The ugly side of DeFi reared its head once again this week when Binance Smart Chain protocol PancakeBunny suffered a catastrophic $200m flash loan vulnerability attack, losing over 700,000 BUNNY and 114,000 BNB tokens in the process. Despite the industry’s best efforts, the loss is permanent. And no, despite several requests, not even Nic Cage could get the hacker to put this Bunny back in the box.
All jokes aside though, flash loan attacks are no flash in the pan. They’re in fact becoming a very serious problem in the cryptocurrency and specifically decentralized finance (DeFi) space.
In this article we’ll take a look at what they are, how they work, why they are so prevalent and whether they can be stopped at all.
What Is a Flash Loan Attack?
Flash loan attacks are a type of DeFi attack where a cyberthief takes out a flash loan (a form of uncollateralized lending) from a lending protocol and uses it in conjunction with various types of gimmickry to manipulate the market in their favor. Such attacks can occur in mere seconds and yet still involve four or more DeFi protocols.
Flash loan attacks are the most common types of DeFi attacks since they are the cheapest to pull off and easiest to get away with. They have been consistently making headlines since DeFi’s surge in popularity in 2020 and appear to be growing more rampant in 2021, spanning several hundred million dollars in losses to date.
What Are Flash Loans?
There are traditionally two types of loans: secured loans, which require collateral, and unsecured loans, which don’t. A good example of an unsecured loan is when you borrow $2,000 from a bank. Some banks are willing to lend you that amount provided that you have a good track record of paying loans.
However, if the sum you intend to borrow is too large, it would be too risky for them to offer an unsecured loan, even if you have a good credit score. For instance, if you want to borrow $30,000, banks would normally require you to provide collateral, such as your house, vehicle, etc., to mitigate their risk.
Flash loans are essentially unsecured loans on steroids for the DeFi degen generation, requiring no collateral, credit checks, nor a limit to how much you can borrow, provided that you can pay back the loan in the same transaction.
Arbitrage is the most popular use case of flash loans as it allows traders to earn from the price differences across various exchanges. For instance, if LINK is $30 on Exchange A and $35 on Exchange B, a user can borrow via a flash loan and conduct a separate order to buy 100 LINK for $3,000 at Exchange A, then sell them all for $3,500 at Exchange B and pay back the $3,000 loan. In this scenario, the user will be able to pocket $500 minus fees.
How Flash Loan Attacks Work
Flash loans allow a user to borrow as much as they want with zero capital. For instance, if you’d like to borrow $70,000 worth of ETH, a lending protocol instantly gives it to you, but that doesn’t mean it’s yours. You need to do something with the borrowed funds in order to pay back the loan and perhaps pocket the excess amount.
For this to work, the process needs to happen fast and the debt must be repaid to the protocol in time, otherwise the transaction will reverse. A decentralized lender doesn’t require collateral from you since the agreement to pay your debt is enforced by a blockchain. Flash loan attackers thrive on finding ways to manipulate the market while still abiding by a blockchain’s rules.
Let’s explore two real-world scenarios of flash loan attacks that transpired in order to better illustrate the anatomy of these exploits.
Let’s revisit that bunny and its fatal attraction for hackers. The most recent flash loan attack as of May 2021 occurred at PancakeBunny, a BSC-powered yield farming aggregator, which suffered an exploit that caused its token to plummet by more than 95% of its previous value.
The attacker initially borrowed a large amount of BNB through PancakeSwap and used it to manipulate the price of USDT/BNB and BUNNY/BNB in PancakeBunny’s pools. This allowed the hacker to steal a large amount of BUNNY, which they dumped on the market, causing the price to crash. The hacker then paid back the debt via PancakeSwap.
Data suggests that the hacker was able to get away with nearly $3 million in profits, leaving a tarnished protocol in its wake.
Alpha Homora Exploit
The largest flash loan hack in 2021 occurred last February when the Alpha Homora protocol was drained of $37 million using Iron Bank, Cream’s lending platform. The leveraged yield farming protocol was hit with a series of flash loans.
