Flash Loans a Threat to Defi?
A few days ago I didn't know flash loans existed in crypto.
The name is kind of self-explanatory: flash=quick.
What does that mean, more exactly? That someone can take such a flash loan often without collateral in a decentralized manner, with the condition to pay it back in the same transaction.
What do you mean "in the same transaction"? Well, here's where smart contracts come into place. On Ethereum and other chains that support them, smart contracts are more or less complicated programs. A flash loan smart contract would put together a number of operations, which are then executed in the same transaction by the blockchain.
Obviously, the first operation is taking the loan and the last one is to repay it, otherwise the whole smart contract won't execute, as far as I understood it. But in-between you can squeeze a number of other operations.
And here's the BIG issue with flash loans, in my opinion, and, from a quick search, apparently not only mine.
You can create a flash loan smart contract that manipulates the market price, for example - only a few days ago happened on Pancake Bunny on BSC - then taking advantage of impermanent loss, gain huge profits while leaving the platform(s) and everyone on them take the loss. All while the attacker pays back the loan and goes away with the profit.
This kind of exploit was invented on Ethereum, but it's now being used on BSC as well.
And this is a known exploit of the flash loans, which makes me wonder why are they still around, at least until someone comes out with a fix for this loophole?
Maybe because as long as there are lenders willing to offer flash loans and borrowers taking their chances, not necessarily as bad actors, they'll still be around.
The reaction has to come from the market. If these attacks become unprofitable (and even better, costly), they will soon stop. But we can't expect people to react, because they are too slow, as these attacks end within seconds or minutes, there needs to be some kind of smart contract counter-measures for when market manipulation is attempted.
If you want to learn more about flash loans, this is a good starting point:
https://www.coindesk.com/what-is-a-flash-loan
Posted Using LeoFinance Beta
Congratulations @gadrian! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPTo support your work, I also upvoted your post!
Support the HiveBuzz project. Vote for our proposal!
Flash loans aren't going away. They have legitimate uses for arbitrage. Aave will even use them to enable seamless migration from v1 to v2. These attacks tend to exploit weaknesses in price oracles, and if flash loans didn't exist, whales could perform the same attacks using their own wallets.
You are right that the same actions could be done by whales without using flash loans. The difference is not many are whales (even though on Ethereum that's kind of a norm), and they would use their own funds to perform the attack, instead of instant loans.
Not sure how price oracles can be improved to fix this exploit, when there are huge amounts used to drive a token price higher or lower in a matter of seconds. The only thing I believe would help is a very deep liquidity pool. But maybe there are other counter-measures I don't see at this point or my level of understanding of the whole thing.
Posted Using LeoFinance Beta
I didn't either but I learned all about them from this week's Leo Finance AMA.
Posted Using LeoFinance Beta
I didn't watch that yet. I missed the live one because I had an appointment.
Posted Using LeoFinance Beta