What are These Flash Loans that Caused an Uproar in Cryptoverse?
Two recent attacks on decentralized finance (DeFi) platform bZx prompted a number of discussions about flash loans. But what are these and how are they useful to a hacker - or rather, an "exploiter"?
DeFi lending usually requires a collateral, and given the volatility of the market, most lenders will allow users to borrow up to 75% of the available collateral, such as MakerDAO. Upon the return of the borrowed amount, the lender is paid a fee. On the other hand, a new product was introduced this year by DeFi protocol Aave - a flash loan.
Simply said, a flash loan happens through a smart contract that allows borrowing funds without any collateral, but with paying the loan back within a single transaction, that is - a single block. So a flash loan allows a person to borrow funds for free as long as they repay the loan by the end of that same transaction. Everything happens really quickly. It's meant to limit a trader's risk, while allowing that trader to use the borrowed money to make more money trading, by taking the advantage of price differences between markets - a strategy called 'arbitrage.'
Arbitrage is its most common use case, while it can also be used for collateral swap, liquidation of loans, refinance, and more will probably be invented in this very new field.
The product provider gets paid a fee in return. However, if the funds are not returned to the pool in time, the transaction gets reversed.
bZx offered the product as well, and flash loans have been gaining traction in various forms, such as ArbitrageDAO, a DAO that offers arbitrage opportunities by leveraging flash loans, and the Collateral Swap, which allows swapping collateral with another asset in one transaction, using Aave's flash loans, MakerDAO's vaults, and Uniswap, a protocol for automated token exchange on Ethereum.
An attack on the system requires a few more steps to be executed, with the exploiter going through several different systems, smart contracts, lending platforms, DeFi protocols, etc.
This is obviously a major issue. A trader who is proficient enough to understand how things work, so to say, can relatively easily exploit weaknesses in any system (instead of reporting them) and use the contract in an unintended way. And this is exactly what happened to bZx - a trader who exploited a flawed smart contract.
As reported, bZx was attacked less than a week ago, when a total of ETH 1,193 (USD 320,000) were taken. The company stated that this wasn't an oracle attack, but an exploit of a bug in bZx. The company said in their report that they were working on "implementing Chainlink oracles as a supplement to the Kyber price feed to provide time-weighted information on price data" and ensuring that Chainlink doesn't become a central point of failure in their oracle model. Simply put, an oracle is a path via which a blockchain or smart contract interact with external data - between the on-chain and off-chain events.
So how did the flash loan exploit work here? bZx explains it in their report, but there are a few more analyses with detailed explanations. Basically:
- the exploiter took ETH 10,000 flash loan from trading platform dYdX;
- half of it was sent to the Compound platform as a collateral to borrow WBTC 112;
- ETH 1,300 more were sent to bZx and a 5x short position against the ETHBTC ratio opened - shorting ETH in favor of WBTC: the margin trading function leveraged KyberSwap to swap the borrowed ETH 5,637.6 for WBTC 51.3; this step triples the WBTC price up in Uniswap; this is also where the bug part comes in, as the built-in sanity check, which verifies that the position will not go default after the swap, didn't kick in;
- now that their price is higher, the exploiter sells the WBTC 112 borrowed in Compound back for WETH in Uniswap for ETH 6,871;
- they repay the borrowed ETH 10,000 to dYdX, completing the flash loan, and pocketing USD 320,000.
Then the news started circulating on Tuesday that another exploit occurred - which bZx confirmed, but this time "it was an oracle manipulation attack, a modified version of the original exploit," says the company, which means that a price feed oracle was attacked. Exploiting the contract similarly as explained above, the attacker took a net profit of around USD 600,000.
The platform also stated on Wednesday that they "are still continuing along the timeline of restoring the ability to close trades on the platform tomorrow."
"I think the latest bZx attacks are the best thing that could happen to DeFi right now. Small enough to not be catastrophic but large enough to hopefully overall increase scrutiny on every aspect," commented Martin Köppelmann, founder of a prediction market platform built as a decentralized application (dapp), Gnosis.
Meanwhile, MakerDAO will put on Friday an executive proposal to activate the Governance Security Module (GSM) on-chain as soon as possible to "help mitigate flash loan and other governance attacks."
And, of course, no story, no joke: