Flash Loan

From CryptoWiki

Basics

"Flash loans are perhaps the most outstanding concept on the Aave platform. Users are able to borrow cryptocurrency instantly, without any collateral!

How can DeFi loans work without collateral, you may ask?

The magic is behind the speed of the loan – hence the “flash” in flash loan. Each flash loan borrower must borrow, use, and return the funds within the same transaction.

If for any reason these borrowed funds are not returned to the lending pool in time, the entire series of transactions and the origination of the loan is cancelled."

  • Stani from Aave on Flash Loans:

"To get people into DeFi, you have to have more offerings– you can’t just do the same thing as everyone else. We decided to come up with different tools that utilize the assets in a better way, and that’s how we came up with flash loans. Flash loans bring endless liquidity to DeFi instead of keeping the assets locked. They enable developers to borrow undercollateralized loans from the protocol, as long as the liquidity is returned to the pool within a single transaction (one block). These have many use cases such as arbitrage, liquidity, and refinancing. Flash loans it’s the first uncollateralized loan option in DeFi, and we think this will make a huge difference in the usability of Aave Protocol. Eventually, we hope that this tool will help developers build financial products without needing actual capital, lowering the barrier to entry, and letting more people build and create."

Use Cases

"Flash Loans - or the ability to borrow any amount of capital so long as it’s paid back in the same block.
This has led to the advent of tools like DeFi Saver which allow users to quickly collateralize or settle their debt in the event of flash crashes like we saw on Black Thursday a few weeks back."

"To put it simply you can borrow money you don't actually have as long as you return it by the end of the transaction. What use case is this good for? Well the main one is closing out a MakerDAO CDP where you have enough collateral inside your CDP but need some extra DAI (which you don't have) to close out the CDP. With Aave flash loans you can borrow ETH with no collateral, use it to buy DAI, close out your CDP, then pay back the ETH borrowed from the collateral in your CDP all in one transaction. If you can't pay back the ETH, the entire transaction reverts meaning it's impossible to steal from the pool itself."

"Different crypto markets have different prices for a given digital asset. A user can turn a quick profit by borrowing funds; buying low on one market; selling high on the other market; repaying the loan; and pocketing the profit. Again, this is all done within the same on-chain transaction, since the markets are DEXs often running on ethereum. The arbitrageur just had to code all the steps into the same computer program, known as a smart contract.

To boot, flash loans are nearly risk-free, at least for the borrower. Since the ethereum network settles transactions atomically, meaning all transactions on a book execute or none do, a trader who cannot pay back his loan with his trade loses nothing. Why? Because the transaction never occurs."

"Flash loans do not require collateral to initiate, meaning they can be used for a wide variety of DeFi uses including but not limited to:

  1. Liquidation Protection
  2. Self-Hedging
  3. Self-Liquidations
  4. Arbitrage Opportunities
  5. Collateral Swaps
  6. Debt Refinancing - Interest Rate + Currency Swaps"

Usage

"[Aave] Flash Loans Activity. It is interesting to note that the last 15 Flash Loans on Aave were for DAI. Also, while the sample size is still quite small, the primary use-case of Flash Loans is arbitrage. There are two reasons for this: (1) Dexes arbitrage usually occurs more frequently than liquidations (2) Collateral swap is relatively new and is still experimental. It is also worth noting that after a recent governance vote, the Flash Loan fee on Aave has been reduced from 0.35% to 0.09%."

Exploits

  • Flash loans have not only created new opportunities in transacting value, they have also created new ways of taking value. The line between exploit, hacks, bugs and 'working as it should' have started to blur. Rekt has argued (20-11-2020) that, although these incidents in which users lose money are tough, they do help the ecosystem forward as a whole. They will push developers to think more clearly about their protocols and how whales could game them. November 2020 it still resulted in losses, from The Defiant:

"Hackers were able to drain $16.4 million in ETH and Dai from DeFi projects Akropolis, Value DeFi Protocol, and Origin Protocol using flash loans, just in the past week."

bZx Flash Loan Incidents

"The bZx team was attending ETHDenver, a major ethereum conference in Colorado’s capital, on Friday when an unknown attacker drained about $350,000 worth of ether from Fulcrum, the startup’s lending platform. As a post-mortem from the firm describes, the attacker took advantage of pricing data and a bug within the bZx protocol’s code to secure the payout. bZx quickly shut down Fulcrum using a decidedly non-decentralized master key. Users and analysts saw an update hit GitHub, the code repository, that supposedly locked down endangered funds.

On Tuesday, Feb. 18, attackers hit bZx again, netting $633,000.

In the first attack, for example, through a complex web of transactions, the attacker pumped and then dumped WBTC (“wrapped bitcoin,” an ethereum token backed by actual bitcoin) on a DEX called Uniswap; took profits in ether; repaid the flash loan -- and stiffed bzX on another loan related to the WBTC pumping. “The magic under the hood is the fact how the Uniswap WBTC/ETH was manipulated up to 61.4 for profit,” according to an analysis by blockchain security firm PeckShield. “The WBTC/ETH price was even pumped up to 109.8 when the normal market price was at only around 38. In other words, there is an intentional huge price slippage triggered for exploitation.” In this attack, a poorly set up price feed certainly did not help, but the blame falls on the code, PeckShield CEO Jiang Xuxian told CoinDesk. Where a security wire should have been tripped as the price got out of whack, it failed to go off, Xuxian said.

The second attack came down to bad price data, specifically from DeFi network Kyber, bZx co-founder Kyle Kistner told CoinDesk. This time, the attacker focused on Synthetix USD (SUSD), a dollar-pegged stablecoin on the Synthetix Network. The attacker borrowed 7,500 ether on bZx then pumped the value of SUSD on Kyber by swapping ether for SUSD. The purchase of so much SUSD caused the price to jump 2.5x the prevailing market rate of $1, writes PeckShield. The attacker then took advantage of bZx’s dependency on Kyber for pricing data, putting up the SUSD as collateral for a large sum of ether on bZx; in fact, 2,000 more ether than the same amount of SUSD would have normally purchased on an open market. After paying back the flash loan, the attacker reneged on paying back the under collateralized SUSD/ETH loan just taken out on bZx, resulting in a tidy 2,378 ETH profit and bZx holding buttons. 

In fact, the specific attack against bZx was described months before it occurred by white hat hacker Samczsun in a detailed blog post. Kistner acknowledged that the bZx team believed the oracle problems were considered fixed after Samczsun’s disclosures and even had the code independently audited. Kistner said trading will resume again shortly using Chainlink oracles for pricing, although no new users will be onboarded. For the future, Kistner said bZx will look at replicating the infrastructure of MakerDAO, the largest DeFi provider."