What is a Flash Loan Attack?
A flash loan attack is an exploit where an attacker borrows a massive amount of cryptocurrency through a flash loan (no collateral required), uses it to manipulate prices or exploit protocol vulnerabilities, profits from the manipulation, and repays the loan — all within a single transaction block.
If the attack fails to profit, the entire transaction reverts as if it never happened. The attacker loses only gas fees.
How Flash Loans Work
A flash loan is a DeFi innovation unique to blockchain: you can borrow any amount with zero collateral, as long as you repay it within the same transaction. If you don’t repay, the entire transaction is reversed.
1. Borrow 10,000 ETH (flash loan — zero collateral)
2. Do whatever you want with it (trade, manipulate, exploit)
3. Repay 10,000 ETH + 0.09% fee
4. Transaction completes — keep the profitIf step 3 fails (you don’t have enough to repay), steps 1–2 are reversed. It’s as if the loan never happened.
The Attack Pattern
Step 1: Borrow
The attacker takes out flash loans from Aave, dYdX, or Balancer — protocols that support uncollateralized lending.
Step 2: Manipulate
Using the borrowed funds, the attacker exploits a vulnerability. Common patterns:
Price Oracle Manipulation:
1. Borrow 100M USDC (flash loan)
2. Buy TOKEN on a low-liquidity DEX pool → price pumps 500%
3. Now an oracle (like Chainlink) reads the inflated price
4. Use the inflated TOKEN as collateral on a lending protocol
5. Borrow more than the TOKEN is actually worth
6. Repay the flash loan, keep the differenceReentrancy Exploitation:
1. Borrow funds via flash loan
2. Interact with a vulnerable contract
3. The contract sends funds before updating its state
4. Attacker's fallback function re-enters and drains more
5. Repay flash loan, keep stolen fundsStep 3: Repay and Profit
The attacker repays the flash loan plus fee and keeps the profit. The entire attack happens in one transaction (~12 seconds on Ethereum).
Notable Flash Loan Attacks
| Target | Date | Amount Lost | Attack Vector |
|---|---|---|---|
| bZx | Feb 2020 | $350K | Oracle manipulation |
| Harvest Finance | Oct 2020 | $24M | Price manipulation |
| Cheese Bank | Nov 2020 | $3.3M | Oracle manipulation |
| Origin Protocol | Nov 2020 | $7M | Oracle manipulation |
| Cream Finance | Oct 2021 | $130M | Price oracle exploit |
| Beanstalk | Apr 2022 | $182M | Governance flash loan |
The Beanstalk attack was particularly notable: the attacker used a flash loan to acquire enough governance tokens to pass a malicious proposal — draining $182M in one transaction.
Flash Loans: Weapon or Tool?
Flash loans are neutral technology. They were designed for legitimate purposes:
| Legitimate Use | Description |
|---|---|
| Arbitrage | Borrow to capture price differences between DEXs |
| Debt refinancing | Swap a loan from Protocol A to Protocol B in one tx |
| Collateral swap | Change your collateral type without unwinding position |
| Self-liquidation | Repay your own underwater position to avoid penalties |
The problem isn’t flash loans themselves — it’s vulnerable protocols that can be exploited with borrowed capital. Blaming flash loans for attacks is like blaming bank transfers for fraud.
How Protocols Defend Against Flash Loan Attacks
1. Use Decentralized Price Oracles
Chainlink, Pyth Network, and API3 aggregate prices from multiple sources. A single DEX pool price can be manipulated; an aggregate cannot.
2. Time-Weighted Average Price (TWAP)
Uniswap’s TWAP oracle averages prices over time, making flash loan manipulation ineffective (the manipulation happens in one block, but TWAP reads across many blocks).
3. Delayed Actions
Governance protocols add time locks — even if you acquire enough voting power, changes take 24–48 hours to execute. This prevents governance flash loan attacks.
4. Liquidity Requirements
Some protocols check the liquidity depth of an asset before accepting it as collateral, preventing manipulation on thin pools.
Frequently Asked Questions
Q: Can anyone execute a flash loan attack? A: Technically yes — flash loans are permissionless. But crafting a successful attack requires deep smart contract knowledge and the ability to find exploitable vulnerabilities.
Q: Are flash loan attacks traceable? A: All transactions are on-chain and visible. But attackers typically route funds through mixers (Tornado Cash) or bridges to obscure the trail.
Q: Why don’t traditional finance attacks work this way? A: Traditional loans require credit checks and collateral. Flash loans are unique to blockchain because atomic transactions (all-or-nothing execution) make uncollateralized lending possible.