Posts

What is a Flash Loan Attack?

avatar of @agr8buzz
25
Agr8buzz
@agr8buzz
·
·
0 views
·
2 min read

While somewhat familiar with Flash Loans I didn't really understand how they're being exploited as a possible attack vector. Time to dig a little deeper!

It's almost daily that we're hearing of various exploits taking down DeFi platforms, draining liquidity pools and leaving the token in shambles.

Turns out there's a variety of ways that flash loans can be exploited, some are more complicated than others but the majority of them operate on a relatively similar principal.

How Does a Flash Loan Attack Work?

The flash loan attack involves borrowing uncollateralized capital and running it through a combination of smart contracts and DeFi protocols in an attempt to manipulate a tokens market price.

The exploit aims to manipulate the market in the attackers favour allowing them to extract liquidity in a very short period of time.

In many examples of past flash loan attacks the hackers used what's known as a reentrancy attack.

This type of exploit occurs when a smart contract function makes an external call to another untrusted contract before it resolves any effects. - source

https://www.youtube.com/watch?v=4CEeP7ar2X0

Binance Smart Chain Contracts Targeted

As of late the Binance Smart Chain in particular has been the focus of numerous attacks with established and fledgling DeFi platforms falling victim one after another.

The most recent example was BSC AMM Belt Finance. The flash loan attack on Belt Finance netted hackers in the area of $6 Million USD, leaving the DeFi platform with a $50 Million shortfall.

However that pales in comparison to the recent Bunnyswap Finance attack with hackers making off with nearly $200 Million USD.

What are Flash Loans in DeFi?

In DeFi a flash loan is a uncollateralized loan that happens between strangers on the condition the at minimum the full loan amount is paid back, with the loan and payback all happening within the same transaction (block).

Can you make money with flash loans?

Yes, they can be profitable, and that's why they're popular. If you're able to utilize a smart contract to take a loan, make money, and payback the principal amount within 1 transaction you can keep the profit.

If the full amount is not returned within the same transaction the smart contract will roll back the transaction essentially as though the loan never existed in the first place. As a result there is next to no risk for lenders.

Ciao for now,

@agr8buzz

This post was shared to [Publish0x here]

Social Links: LeoFinance | Publish0x | D.Buzz | Noise.Cash

Additional LeoFinance Content:


Posted Using LeoFinance Beta