12 minsPublished on 1/29/2024

What are DeFi flash loans? DeFi lending explained

A brief introduction of what DeFi flash loans are, how they impact the greater crypto ecosystem, and ways to prevent flash loan attacks.

By Mrig P

Flash loans have made headlines in the crypto space for reasons both good and bad. 

While they've been implemented to exploit many vulnerable DeFi protocols, they've also helped some users make a profit. Some enthusiasts even argue that they’re one of the most innovative blockchain technologies.

But what are flash loans exactly? 

This article explains how flash loans work and outlines some of their most common applications.

What are flash loans?

Flash loans are uncollateralized loans in which a user borrows funds and returns them in the same transaction. If the user can’t repay the loan before the transaction is completed, a smart contract cancels the transaction and returns the money to the lender. 

Why do flash loans exist?

To understand why flash loans were created, let’s look at existing lending systems in centralized and decentralized finance. 

Centralized Finance (CeFi) lending systems

The most common loans in traditional finance are secured loans and unsecured loans. 

Secured loans

A secured loan requires the borrower to provide a form of security called collateral to the lender for the repayment of a loan. 

Collaterals usually apply to large sums of money and help the lender recoup their losses by selling the collateral if the borrower can’t repay the loan.

For example, if you’re taking out a mortgage, your home will become the collateral, and the lender will sell it to cover the mortgage if you default. 

Unsecured loans

An unsecured loan, on the other hand, is one in which the borrower doesn't have to provide collateral to borrow funds. 

A picture showing the working of a centralized lending system.
Centralized lending process

In both cases, the borrower has to pay interest. And in both cases, if the borrower defaults, the lender has to bear the brunt of the losses.

Decentralized Finance (DeFi) lending systems

DeFi lending systems operate differently than their traditional centralized counterparts. They pool capital from depositors into a “liquidity pool” to offer collateralized loans for borrowers. 

Most of these loans are over-collateralized, meaning the borrower has to provide collateral in crypto that is worth more than the borrowed assets. This is to account for fluctuating crypto prices and ensure that the asset doesn’t become under collateralized.

A picture that shows how decentralized lending protocols work.
Decentralized lending in which a borrower borrows funds

In other words, if the collateral’s value can no longer cover the debt, the platform will sell collateral at a discounted price to repay a part of the loan. This process is called liquidation

Flash loans address the limitations of CeFi and DeFi lending

CeFi and DeFi loans also have some disadvantages that flash loans address. 

In a traditional CeFi lending system, you might have to wait months to get your loan approved. But thanks to smart contracts, flash loans can be processed and approved instantly. 

Also, if a borrower defaults, the burden of debt may fall on the lender. If a borrower defaults on a flash loan, however, the smart contract will cancel the transaction and return the funds to the lender. 

As for DeFi lending, users have to provide collateral to get a crypto loan. Flash loans, on the other hand, are uncollateralized, making lending more accessible.

How do flash loans work?

There are two main entities in a flash loan: the lender and borrowers

To interact with the flash loan lender, borrowers must develop a smart contract that consists of three parts:

  • Borrow loans from flash loan lenders (Aave, dYdX, and Uniswap)

  • Interact with smart contracts for other operations 

  • Return the loans

The entire workflow consists of five steps:

1. Transfer loan

The flash loan provider transfers requested assets to borrowers. 

2. Invoke

The borrower (user) invokes pre-designed operations. 

3. Run operation

The user interacts with different smart contracts to execute operations (arbitrage, liquidation, etc.) with borrowed assets. 

4. Repay loan

Once the operations are complete, the smart contract will return the assets to the flash loan providers with or without the borrowed assets. 

5. Check state

Lastly, the flash loan providers will check their balance. If the user has submitted insufficient funds, the providers will reverse the transaction immediately.

A picture showing the steps involved in a flash loan transaction.
An example of a flash loan transaction and user (borrower) actions

The 3 most common uses of flash loans

Flash loans have a wide variety of applications that range from paying off debts to attempting to generate profits from trading. Here, we discuss the three of the most common use cases. 

1. Arbitrage

Arbitrage is the strategy of leveraging price differences for the same asset in different exchanges to make a profit. 

