The ugly side of DeFi
reared its head once again this week when Binance Smart Chain (BSC) protocol PancakeBunny suffered a catastrophic $200m flash loan vulnerability attack
, losing over 700,000 BUNNY
and 114,000 BNB
tokens in the process. Despite the industry’s best efforts, the loss is permanent. And no, despite several requests, not even Nic Cage could get the hacker to put this Bunny back in the box
All jokes aside though, flash loan attacks are no flash in the pan. They’re in fact becoming a very serious problem in the cryptocurrency and specifically decentralized finance (DeFi)
In this article we’ll take a look at what they are, how they work, why they are so prevalent and whether they can be stopped at all.
Join us in showcasing the cryptocurrency revolution, one newsletter at a time. Subscribe now to get daily news and market updates right to your inbox, along with our millions of other subscribers (that’s right, millions love us!) — what are you waiting for?
Flash loan attacks are a type of DeFi attack where a cyberthief takes out a flash loan
(a form of uncollateralized lending) from a lending protocol
and uses it in conjunction with various types of gimmickry to manipulate the market in their favor. Such attacks can occur in mere seconds and yet still involve four or more DeFi protocols.
Flash loan attacks are the most common types of DeFi attacks since they are the cheapest to pull off and easiest to get away with. They have been consistently making headlines since DeFi’s surge in popularity in 2020 and appear to be growing more rampant in 2021, spanning several hundred million dollars in losses to date.
What Are Flash Loans?
are a new type of uncollateralized loans enforced by smart contracts
pioneered by Aave
, one of the top lending protocols in DeFi.
There are traditionally two types of loans: secured loans, which require collateral, and unsecured loans, which don’t. A good example of an unsecured loan is when you borrow $2,000 from a bank. Some banks are willing to lend you that amount provided that you have a good track record of paying loans.
However, if the sum you intend to borrow is too large, it would be too risky for them to offer an unsecured loan, even if you have a good credit score. For instance, if you want to borrow $30,000, banks would normally require you to provide collateral, such as your house, vehicle, etc., to mitigate their risk.
Flash loans are essentially unsecured loans on steroids for the DeFi degen
generation, requiring no collateral, credit checks, nor a limit to how much you can borrow, provided that you can pay back the loan in the same transaction. According to Aave
, flash loans are the "first uncollateralized loan option in DeFi" designed for developers and allow users to borrow instantly and easily.
is the most popular use case of flash loans as it allows traders to earn from the price differences across various exchanges. For instance, if LINK
is $30 on Exchange A and $35 on Exchange B, a user can borrow via a flash loan and conduct a separate order to buy 100 LINK for $3,000 at Exchange A, then sell them all for $3,500 at Exchange B and pay back the $3,000 loan. In this scenario, the user will be able to pocket $500 minus fees.
How Flash Loan Attacks Work
Flash loans allow a user to borrow as much as they want with zero capital. For instance, if you’d like to borrow $70,000 worth of ETH
, a lending protocol instantly gives it to you, but that doesn’t mean it’s yours. You need to do something with the borrowed funds in order to pay back the loan and perhaps pocket the excess amount.
For this to work, the process needs to happen fast and the debt must be repaid to the protocol in time, otherwise the transaction will reverse. A decentralized lender doesn’t require collateral from you since the agreement to pay your debt is enforced by a blockchain
. Flash loan attackers thrive on finding ways to manipulate the market while still abiding by a blockchain’s rules.
Let’s explore three real-world scenarios of flash loan attacks that transpired in order to better illustrate the anatomy of these exploits.
Let’s revisit that bunny and its fatal attraction for hackers. The most recent flash loan attack
as of May 2021 occurred at PancakeBunny
, a BSC-powered yield farming
aggregator, which suffered an exploit that caused its token
to plummet by more than 95% of its previous value.
The attacker initially borrowed a large amount of BNB through PancakeSwap and used it to manipulate the price of USDT
/BNB and BUNNY/BNB in PancakeBunny’s pools. This allowed the hacker to steal a large amount of BUNNY, which they dumped on the market, causing the price to crash. The hacker then paid back the debt via PancakeSwap.
suggests that the hacker was able to get away with nearly $3 million in profits, leaving a tarnished protocol in its wake.
Alpha Homora Protocol Hack
The largest flash loan hack in 2021 occurred
last February when the Alpha Homora protocol was drained of $37 million using Iron Bank, Cream’s lending platform. The leveraged yield farming protocol was hit with a series of flash loans.
