Flash Loans — Dangerous, Necessary, and Beautiful
Flash loans are impossible in web2. It’s as simple as that. If someone¹ asks you “what innovation has even happened in crypto,” I’d invite them to describe to you a way to accomplish what I’m going to lay out below. Flash loans cause destruction, rebirth, and innovation within nascent crypto protocols, and they’re simultaneously web3’s saving grace and terrifying harbinger of mayhem.
Flash Loans
Flash loans entail borrowing & repaying a loan in exactly the same moment, in “blockchain time.” This enables a user to temporarily access substantially higher leverage than they’d otherwise be able to, which, in turn, allows them to perform certain actions that otherwise would be unfruitful at tiny scale or outright disallowed (by way of lack of sufficient ownership of some asset).
In practical terms, this means that a vulnerability in some code that previously would be exploitable for pennies is now exploitable for hundreds of millions, thanks to that massively scaled leverage. This method is riskless by nature, as the funds are always borrowed and returned at the same instant of blockchain time, and the user generally only incurs a very small fee (paid to the original software engineer who designed the specific flash loan functionality the user is calling).
Flash loans only exist in web3, as the idea of synchronous borrowing/lending would be absurd in web2 thanks to the inability of three counterparties to trustlessly enact transactions (or, plainly, you would never be able to convince Bank A to lend you cash that you would loan to Bank B at a higher rate to help negotiate a refinancing of Asset C, simultaneously, without risk, because all three counterparties are never certain of your absolute financial state, which, in the contrasting web3 case, is trustlessly maintained by the public ledger).
The Tech
The way flash loans work relies on basic precepts of blockchain engineering — the public blockchain itself is edited at each “block,” and anything that is not confirmed inside of a block transaction is ignored. Practically, within certain implementations, that means that if I could take money away from you, use it, then find a way to return it to you all before that block transaction was confirmed, it’d be fair play.
Smart contracts execute some set of logic functions within each block transaction. Developers of flash loan logic functions write smart contracts in such a way that they permit other users to call a series that entails “borrowing, “using,” and “repaying” in some combination, with the sole caveat that the end-state of the lender’s assets is equivalent to the initial-state of the lender’s assets (in other words, if the lender is not paid back within the same block transaction, the original transaction is said to have failed and is not included in the public blockchain, and thus never happened).
Why?
Why would anyone want to write a flash loan contract? Well, protocols house millions (or billions) in deposits across DeFi. Given that a flash loan is riskless by nature (i.e. the funds borrowed must be returned, else the call fails), those protocols have large incentives to provide flash loans for tiny fees. As long as there’s capital laying around not locked up in vault contracts, the opportunity to provide flash loans will exist.
Destruction, Rebirth, and Innovation
The vast majority of exploits and hacks within web3 are possibly executed through flash loan mechanisms, but it’s also likely that many non-flash loan hacks and vulnerabilities go unreported (so as to not draw more sharks to a wounded organization and vaporize public trust). Conservatively, hundreds of millions of dollars a year are stolen via such methods. But their existence is highly controversial, since, (and I agree with this) they’re necessary fire-proofing for the highly vulnerable and nascent ecosystem of blockchain against future larger failures.
Even beyond the “trial by fire” mentality, flash loans are legitimately useful for benign uses as well. The easiest example here is to consider simple arbitrage across two entities, say Exchange A and Exchange B. If a pricing discrepancy exists for Asset C, it is possible to leverage a massive flash loan to immediately rectify that discrepancy by simultaneously buying and selling Asset C across both exchanges until the arbitrage is completely played out. This, in turn, lends to more accurate price discovery and general market equilibrium, and the arbitrageur walks away with whatever the sum the discrepancy was, minus execution fees. In a web2 sense, this would be much more complicated, as an arbitrageur would either have to organize a massive capital loan and then execute a bulk transaction, or, with a much smaller capital base, execute a large number of much smaller transactions, incurring higher fees.
Notable Incidents
Some of the most high-profile incidents involving flash loan attacks have included: Cream Finance ($130mn), Belt Finance ($50mn), PancakeBunny ($45mn), Harvest Finance ($34mn), Cream Finance (yes, again — $18mn), Yearn ($11mn). Other more recent & random lesser-known hacks include Deus DAO ($3mn) and Treasure DAO ($1.4mn).
Final Thoughts
Flash loans make crypto tick by massively increasing capital efficiency, and, as was best put by one anonymous source², protocols of today burn to strengthen the trillion-dollar protocols of tomorrow. Attackers, arbitrageurs, and hobbyists alike tinker with flash loans on a daily basis, and we’re all here to witness the ensuing destruction, rebirth, and innovation. 🔥🥚🚀
Additional Resources
Good additional reading here from Rekt and Hacking Distributed. For the technically inclined, I highly recommend actually reading the engineering docs for Aave’s flash loan functions (Aave is one of the largest loan providers in DeFi). Aave’s short user-friendly descriptions are here and engineering docs are here.
¹P.S. Stephen Diehl, would love to hear a counterpoint.
²I feel bad that I’ve lost a name here, if you know who said this please let me know.
Sam is the CEO of Playground Labs, a web3 protocol dev organization, and Partner & Head of Interactive at Hivemind Capital, a crypto-focused multi-strategy fund. Follow him on Twitter or Twitch. Views are personal and not reflective of the positions of Playground Labs, Hivemind Capital, or any of their affiliates. Not financial or legal advice.