Buyers and traders can buy crypto at low prices and run it through different cryptocurrency exchanges to end up with slightly more crypto than before. Although this price exploitation sounds harmful, it contributes to market efficiency.

As more crypto traders seek to exploit the same price discrepancy, the prices of these assets across different exchanges will converge, leading to uniformity of the crypto market.

A picture that shows how crypto arbitrage yields profits.
Crypto arbitrage

If you're just starting with crypto arbitrage, you probably don't have enough assets to make a significant profit. 

But flash loans give you the ability to borrow as much as you want, so it might be possible to generate a decent profit if you find assets with a considerable price difference.​​ Here’s a transaction from Etherscan that shows how you can use a flash loan to profit from arbitrage:

A picture of a crypto arbitrage transaction that yielded $16,000 in profit.
A crypto arbitrage transaction that yielded $16,000 in profit

First, the user borrowed 2,048,000 USDC using dYdX’s flash loan. Then, they swapped the amount for 2,028,367 DAI on Curve y pool. 

Next, they used the 2,028,367 DAI to purchase 2,064,182 USDC on Curve’s SUSD pool, after which they paid back the flash loan and kept the difference worth $16,182. 

2. Wash trading

Like any other financial technology, flash loans can also be used to facilitate scams. Wash trading is one such use case. 

Wash trading is the process of using a group of trades to create an illusion of higher trade volume. It misleads investors and other users into thinking that a cryptocurrency or NFT has high demand when it doesn't. 

Some countries like the US have banned the practice of wash trading, but the practice has seen a revival in the crypto market because of the lack of centralized institutions and regulations.

Now, with the advent of flash loans, wash trading has become more rampant as traders can get hold of a large sum of crypto to manipulate the market. 

Here’s a transaction from Etherscan that will help you understand wash trading better: 

A picture of a wash trade transaction.
A wash trade transaction

First, the user borrows 0.01 Wrapped Ether (WETH) from dYdX. Then, they exchange it on Uniswap to get ~122.189 LOOM, which is converted back into ~0.0099 WETH. 

After this step, the user pays back the flash loan to dYdX. What distinguishes this transaction from arbitrage or other types of legal transactions is that there was a loss while swapping tokens.

This indicates that the user’s main aim was to increase trading volumes, making it a trade that was solely done to manipulate the market and create artificial demand for assets. 

3. Closing Collateralized Debt Position

A Collateralized Debt Position (CDP) is simply a crypto loan that’s backed by collateralized assets. Once the user borrows funds, the platform locks the collateral until the loan is repaid. 

During this period, if the currency of the loan drops in value compared to the currency of the collateral, the user can’t repay the loan. 

Flash loans allow you to pay back the loan and release the collateral so you can use it for other purposes. Here’s a transaction that explains the concept better:

A picture of a Collateralized Debt Position (CDP) transaction
A CDP transaction

First, the user takes a flash loan equal to the debt (~262.17 DAI) from Aave. Next, they repay the loan on Maker, and the platform releases their collateral (2.09 WETH).

Then, they go to Kyber reserve to convert WETH into DAI and transfer the surplus amount (~2 DAI) to Uniswap for other purposes. Lastly, the user pays back the loan to Aave, which burns a fraction of its token for 0.07 DAI to increase the value of its tokens in circulation.

Can you make money with flash loans?

It is possible to make money with strategies that use flash loans but it is also possible to lose money with these same strategies. 

Before engaging with flash loans, it is important you understand the risk. 

One way some seek to generate a profit with flash loans is by becoming a liquidator. When a debt becomes undercollateralized, a class of users called liquidators will trigger a liquidation event to buy undercollateralized assets at discounted prices.

With flash loans, anyone can become a liquidator and profit from the discounted assets. For example, take a look at this transaction: 

A picture of a transaction that shows how liquidators use flash loans to profit off liquidations.
Liquidation

First, the user borrows 12,940 DAI from dYdX and swaps it for 13,046 USDT. This USDT is then used to buy collaterals at a discounted price on Compound

After exchanging the asset they bought, the liquidator gets 13,450 DAI. And once they paid back the flash loan, 510 DAI remained as profits, which is greater than the gas fees (~$172).

