Flash loans are like lending on steroids, and they've taken the cryptocurrency world by storm. Here are the answers to "what is flash loan" and "are they safe?"
What is flash loan?
With regular loans, lenders usually want some kind of security to make sure they get their money back. It often takes time for the deal to be approved, and the borrower pays off the loan with interest over weeks, months, or years.
Flash loan is the opposite. They do what they say and act instantly, as both borrowing and returning funds are done in seconds in a single transaction. This is made possible by the innovative properties of smart contracts that set the terms and instantly transact on behalf of of the borrower with the borrowed capital.
Profitable flash loans typically have a 0.09% fee. If the borrower fails to repay the principal or if the transaction is not profitable, the conditions set out in the flash loan smart contract will not be met and the transaction will be canceled. So there is minimal risk for both parties, at least in theory.
In short, flash loans are:
- Unsecured - instead of posting collateral, the borrower repays the loan immediately.
- Instant - Capital is borrowed and repaid in one transaction.
- Innovative - Flash Loans use smart contracts to set terms and execute instant transactions.
Are flash loans safe?
Flash loans are still in progress. The downside to its rapid adoption by the decentralized financial community is that the fragile DeFi protocol is being used to steal millions of dollars.
In February 2020, the bZX credit protocol was the focus of two flash credit attacks. Borrowers have tricked lenders into believing their loans have been repaid by temporarily raising the price of the stablecoin used to pay them back. Most flash loans are denominated in USD- pegged stablecoins. As of July 2020, MakerDAO's DAI and Circle's USDC account for nearly 95% of all flash loans issued.
The bZx hackers took advantage of the current weakness of the DeFi ecosystem with a series of clever instructions executed in the form of flash loans. By using a few decentralized financial instruments and a small amount of price manipulation, they were able to avoid a large amount of Ethereum and earn around $1 million.
Due to an engineering error, more flash-loan exploits followed in June and October 2020, when a hacker made off with $34 million from DeFi protocol Harvest Finance. Attacks continued until 2021. In February, the attacker used a flash loan to allow him to withdraw $37 million from the Cream Finance protocol at a transaction fee of just $15,000.
Poor oracle design was believed to be at fault in at least some of the exploits, and as a result, many protocols have beefed up their security.
"What is flash loan" and "are they safe?" now get the answers to both questions.
