A flash loan is relatively new type of uncollateralized lending that has become popular across a number of decentralized finance (DeFi) protocols based on the Ethereum network.
These types of loans have made headlines recently because they have been used to exploit a number of vulnerable DeFi protocols, leading to millions of dollars in losses. Yet, advocates argue flash loans introduce an innovative and useful tool to the world of finance for arbitrage and quick trades that weren’t possible before blockchains.
Most of us are familiar with normal loans. A lender loans out money to a borrower to be eventually paid back in full. The lender receives a payout from the borrower for temporarily parting with its money.
Flash loans are similar, but they have the following unique properties:
This type of loan can be useful in certain instances, such as for traders looking to quickly profit from arbitrage opportunities when two markets are pricing a cryptocurrency differently.
Ethereum lending platform Aave pioneered the idea in early 2020. The concept is new and still has a lot of kinks because new hacks are making abundantly clear. “There is no real-world analogy to Flash Loans,” as the Ethereum lending platform Aave puts it in its documentation.
This speed and other unique properties are enabled by Ethereum, which aims to expand blockchain to other use cases beyond simple transactions. Flash loans are one popular experiment amid Ethereum’s decentralized finance movement, which has cultivated financial alternatives without intermediaries. Instead, by using DeFi apps, users are supposed to be more in control of the financial instruments, such as loans, derivatives and other contracts.
Advocates argue DeFi-style apps could give users more control over their finances, in contrast to big Wall Street corporations and other traditional financial institutions.
But that’s not why everyone is interested. DeFi has also drawn a lot of enthusiasm because a some traders have succeeded in making high returns from speculating on new coins.
In short, it’s one way to potentially make substantial gains without having to risk your own money.
There are times when the unheard-of speed of a flash loan makes sense.
Flash loans can be used for:
Aave describes some other potential use cases here.
Potentially, provided you have thoroughly researched both the protocol you intend to borrow from and send the borrowed capital to. Some people have used these types of loans to earn money very quickly. But as attacks on flash loans have shown, the technology is definitely not without risks.
Flash loans are available on a variety of Ethereum-based DeFi lending platforms, such as Aave and dYdX.
They started off as a tool solely for those tech-savvy enough to use the command line, a method for developers to send textual commands to a computer. But now more user-friendly interfaces are emerging, too.
Then you won’t get the loan in the first place.
Remember that the entire flash loan takes place within just a single transaction. If both parties, the lender and the borrower, fail to follow the rules, the loan won’t be issued. That’s the advantage of a smart contract. It won’t allow money to move unless a condition is met.
So if the money isn’t paid back by the borrower instantly in the transaction, the smart contract will simply reverse the transaction and hand the money back to the lender.
Flash loans have been the subject of several attacks leading to millions of dollars in losses. There are an array of ways that malicious actors can game the loaning mechanism.
This highlights a broader problem with Ethereum and DeFi. The problem is that smart contracts can be gamed if they aren’t written to execute exactly as intended or if the data flowing into them is corrupted or exploitable. But the technology is new. Some argue that these kinds of issues will evaporate as the technology matures, while others believe these attacks will remain a persistent challenge.
Flash loans are less than a year old and there have already been a long line of attacks, with different characteristics.
Ethereum trading and lending protocol bZX was the subject of a flash loan attack where the borrower was able to trick the lender into thinking he or she repaid them in full, but the borrower really hadn’t. This was done by temporarily pushing up the price of the stablecoin being used to repay the loan.
In another recent event, one entity used a flash loan to secure extra votes in a MakerDAO vote impacting the whole community.
Meanwhile, computer science researchers wrote a post at security blog Hacking Distributed exploring some of the ways to attack flash loans “for fun and profit.”
These are just a couple of examples of flash loans not being used as intended. Engineers are looking into various ways to ensure they work without unexpected loopholes.