Flash loan risks: Flash loan attacks

Although DeFi flash loans have grown in popularity and liquidity, they also come with risks. 

About $500 million worth of assets were stolen from DeFi platforms between 2020 and 2021. And one of the most common attacks that caused millions to be wiped off the protocols were carried out using flash loans. 

Oracles are third-party services that allow smart contracts to get data from outside their ecosystem. In most cases, this data is the real-time price of assets.

Oracle manipulation is the practice of manipulating the asset price data in these oracles to buy or sell above or below the fair market price on the platform. 

Here’s how this attack is carried out using a flash loan:

  • Borrow a large amount of token A from a flash lending provider. 

  • Use a DEX to trade token A for token B (this lowers the price of token A and increases the price of token B on the DEX).

  • Utilize the purchased token B as collateral on a DeFi protocol that relies solely on the DEX (mentioned above) as its price feed, and use the rigged pricing to borrow a larger amount of token A. 

  • Profit from the protocol's manipulated price feed by using a portion of borrowed token A to fully repay the original flash loan and keep the remaining tokens.

  • The values of tokens A and B on the DEX will be arbitraged back to the true market price. But the DeFi protocol is left with an undercollateralized position (debt worth more than collateral), which directly harms other users such as the liquidity pool providers.

For example, in May 2020, the Binance Smart Chain protocol Pancake Bunny lost over 7 million BUNNY tokens and 114,000 BNB in a flash loan attack. 

As a result of the attack, BUNNY plummeted by 96% and the platform incurred a loss of more than $200 million.

How can you help protect yourself better from flash loan attacks?

Protocols that use on-chain centralized price oracles, such as a single DEX, are vulnerable to attacks carried out using flash loan vulnerabilities. 

Why?

When a single on-chain exchange is used as a price feed, an asset's data is extremely limited because it only reflects the market condition of that one exchange. 

An oracle like Chainlink, however, is powered by a decentralized network of oracles, so while an attacker can carry out a single flash loan transaction, it still won’t affect the price feed as the exchange gets pricing data from multiple sources. 

Concluding thoughts on flash loans

Flash loans have taken the decentralized finance world by storm as they let users instantly borrow assets without collateral. 

They’re a double-edged sword, however, as flash loans come with significant risks and can have unfavorable consequences on the crypto ecosystem depending on what they’re used for. 

Many crypto enthusiasts are currently using flash loans to try to make profits and hedge themselves against liquidation risks. But malicious parties are also using them to engineer attacks on smart contracts and drain them of funds. 

It’s also worth remembering that flash loans are relatively new to the DeFi space, so the possibilities for innovation are endless. 

Frequently asked questions (FAQs) about DeFi flash loans

How do I get a crypto flash loan?

To get a crypto flash loan, you can use a drag and drop tool like Furucombo and create a pipeline with cubes which are akin to building blocks. 

Alternatively, you can also use smart contracts to execute flash loans on platforms like Aave, dYdX, and Uniswap

Since smart contracts are pieces of code, you can find many open source flash loan codes on sites like GitHub.

Do flash loans need collateral?

No. Flash loans are unsecured and uncollateralized, meaning anyone can borrow funds to make profits. 

What happens if you don’t pay your flash loan?

If you don’t pay your flash loan, the smart contract cancels the loan and returns the funds to the lenders. 

How long does a flash loan last?

As the name suggests, a flash loan only lasts for a few seconds or minutes as the loan is taken and repaid within the same transaction.

Are flash loans risk free?

No. As discussed in this article, flash loans come with risks and you should make sure to educate yourself about these risks before engaging with flash loans.

Begin your DeFi journey with MoonPay

Flash loans are just one of the many ways you can engage with the DeFi ecosystem. To get started with DeFi, simply buy cryptocurrency via MoonPay using your credit card or any other preferred payment method.

MoonPay's widget offers a fast and easy way to buy Bitcoin, Ethereum, and many  other cryptocurrencies.

MoonPay also makes it easy to sell crypto when you decide it's time to cash out, including several tokens mentioned in this article like ETH, USDT, and USDC. Simply enter the amount of the token you'd like to sell and enter the details where you want to receive your funds.

Mrig P
Written byMrig P

You might also like