What are flash loans?
Flash loans are uncollateralized loans. The idea of flash loans came from the Aave lending platform, but this concept is still quite new to many investors.
Unlike traditional loans, borrowers in flash loans do not need to provide collateral information or proof of income. The loan and interest must be repaid in the same transaction.
How do flash loans work
In typical loan processes, a borrower loans money from a lender. The amount is expected to be returned in full eventually with interest, depending on the terms discussed between the lender and the borrower.
Flash loans operate on a similar framework but are they based on their own terms and facilities:
Use a smart contract
In flash loans, borrowers are required to repay the full amount of the loan before completing the transaction. If this rule is not followed, the transaction will be reversed by the smart contract and the loan will be invalidated as if it had never taken place.
Flash loans are unsecured loans, but that doesn’t mean lenders can’t get their money back in case of non-payment. Since flash loans occur in very short periods of time (usually seconds or minutes), borrowers must pay back the full amount they borrowed immediately.
Flash loans are processed quickly immediately, money is borrowed and returned within seconds and in a single transaction thanks to the smart contract.
Smart contracts set the terms and make instant transactions on behalf of the borrower using the loaned capital. If a quick loan is profitable, this loan is usually charged a 0.09% fee.
On Aave platform, here’s how flash loans work:
After applying for a flash loan on Aave, borrowers create an exchange logic to make a profit, such as selling, buying DEX, trading,… They then repay the loan, make a profit and pay a 0.09% fee. If the borrower fails to repay the capital or the transaction does not result in a profit, the transaction will be reversed and the amount is returned to the lender.
Uses of flash loans
Flash loans are used in DeFi protocols, based on the Ethereum and Binance Networks. Besides Aave flash loans, dYdX flash loans, DEX flash loans and Uniswap flash loans have also gained popularity. For example, on Uniswap, “flash swaps” allow users to withdraw or retrieve Ethereum-based tokens paired with other tokens.
Although the original purpose was designed for developers, as of August 2020, flash loans do not need encryption to be easily accessible to less tech-savvy users.
Flash loans can be used for the following:
Flash loan arbitrage
One way for traders to make money is to identify price differences between different exchanges.
For example, if the two markets price cryptocurrencies differently, the trader can use flash loans. They can call separate smart contracts to buy and sell from both markets, profiting from the price difference between the two markets.
Collateral swaps allow DeFi users to transfer collateral they’ve used to borrow money quickly on a loan app. For example, if a trader uses their Ethereum (ETH) as collateral on a platform, then they can borrow quickly to repay the previous loan and withdraw their Ethereum (ETH).
In addition to collateral swaps, fast loans can alsodaj ó
be used for “interest rate swaps.”
What are flash loans attacks?
In a flash loans attack, borrowers can trick lenders into believing the loan has been repaid in full, even if the loan has not been repaid.
Technically, the attacker posed as a borrower and received a flash loan from a protocol. The protocol is then used to manipulate the market and trick lenders. In some cases, attackers create arbitrage opportunities to exploit smart contracts to buy tokens cheaply or sell at higher prices.
Why do flash loans attacks happen in DeFi?
Flash loans are very popular because they are easy and quick to implement.
This is because protocols involving fast loans are not yet able to withstand new attacks and manipulations. With transactions taking place in just a few seconds, hackers can attack multiple markets in one go.
The most common flash loans attacks in DeFi are fake arbitrage opportunities, which we mentioned above. In a flash loan attack, the attacker creates arbitrage opportunities by modifying the relative value of a trading pair of tokens. This can be done by using their loaned tokens to flood the contract and create slippage.
How can DeFi systems protect themselves against flash loan attacks?
The majority of DeFi hacks are flash loans attacks. Because of the new technology, vulnerabilities are not easily noticeable and require skilled developers to identify.
Flash loans attacks can cost DeFi protocols and users hundreds of millions of dollars. Therefore, it is necessary to take measures for timely protection and prevention.
Decentralized pricing oracles to avoid slippage
Contracts are easily manipulated and exploited when making their own calculations of the value of a particular token or trading pairs internally.
Therefore, the risk of flash loans attacks can be minimized by using decentralized oracles such as chainlink and band protocol to find price lists. Instead of relying on single DEX platforms, DeFi systems can protect themselves against arbitrage scams.
Smart contracts will continue to update prices based on the supply and demand of the various tokens in their markets. However, price ranges should also be limited to refer external values. When smart contracts work this way, it is much more difficult for attackers to create slippage and carry out attacks.
Tools to detect attacks
The DeFi platform can use tools that minimize the likelihood of an attack by detecting unusual activity, along with bugs and exploiting smart contracts.
As such, defensive measures can be taken even before an attack occurs.
It is important for platforms to conduct security checks to address vulnerabilities before launching smart contracts. This will require a review of the smart contract’s code to find the weaknesses and address them just before the attacker has a chance against the platform and the user.
Flash loans have ushered in a revolution in the decentralized financial system. Despite their high liquidity, flash loans pose many security risks, leading to million-dollar hacks.
Therefore, investors need to learn and equip themselves with sufficient knowledge, develop a risk management strategy before deciding to participate in flash loans.