creates a major opportunity for traders to buy or sell on that exchange and then do the opposite trade on another exchange in order to earn money on the arbitrage opportunity between the two exchanges.
Imagine that you have a smart contract that is a wager between two parties - should the Saints win the football game, party A wins, but should the Patriots win, party B wins. You watch the game on tv and see that the Saints win, you expect to get paid. How does the smart contract know who won? The real-world data needs to be correctly sent onto the blockchain in order to allow the smart contract to execute as intended. How do you send the data on-chain? This is called the oracle problem. If you can control the inputs to the smart contract (the real-world data fed into it) then you can control how the smart contract executes. In the football wager above, if you control the input - you can tell the smart contract that the patriots won even when they didn’t. This would mean that the smart contract pays the wrong person for the bet.
Decentralized oracles have become a prominent solution to the oracle problem. Chainlink is the most widely adopted decentralized oracle in the blockchain space today. Many exchanges, protocols, and smart contracts today rely on Chainlinks oracles to correctly feed real-world data on-chain. There are many decentralized price oracles such as Kylin Network, Charli3, and many others. In a recent episode of the Leaderboard LIVE! Showcase, the CertiK team spoke with the Charli3 team about decentralized oracles, and how they can mitigate the potential of flash loans to be used maliciously. We also spoke about the importance of smart contract audits and how the future of DeFi will include multiple decentralized oracles being used in tandem rather than reliance on one oracle. Through the use of multiple decentralized oracles, the potential for a flash loan attack is significantly reduced.
Flash loans have been used to attack various exchanges and protocols over the past two years resulting in hundreds of millions of dollars lost. A flash loan attack is a type of attack in which a malicious user takes out a flash loan from a lending protocol, and uses the funds they’ve borrowed in order to manipulate prices on another protocol. A recent example of this type of attack was on the Crypto Burger NFT project. Another recent example is the Lever Finance exploit in this Twitter thread you can see a full review of the attack and how it worked. Flash loan attacks are very complicated, often requiring interactions with 4 or more protocols in quick succession with intricate planning ahead of time. The attacks have to happen very quickly in order for the attacker to pay back the flash loan before the transaction reverses. In the event of successful attacks, millions can be lost in a matter of seconds. Flash loan attacks are very lucrative especially because the loans are uncollateralized meaning that the attacker does not have to deploy a lot of capital in order to carry out the attack. Unlike a 51% attack the attacker doesn’t need control of the network nor do they need to put much capital at risk.
Smart contract audits are a necessary first step in mitigating the potential of a flash loan attack. Smart contract audits not only review the code but also review the business logic of the code in order to look for potential gamified attacks like flash loans. However, smart contract audits are not a silver bullet against these types of attacks. Skynet on-chain monitoring is another CertiK product that can help recognize on-chain attacks in real-time. CertiK puts out community alerts on the Security Leaderboard in order to help the DeFi community navigate more safely.
Flash loans can be used for both honest and malicious reasons. The advent of this type of loan sent shockwaves through the DeFi community when attacks using these loans became common, but security companies and decentralized oracles have worked together in order to help mitigate the potential for flash loans to attack projects. From smart contract audits to on-chain monitoring there are now tools in place to help projects build safer protocols from the ground up. Security is always a game of “cops and robbers” with security companies trying to stay ahead of malicious actors, and malicious actors trying to invent new types of attacks in order to stay ahead of security protocols. The prevalence of flash loan attacks is lower today than it has been in the past two years, a trend that will continue as long as protocols continue to invest in security.