Flash Loans in sight
The attacks on the decentralised financial platform bZx shocked the decentralised financial market (DeFi) without warning. By means of an exploit, a user was initially able to tap Ethereum to the value of USD 360000. Previously he had taken out a flash loan for 10000 ETH. But how is this possible and what conditions apply in the new market? We take a look at the mysterious flash loans.
What are Flash Loans?
Flash Loans are flash loans that are regulated by a Smart Contract. Users can thus borrow a free loan that only becomes valid when it is paid back in the same block. On the Ethereum block chain, this must be done within 15 seconds. These features limit the trader’s risk. But what are the use cases in this small time window?
Use cases of Flash Loans
Flash loans are usually taken up for arbitrage trading. Traders try to take advantage of price differences between the exchanges. Other use cases exist in the form of collateral swaps (exchange of collateral with other assets), loan liquidations and other financing options. The advantage for the provider is a low transaction fee. However, this fee is only charged if the loan is paid on time. In the case of the first Flash Loan exploit, the user paid a transaction fee of approximately USD 8. Not a bad swap.
How did the “hacker” proceed?
To understand how the “hacker” was able to earn 360000 USD in just 15 seconds, one should first take a look at the sophisticated Smart Contract:
- the “hacker” takes a flash loan of 10000 ETH on the platform dYdX.
- he then sends half of it (5000 ETH) to the Compound platform and borrows 112 wBTC
- he sends the other 5000 ETH to Fulcrum, a bZx-based exchange
- on Fulcrum, the “hacker” uses a leverage effect on a falling wBTC price
- via KyverSwap he exchanges the borrowed ETH (approx. 5600) for 51.3 wBTC. This triples the wBTC price in Uniswap
- he sells the borrowed 112 wBTC on uniswap and receives 6871 ETH
- he repays the 10,000 ETH on time. Thus the Flash Loan is valid and the “hacker” is about 360000 USD richer.
What did this mean for the DeFi?
A few days later there were reports of another attack by the crypto space. According to these reports, another “exploiter” had succeeded in stealing about 3000 ETH from the bZx platform. It was not long before the negative voices of the DeFi critics became loud and predicted further exploits. As a result, the DeFi market suffered losses worth millions.
Benefits from the events
It may sound strange, but the exploits could help the DeFi market in the end. By exposing security holes, developers must re-evaluate the issue of Flash Loans and prevent and detect further “holes”. Of course, the high learning curve and the loss of confidence hurts many investors. In the long run, however, the DeFi market will continue to develop as a result of such events. Countless opportunities are just around the corner with the DeFi market, a unique opportunity for the entire financial system.