Aidan Saggers, Lukas Alemu and Irina Minohogetny
Decentralized Finance (DeFi) may seem a tempting option for those seeking financial gain, autonomy, and autonomy… but how safe is a world where “law is law”? Close examination reveals an ecosystem that is facing numerous hacks, attacks, and scams. It is estimated that at least $6.5 billion has been stolen since DeFi’s inception, and one DeFi feature is often at the heart of this theft – fast loans. Unlimited, unsecured, and unsecured fast loans give hackers a toolkit to profit greatly from their potential attacks. The only cost is the gas fee required to send the transaction. In this blog post, we look at the world of fast loans and their criminal counterpart – fast attacks.
What exactly is an “urgent loan”?
Flash loans are unlimited collateralized loans, where the user receives and returns the borrowed funds in the same blockchain transaction. Currently they exist exclusively within the DeFi ecosystem. DeFi aims to be an alternative to traditional financial services (TradFi), with centralized brokers being replaced by so-called code-based decentralized protocols. These protocols, which are based on distributed ledger technology, eliminate, in theory, the need to trust counterparties and financial institutions as we know them.
Flash loans are commonly used for arbitrage opportunities, for example if traders are looking to quickly profit from mismatches in crypto-asset prices across the markets. Flash loans can also be used for collateral swaps – a technique where a user closes their loan with borrowed money to immediately open a new one with a different asset as collateral – or debt refinancing through “interest rate swaps” of various protocols.
At TradFi, borrowers generally need to go through a due diligence process and, depending on the loan amount, provide a number of documents, including proof of identity, proof of income and most importantly, collateral. None of this is necessary in the case of a flash DeFi loan.
It is important to understand that the lender is exposed to almost no credit risk when participating in a quick loan, and therefore collateral is not required. Flash loans make use of smart contracts (code that ensures that money does not circulate until a specific set of rules are met) and the properties of blockchains (either all transactions happen or not) to enable a form of lending that has no traditional equivalents.
Therefore, quick loans are only available to the borrower for a short period of transaction. During this short period, the borrower must request the funds, call other smart contracts to make near-real-time trades with the loaned capital, and return the funds before the transaction ends. If the money is returned and all subtasks are executed smoothly, the transaction is validated.
At TradFi, collateral is key as it reduces or eliminates the lender’s exposure in the event of a default. However, if the borrower does not repay the Quick Loan as part of the same transaction in which the loan was drawn, the entire transaction will be returned, including the initial amount borrowed and any further actions that follow. In other words, if the borrower doesn’t pay off the quick loan, they won’t get the loan in the first place.
The non-refundable fee that covers the operational costs of running smart contracts must be paid up front, known as the ‘gas fee’ for the transaction – this is true of any distributed ledger technology transaction and is not specific to flash loans. Another commission fee is only charged once the transaction is successfully executed, making the entire endeavor virtually “risk-free” for both borrower and lender.
Quick loan features
To better understand flash loans, we analyzed the Ethereum blockchain (using the Alchemy archive node) and collected every transaction that used the ‘FlashLoan’ smart contract served through the DeFi protocol Aave V1 and V2. Aave Protocol, one of the largest providers of DeFi liquidity, popularized flash loans and is often credited with designing them. With this data, we were able to collect 60,000 unique transactions from Aave’s quick loan inception through 2023, allowing us to take a closer look at this new financial beginning.
In general, the characteristics of fast loans differ from other DeFi transactions. This is not only because they are near-instant, unsecured and unlimited, but because they tend to be complex, as measured by the number of events or records emitted during a transaction. This higher complexity contributes to the second distinguishing feature, which is that fast loans typically incur much higher gas fees than standard DeFi transactions, see Figure 2. The more events involved in a transaction, the more space it takes up on the Ethereum Virtual Machine. Due to the uncertain implementation of these loans, some users are also willing to pay additional fees to prioritize their transactions to be included in the most urgent added block.
With these attributes in mind, we used the Aave dataset to answer the following questions: What assets are these fast loans borrowing and why? How complex are these transactions? And what is the cost of these transactions compared to the average transaction?
Figure 1 Top five borrowed assets in Aave V1 and V2[1]
Given that quick loans require price stability and significant liquidity to successfully implement, assets that are commonly borrowed are not surprising. Figure 1 shows that three stablecoins and the two largest cryptocurrencies, Bitcoin and Ether, make up the five most borrowed assets.
Figure 2: Distribution of the ratio between the gas fee paid by a quick loan transaction and the average gas fee paid on the same day, for all transactions on the Ethereum blockchain
Source: Etherscan Average Transaction Cost.
What is surprising, however, is the huge cost of quick loan transactions. Figure 2 shows that, on average, the cost of fast loans is about 15 times the cost of a standard DeFi transaction. As already mentioned, the cost is proportional to the complexity of the transaction, and accordingly, express loans also stand out from typical transactions. Quick Loans typically have between 35-70 records (Fig. 3) per transaction compared to approximately 5-10 records for the average Aave transaction.
