Expert Level Reading

10 Jun, 2024

Flash Loan Attack

[ Flash loan atak ]

A flash loan attack is a type of attack targeting DeFi lending protocols offering flash loans.

What Is a Flash Loan Attack?

A flash loan attack is a type of attack aimed at decentralized finance (DeFi) protocols offering crypto flash loans. It exploits the mechanics of flash loans in order to drain a protocol’s liquidity.

An Inside Look at Flash Loan Attack Mechanics

Understanding what a flash loan attack is starts with understanding flash loans.

Flash loans are a type of uncollateralized loan that is available on some DeFi lending protocols (e.g., AAVE and Maker).

Flash loans are uncollateralized because the borrower is not required to use any collateral when requesting them.

This is unlike in a traditional scenario, like requesting money from a bank.

How Does a Flash Loan Work?

A typical flash loan attack transaction consists of a sequence of actions, or function calls to smart contracts. The first action involves borrowing a substantial amount of digital assets from a flash loan contract, while the last action returns these borrowed assets.
Chen et al. (n.d.)

Unlike traditional loans, DeFi flash loans are created and settled within a single transaction.

This is a simplified breakdown of how typical flash loans work:

The borrower develops a smart contract to request the loan.
They request the loan.
The loan is granted by the lending protocol.
The money from the loan can be used for instant trading elsewhere in the DeFi ecosystem by the borrower.
The borrower repays the loan once the funds have been used and the transaction is settled.

If the funds can not be returned, the entire transaction and everything that happened within it (i.e., what the borrower did with the funds) gets undone by the host network.

This single-transaction lending scheme makes it possible for traders to take advantage of arbitrage and other opportunities using borrowed funds with little to no risk.

Example: Flash Loan Attack Explained

Flash Loan Attack Example | Source: Hacken.io

In theory, the flash loan technique should be completely secure as long as the lender assigns the correct value to the funds it provides. However, flash loan attackers exploit protocols that rely on a single price oracle to track the price of the lent asset. This price oracle is usually a decentralized exchange (DEX).

Note: A price oracle is a service or data-providing entity that tracks the current price of assets in real time, like Chainlink.

A flash loan attack can be explained with a simple example:

Borrow Funds: The attacker borrows a large amount of token A using a flash loan on a lending protocol that uses a single DEX to track the lent asset’s price.
Manipulate Prices: The attacker trades token A for token B on a decentralized exchange (DEX). This causes the price of token A to drop and the price of token B to rise.
Deposit Collateral: The attacker deposits the now more expensive token B as collateral on the DeFi lending protocol. Because the DeFi protocol uses the DEX price, it thinks token B is worth more than it actually is.
Borrow Again: Using the inflated value of token B, the attacker borrows more of token A from the DeFi protocol.
Repay and Profit: The attacker uses part of the borrowed token A to repay the original flash loan and keeps the remainder as profit.
Price Correction: The prices of tokens A and B on the DEX return to their true market values. The DeFi protocol is left with a loan that is not fully backed by collateral, causing a loss.

This process can be repeated many times, devastating the lending protocol.

Where Are Flash Loan Attacks Used

Flash loan attacks can be applied anywhere there is a smart contract or price oracle vulnerability. Since flash loans are entirely DeFi products, attacks can only be performed on decentralized finance protocols.

Price Manipulation

As mentioned, the main purpose is to manipulate prices for profit. This is done by targeting lending protocols that don’t have a robust price data oracle and rely on limited or easily manipulatable sources of price data.

Smart contract exploits

Attackers can exploit smart contract vulnerabilities by leveraging flash loans. Exploits like reentrancy bugs (i.e., repeatedly calling the same function before it is completely executed), logic errors, and unchecked external smart contract calls can be used with flash loans to wreak havoc on protocols.

Flash Loan Attack Examples

Now that we have explained flash loan attacks let’s look at some examples.

Euler Finance: Flash Loan Attack Costing $197M

In March 2023, Euler Finance was hacked by an attacker exploiting an error in the platform’s rate calculation.

The exploit allowed the attacker to borrow more funds than the collateral owed. Using a $30M flash loan from Aave, the attacker deposited $20M into Euler and received their eDAI tokens.

By borrowing 10 times the original deposit and using the remaining $10 million to repay part of the debt, the hacker continued borrowing until the flash loan closed. In the end, Euler lost approximately $197M.

Creme Finance: Flash Loan Attack Costing $130M

Cream Finance lost over $130 million in a hack in October 2021. The exploit targeted a flaw in Cream’s yUSDVault to double the value of crYUSD tokens. The attacker used flash loans from MakerDAO and Aave, converted DAI to yUSD, and used ETH as collateral to borrow more yUSD.

The attacker transferred $500 million in yUSDVault tokens between accounts multiple times and racked up $1.5 billion in crYUSD and $500 million in yUSDVault.

They doubled their perceived value by redeeming yUSDVault tokens and reducing their supply. Finally, the inflated crYUSD was used to repay the loans and withdraw $130 million from Cream Finance.

Conclusion

While flash loans are a fantastic way for traders to access enormous liquidity with practically no risk on their own, in the hands of skilled, smart contract developers, they can be a powerful tool to manipulate and exploit DeFi markets. Understanding the attack vectors most common in such attacks is essential to implementing robust security measures.

Regular, independent smart contract audits and the use of decentralized, trustworthy price oracles are a must.

Article Sources

Chen, Z., Beillahi, S. M., & Long, F. (n.d.). FlashSyn: Flash loan attack synthesis via counter-example driven approximation (Extended Version). University of Toronto.
https://arxiv.org/pdf/2206.10708

Coinweb requires writers to use primary sources to support their work. These include white papers, government data, original reporting, and interviews with industry experts. We also reference original research from other reputable publishers. You can learn more about the standards we follow in producing accurate, unbiased content in our editorial process.

Written by

Sam Farao

Sam is our pioneering figure in affiliate marketing and the blockchain space (prior to co-founding Coinweb.com). His ventures, including Netpixel Media and Captana, have set new benchmarks in the affiliate marketing industry, leading to a notable acquisition by Speqta AB for 31.5 million Norwegian kroner ($3.8 million USD).

Farao’s foray into blockchain technology is marked by the Lightbulb Man project, a blockchain-based art collection featuring NFTs, which sold out in one day! This highlights his role in merging the worlds of art and digital technology.