Coming soon: The only portfolio tracker you’ll ever need. Find out more

Flash Loans: The Utility & Risk in DeFi

Learn how flash loans work, why they're so powerful, and the unintended consequences that could impact the DeFi ecosystem.

The decentralized finance (DeFi) ecosystem is reshaping the financial services industry. For example, decentralized lending platforms can make loans without looking at credit history, and decentralized trading platforms don’t require any central intermediary. However, there’s a cost to operating on the bleeding edge of innovation.

This article will examine how flash loans work, why they’re so powerful, and the unintended consequences that could impact the DeFi ecosystem.

What Are Flash Loans?

Max Wolff, creator of the Marble Protocol, coined the term “flash loan” in 2018. They enable someone to borrow as much money as they want for a single transaction. By the end of the transaction, the borrower must repay the entire amount (plus a fee), or else the transaction will automatically roll back. The result is a sort of zero-risk, zero-opportunity cost loan.

Imagine you spot an arbitrage opportunity where the same token trades at a different price on two decentralized exchanges (DEXs). Using a flash loan, you could borrow capital, buy the lower-priced token, sell the higher-priced token, repay the loan, and pocket the difference. And if one part of the transaction fails, it undoes the entire chain of transactions.

Since the borrower freezes time for the duration of the transaction, the capital was never really at risk and could never have been used to earn interest elsewhere. The lack of risk and opportunity cost means these loans should be free. Many DEXs don’t charge anything for flash loans, making them effectively free for anyone to use.

While they are fast and cheap to use, flash loans could have tax implications. The sale of any crypto asset triggers capital gains taxes if you have an unrealized profit (including liquidity pool tokens). So, in our arbitrage example, buying the lower-priced token and selling the higher-priced token will result in a capital gain for that token if the transaction is successful.

Flash Loan Benefits

Flash loans initially became a popular way to capitalize on arbitrage opportunities. While most arbitrageurs leverage more sophisticated tools to minimize costs, zero-cost flash loans could become the mainstay for capitalizing on arbitrage opportunities. And that’s a net positive for the crypto market since it maximizes price efficiency and discovery.

In addition to arbitrage, flash loans have become popular for liquidations and collateral swaps (refinancing transactions).

Most banks overcollateralize DeFi loans to minimize the risk of default. But sometimes, the value of the collateral falls below a certain threshold, and the loan becomes undercollateralized. When that happens, liquidators attempt to pay off the loan and, in return, receive the collateral that they can sell to recover the amount and potentially earn a profit.

For example, suppose that a DEX has an undercollateralized loan where a borrower owes 50,000 USDC, but their ETH collateral dropped in value and is just enough to cover the loan amount. The liquidator would normally need 50,000 USDC upfront to pay off the loan. However, a flash loan enables them to liquidate the loan, sell the collateral, and repay it all at once.

Flash loans can also help refinance with minimal friction. For instance, if you deposit 1,000 LINK tokens on Aave as collateral to borrow 5,000 USDC, If you find Compound is offering a better rate, you will typically have to repay the 5,000 USDC to Aave to unlock your LINK tokens – but that requires a lot of upfront capital.

Using a flash loan, you could loan 5,000 USDC, repay your Aave loan to release your 1,000 LINK tokens, deposit a portion of the LINK tokens into Compound to take out a new loan, convert the remaining LINK tokens into USDC on Uniswap, and repay the flash loan. This results in zero up-front cost to complete the refinancing.

Flash Loan Risks

Flash loans have their place in the DeFi ecosystem, but like many new financial instruments, there are some unintended consequences and nefarious use cases.

The crux of the problem is that crypto security often hinges on prohibitive costs. As a classic example, a 51% attack is simple to execute on the surface but isn’t feasible due to the high cost. For instance, a 51% attack on Bitcoin would require someone to purchase or manufacture about $5.5 billion worth of ASICs – an amount that will, in actuality, never get paid off.

Unfortunately, flash loans dramatically lower (or eliminate, in some cases) the cost barrier, making it easy for anyone to attack a DeFi protocol with millions of dollars.

For example, suppose an attacker borrows a large amount of token A from a protocol supporting flash loans. Then, they swap token A for token B on a decentralized exchange, which lowers token A’s spot price and increases token B’s price. The attacker could then deposit the purchased token B as collateral using the artificially high spot price from the DEX. Finally, they could use a portion of their borrowed token A to repay the flash loan. This series of transactions would leave the DeFi protocol in an undercollateralized position as the spot prices normalize.

Flash Loan Risks
Source: Chainlink

Governance manipulation is another nefarious use case for flash loans. Imagine you want a governance proposal to pass. You could use a flash loan to borrow governance tokens, lock them to vote for the proposal, and then unlock them to return the funds. This example is what BProtocol did using a single transaction to push through its proposal on the Maker protocol in October 2020. These kinds of edge cases could undermine the truly decentralized governance of many projects and introduce problematic proposals to the ecosystem.

What’s Next?

The DeFi ecosystem continues to evolve to address these concerns and mitigate security loopholes. For example, Chainlink’s Price Feeds incorporate data from decentralized network nodes that aggregate price data from multiple independent sources. As a result, flash loans do not affect these aggregated values, and executing a price oracle attack becomes impossible.

Other solutions might include forcing some transactions to span two blocks, making executing with a single transaction impossible, or requiring on-chain proofs that someone didn’t take out a flash loan. Governance tokens could also require lockups to prevent flash attacks or have voting power that changes based on the time you hold them.

But despite these improvements, flash loans remain a risk for many DeFi platforms. Many lending protocols don’t tell outsiders if a smart contract is a flash loan. So, if you’re a DeFi platform and someone comes in with money, it’s impossible to know whether or not it’s their money – it could be a flash loan that disappears after a transaction.

The Bottom Line

Flash loans are a prime example of crypto innovations that both provide tremendous benefits and lead to unintended consequences. They could become an invaluable tool to help improve price efficiency and speed up collateral-related transactions. But on the other hand, they provide malicious actors with unlimited funds for their attacks.

Ultimately, innovations like Chainlink’s Price Feeds and underlying improvements to blockchains could help mitigate these problems. But in the meantime, crypto traders and investors should be mindful of these risks.

If you trade crypto assets, ZenLedger can help keep everything organized for tax time. Our platform aggregates transactions across your wallets, computes capital gains and losses, and generates the paperwork you must file yearly.

Get started today for free!

The above is for general info purposes only and should not be interpreted as professional advice. Please seek independent legal, financial, tax, or other advice specific to your particular situation.

Justin Kuepper