Figure 3: Number of records per quick loan transaction
flash attacks
Figure 4: Cumulative Total Exploited vs. Total Value Reserved in DeFi
Source: Defillama.
While offering benefits to some users, the DeFi ecosystem has been subjected to massive attacks, hacks, and scams, with a particular vulnerability in fast loans.
In general, hacks, exploits, or price manipulation carried out using flash loans are called “flash attacks.” Flash attacks take advantage of the unregulated, unsecured, and unlimited capital that flash loans enable, for example, to manipulate cryptocurrency markets or exploit platform vulnerabilities and turn a profit. To date, over $6.5 billion in cryptocurrency has been stolen in attacks directly attributed to flash loans.
Flash attacks are unlike anything we’ve seen on TradFi because fast loans, and therefore flash attacks, are one of the core functions of DeFi technology. A typical flash attack involves getting a quick loan to borrow a large amount of cryptocurrency from a DeFi platform. Then, this money can be used to manipulate the price of the particular crypto asset, or to exploit a vulnerability in the DeFi platform. If the flash attack is successful, the final step involves paying back the borrowed money along with any fees owed, while keeping the profits. However, if the attack does not occur, the entire transaction is reversed as if it never happened (gas fee). In the informal DeFi ethos of “code is the law,” some argue that specific forms of flash attacks are legitimate, describing them as “sophisticated arbitrage.”
Flash attacks can be implemented in a variety of ways, for example by using smart contract code in unintended ways, or to generate and exploit price slippage through oracle manipulation. DefiLlama’s list of known hackers[2] It records the largest DeFi hacks, from rug withdrawals and reentry attacks to flash attacks. Of the nearly 150 attacks, 45 were supported using fast loans. In addition, Table A He explains that of the five largest sums borrowed via flash loans, four were used to attack the Protocols.
Table A: Top five fast loans by amount borrowed on the Aave protocol
| date | Borrowed amount (in millions of US dollars) | Attack the protocol | Amount stolen (in millions of US dollars) |
| 10/27/2021 | 2100 | Kareem Finance | 130 |
| 06/16/2022 | 609 | Reverse financing | 5.8 |
| 04/17/2022 | 500 | Beanstalk (loan 1) | 181 (total) |
| 05/22/2021 | 396 | Unavailable | Unavailable |
| 04/17/2022 | three hundred fifty | Beanstalk (loan 2) | 181 (total) |
Can flash attacks be prevented?
By enabling a whole host of low-risk avenues of attack, fast loans increase the cost of DeFi protocols to secure themselves from cyber threats. Despite this, there are steps that DeFi systems are already starting to take to protect themselves.
One of the simplest attack vectors, price manipulation, can be reduced to some extent through the use of decentralized pricing models. Although not without errors, these services provide live pricing data using a range of independent off-chain sources to validate the exchange rate.
A common way to reduce code bugs or unexpected behavior is to use audits, which are comprehensive code reviews performed by independent, third-party entities. It is important to note that even well-vetted protocols have been exploited in the past. Similarly, separate “testnets” called testnets, which replicate a “live” blockchain environment, allow developers to simulate common attack methods and test their protocol resilience.
More similar to TradFi, “circuit breakers” can be triggered when suspicious activity is detected. These are similar to TradFi’s trading stops, which have been met with great skepticism in the cryptocurrency ecosystem. Furthermore, time locks can be used to delay the execution of certain transactions, giving the platform time to respond to possible flash attacks.
Conclusion
From the perspective of TradFi participants, fast loans may seem somewhat reality-bending, despite being entirely possible using technology developed within the DeFi ecosystem. Although flash loans and DeFi are still in their relative infancy, what seems clear is that while they may serve valid uses, they have also enabled some of the biggest thefts in the DeFi space. It remains to be seen if it will be widely adopted and what it might look like in the future.
What is your opinion? Do fast loans have a place in DeFi? Tell us in the comments section below.
[1] The term “wrapped” describes an interoperable token that reflects the full value of the referenced cipher suite.
[2] This is almost certainly the minimum actual number of attacks.
Aidan Saggersworks works in the bank’s foreign exchange department, Lukas Alemu works in the bank’s current economic conditions department, and Irina Mnohoghitnei works in the bank’s Fintech Center..
If you would like to get in touch, please email us at bankunderground@bankofengland.co.uk or leave a comment below.
Comments will appear once approved by the moderator, and will only be posted when full name is submitted. Bank Underground is a blog for Bank of England employees to share challenging opinions – Or support – the traditional mainstream policy. The opinions expressed herein are those of the authors, and are not necessarily those of the Bank of England or its policy committees.
Share the post “Flash Loans, Flash Attacks, and the Future of DeFi”
