#certik #flashloan #defi #blockchain #cryptocurrency
A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 9: What is a Flash Loan?
Learn how a #flashloan works and more in under 2 mins!
A flash loan is an uncollateralized short-term loan. They are a new invention in the Defi space, introduced by the lending protocol, AAVE. A smart contract is used to borrow and repay flash loans in the same transaction. If a flash loan isn’t repaid in the same transaction, the transaction fails, making it as though the loan never happened.
Flash loans present an opportunity for high-frequency and arbitrage traders with the ability to instantaneously access capital, allowing a trader to sell on one exchange and purchase on another. Arbitrage was more common when liquidity was low and exchanges didn’t share price feeds.
Flash loans have been used to attack exchanges and protocols. This occurs when a malicious user takes out a flash loan from a lending protocol and uses the borrowed funds to manipulate prices on another protocol. Flash loan attacks are very lucrative because the attacker does not have to deploy a lot of capital to carry out the attack.
Smart contract audits are a necessary first step in mitigating a flash loan attack. CertiK’s Skynet on-chain monitoring helps recognize these attacks in real-time and broadcasts community alerts on the Security Leaderboard.
From smart contract audits to on-chain monitoring, there are tools in place to help projects build safer protocols from the ground up.
To learn more about flash loans, visit CertiK.com/resources.
A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 11: What is Centralization vs Decentralization vs Distributed Networks? Learn more in under 2 mins! https://www.certik.com/products/pentest
Centralization, decentralization, and distributed networks are three different systems used for storing data.
Centralization has been the status quo for web technology, making websites easy to use. A centralized network processes and stores data on a specific server. They allow engineers to roll out updates and fixes to the host server. Centralized networks often hire security firms to do penetration testing, which simulates a network attack. With centralization, if a server suffers downtime the entire network grinds to a halt.
Decentralization offers more security and helps mitigate attacks. A decentralized network operates across many different nodes. Each node holds the entire database and verifies its version against each other to achieve consensus. A decentralized network requires more effort to update, has a greater environmental impact through its energy consumption.
A distributed network operates like a decentralized system but may not require each node to host all of its data independently. Increased transparency is a key feature with each node having equal access to the data. This also makes it difficult to change information in the network.
Smart contract auditing has risen from new types of attacks on decentralized and distributed networks.
Whether it be Penetration Testing or Smart Contract Auditing choosing the right technology will ensure greater success.
To learn more about centralization, decentralization, and distributed networks, visit CertiK.com/resources.
#certik #onlineattack #education #defi #blockchain #cryptocurrency
A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 10: What is an Online Attack? Learn about #onlineattacks and more in under 2 mins!
Through decentralization, blockchain technology can improve the safety of online activities. Many online attacks use Attack Vectors to exploit system weaknesses. DDoS, Eclipse, and a 51 Percent Attack are three common types.
A DDoS, Distributed Denial of Service, attack, occurs when hostile hackers overload a network with requests. In blockchain, DDoS target crypto exchanges or mining pools. They disable a network's ability to serve users.
Eclipse attacks control a single node inside an artificial environment. An attacker can manipulate communications with surrounding nodes to perform illegal transactions by isolating a node.
When an assailant obtains control of 50% or more of a network's mining hashrate, it's called a 51 percent attack. The individual can submit fraudulent transactions, making the blockchain centralized. 51 percent attacks become difficult as a blockchain network increases in the number of honest nodes.
Blockchain analytic tools such as CertiK’s Skynet help with online attacks by monitoring on-chain activity.
To learn more about online attacks visit CertiK.com/resources.