By Noah Carr and Grace C Zhou
What is a Flash Loan?
Flash loans are an increasingly popular financing option in the world of De-Fi. As a reminder, a flash loan is a trustless, no collateral loan system, where transactions all happen within the same block of a blockchain. If a borrower does not pay back the flash loan, using the smart contracts of the blockchain protocol, the transaction is essentially voided as though it never happened. Fees for flash loans are generally low because of low risk on account of the smart contracts, and loans open & close in the time it takes to complete a transaction.
Flash loan has three primary functions:
· Arbitrage: Flash loans create arbitrage opportunities when markets are not synced in the prices of certain cryptocurrencies or other assets. Because of the safety of the flash loans (the fact that they can void the transaction if they’re not paid back), the flash loans tend to carry extremely low-interest rates. These movements can eventually result in market manipulation and flash loan attacks.
· Collateral Swap: Collateral swaps allow flash loan borrowers to quickly pay their Compound balance off, swap their preexisting collaterals on a crypto swap market into another currency, and then reborrow the flash loan amount using the new currency they swapped as collateral they may feel more confident about.
· Self-liquidation: Using the same principle as the collateral swap, it is possible to pay back a Compound loan to take back collateral from the Compound loan, use the collateral to pay off the flash loan, and keep whatever collateral from the Compound loan remains after paying back the flash loan.
Flash Loan Security Issues
Flash loans have also created new potential security issues on a go forward. While Flash loans are fast growing in popularity and present a cheap funding option, these risks may pose new problems for De-Fi. Following, a recent attack using flash loans will be described – now termed a “flash loan attack”.
The dYdX Attack
The dYdX attack consisted of four principal components.
- dYdX – a trading platform that offers flash loans like Aave does.
- Uniswap – a decentralized exchange for cryptocurrencies
- Compound – a De-Fi borrowing/lending protocol that allows for the borrowing of cryptocurrency by requiring over-collateralization
- Fulcrum/bZx – a protocol that allows for margin trading & lending of crypto assets
The attack played out in the following way:
- The attackers took out a flash loan of 10,000 ETH from dYdX in the form of a flash loan.
- The attacker made the following trades:
- Sent 5500 ETH to Compound to take a loan of 112 wBTC
- Sent 1300 ETH to Fulcrum/bZx to take out a 5x short position against the ETH/BTC ratio, meaning that a profit was to be made if BTC appreciated against ETH.
- 5,637 ETH was sent to Uniswap to exchange it for 51wBTC
- Because the Uniswap Liquidity reserve was low, wBTC’s price rose substantially.
- Following the rising price of wBTC, the attackers used Uniswap to ‘swap’ the 112 wBTC loan they had taken out on Compound to 6,871 ETH
- The new ETH from the pumped up wBTC was then used to pay back the flash loan for a profit.
The Upshot
This attack would have follow-on copycats and introduce new risks to De-Fi, made possible by flash loans. By taking advantage of bugs in smart contracts, the attackers were able to successfully make a profit on this attack. While their overall gains were small, the new risks demand a second look at code underlying De-Fi protocols as attackers continue to consider ways to once again manipulate the markets at a profit. Still, the sector is just starting out, and it will be exciting to see where flash loans, and De-Fi, go in the future.