The hacker repeatedly borrowed
sUSD from Iron Bank via the Alpha Homora dapp, doubling the amount borrowed each time. This was done in a two-transaction process where the hacker lent the funds back into Iron Bank each time, which allowed them to receive Yearn Synth sUSD (cySUSD) in return.
Then, the perpetrator borrowed 1.8 million USD Coin (USDC)
from Aave via a flash loan then swapped them with sUSD using Curve
. The sUSD was used to pay back the flash loan and lend to Iron Bank, which enabled them to continuously borrow and lend more of them and receive a proportional amount of cySUSD each time.
Basically, the hackers rinsed and repeated this process many times, which allowed them to steal massive amounts of Creamy cyUSD
that they in turn used to borrow other cryptocurrencies
from Iron Bank. Hence, they borrowed 13K Wrapped Ethereum (WETH)
, 3.6 million USDC, 5.6 million USDT, and 4.2 million DAI
As you can see, the process in the Alpha Protocol hack can be quite complex and requires a series of steps that need to happen very fast, which is a testament to how far these attackers are willing to go.
DeFi Yield Farming Aggregator ApeRocket Flash Loan Attack
The flash loan attack occured on July 2021, on ApeRocket's BSC platform and Polygon fork, costing the protocol users $1.26 million. The two flash loan attack on the DeFi yield farming aggregator was carried out on Aave and PancakeSwap, within a few hours of each other.
The flash loan hackers borrowed substantial amount of funds in AAVE and CAKE, and held 99% of the funds in the protocols' vaults. Huge amounts of money were then sent to the vaults contract, leading to the minting of a high number of tokens. The hackers then proceeded to dump these tokens.
This flash loan attack cause the native token of ApeRocket, SPACE, to crash 63%. The protocol issued an official statement about the attack and their plan moving forward to compensate holders of SPACE here
Flash loans are low-risk, low-cost and high-reward schemes, making them a dangerous combination in the minds of criminals.
Here are the leading reasons why flash loan attacks are increasing.
Flash Loan Attacks Are Cheap
Unlike 51% attacks that need massive resources to pull off, flash loans only require three things: a computer, an internet connection and most importantly, ingenuity. Hackers apparently need to plan out how they attack, but the execution merely takes a few seconds to a few minutes. Hence, it doesn’t require a lot of investment in time either.
Flash Loans Attacks Are Low-Risk
Doing any criminal activity incurs risk, but imagine robbing a bank without the need to physically be in the bank. This crudely sums up the point of view of flash loan attackers. The last year and a half have proven how easy it is to get away with stealing from DeFi protocols.
In fact, no flash loan attacker has ever been caught as of yet, at least not recently. This is because most of them don’t leave a trace once they’re gone due to the nature of permissionless networks and the available tools for obfuscating identities such as Tornado Cash.
Considering the growing number of flash loan attacks at present, it’s clear that there is no be-all and end-all solution yet. However, there are notable steps that can be taken to combat this issue.
Use Decentralized Oracles for Price Data
The most optimal way to reduce the attack vector for flash loan exploits is for DeFi platforms to use decentralized pricing oracles
like Chainklink and Band Protocol
instead of relying on a singular DEX
for their price feed. Alpha Homora had to learn this the hard way before deciding to launch
their Alpha Oracle Aggregator last May.
Force Critical Transactions to Go Through Two Blocks
has proposed forcing flash loans to go through two blocks instead of one. However, this isn’t a complete solution either since if it is designed incorrectly, the exploiter could simply flash loan attack both blocks
. Furthermore, this can drastically affect the UI of DeFi protocols since transactions will no longer be synchronous.
Flash loan attacks are the norm and they are here to stay, at least for a while. Despite all the proposed solutions, we need to note that DeFi technology isn’t mature enough for us to be complacent as every week, new vulnerabilities are exposed by hackers before they are patched.
The only way developers can cope is to maximize the solutions they have today and if they don’t work, they’ll learn something new every time they get attacked.
As for users, we shouldn’t be discouraged from participating in DeFi schemes like staking, yield farming, and liquidity mining as they present enormous opportunities as well. Besides flash loans, there are other DeFi lending protocols, and the best DeFi lending protocols across chains can be found here
Just remember to carefully calibrate the risks involved and never deposit funds that you can’t afford to lose. Investment is all about risk management and DeFi staking is no different.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.