The hacker repeatedly borrowed sUSD from Iron Bank via the Alpha Homora dapp, doubling the amount borrowed each time. This was done in a two-transaction process where the hacker lent the funds back into Iron Bank each time, which allowed them to receive Yearn Synth sUSD (cySUSD) in return.
Then, the perpetrator borrowed 1.8 million USD Coin (USDC) from Aave via a flash loan then swapped them with sUSD using Curve. The sUSD was used to pay back the flash loan and lend to Iron Bank, which enabled them to continuously borrow and lend more of them and receive a proportional amount of cySUSD each time.
Basically, the hackers rinsed and repeated this process many times, which allowed them to steal massive amounts of Creamy cyUSD that they in turn used to borrow other cryptocurrencies from Iron Bank. Hence, they borrowed 13K Wrapped Ethereum (WETH), 3.6 million USDC, 5.6 million USDT, and 4.2 million DAI.
As you can see, the process can be quite complex and requires a series of steps that need to happen very fast, which is a testament to how far these attackers are willing to go.
Why Flash Loan Attacks Are Common in DeFi
Flash loans are low-risk, low-cost and high-reward schemes, making them a dangerous combination in the minds of criminals.
Here are the leading reasons why flash loan attacks are increasing.
Flash Loan Attacks Are Cheap
Unlike 51% attacks that need massive resources to pull off, flash loans only require three things: a computer, an internet connection and most importantly, ingenuity. Hackers apparently need to plan out how they attack, but the execution merely takes a few seconds to a few minutes. Hence, it doesn’t require a lot of investment in time either.
Flash Loans Attacks Are Low-Risk
Doing any criminal activity incurs risk, but imagine robbing a bank without the need to physically be in the bank. This crudely sums up the point of view of flash loan attackers. The last year and a half have proven how easy it is to get away with stealing from DeFi protocols.
In fact, no flash loan attacker has ever been caught as of yet, at least not recently. This is because most of them don’t leave a trace once they’re gone due to the nature of permissionless networks and the available tools for obfuscating identities such as Tornado Cash.
How to Prevent Flash Loan Attacks
Considering the growing number of flash loan attacks at present, it’s clear that there is no be-all and end-all solution yet. However, there are notable steps that can be taken to combat this issue.
Use Decentralized Oracles for Price Data
The most optimal way to reduce the attack vector for flash loan exploits is for DeFi platforms to use decentralized pricing oracles like Chainklink and Band Protocol instead of relying on a singular DEX for their price feed. Alpha Homora had to learn this the hard way before deciding to launch their Alpha Oracle Aggregator last May.
Force Critical Transactions to Go Through Two Blocks
Dragonfly Research has proposed forcing flash loans to go through two blocks instead of one. However, this isn’t a complete solution either since if it is designed incorrectly, the exploiter could simply flash loan attack both blocks. Furthermore, this can drastically affect the UI of DeFi protocols since transactions will no longer be synchronous.
Using Flash Loan Attack Detection Tools
One of the largest factors that enable exploiters to get away with flash loan attacks is the delay in response times from developers of DeFi platforms. And we can’t blame them because exploits are usually difficult to identify until it’s too late.
OpenZeppelin has recently launched a program called OpenZeppelin Defender that enables project managers to detect smart contract exploits and other unusual activity, which would allow them to respond swiftly and neutralize attacks. According to their blog post, this tool has already been integrated by the Synthetix, Yearn and Opyn teams.
Flash loan attacks are the norm and they are here to stay, at least for a while. Despite all the proposed solutions, we need to note that DeFi technology isn’t mature enough for us to be complacent as every week, new vulnerabilities are exposed by hackers before they are patched.
The only way developers can cope is to maximize the solutions they have today and if they don’t work, they’ll learn something new every time they get attacked.
As for users, we shouldn’t be discouraged from participating in DeFi schemes like staking, yield farming, and liquidity mining as they present enormous opportunities as well. Just remember to carefully calibrate the risks involved and never deposit funds that you can’t afford to lose. Investment is all about risk management and DeFi staking is no different.