Cryptex logotype

What is a Flash Loan on the blockchain

25.08.2022 |

For article about flash loans

The rapid growth in popularity of the distributed finance sector in cryptocurrencies has enabled developers to look for various applications of their ideas for blockchain. One of the most significant events in DeFi was the appearance of Flash Laons, or “fast loans”.

Flash Loans (or instant loan) is a feature available in some popular distributed finance protocols, with which a user can take out an instant, short—term loan without collateral. The main condition of Flash Loans is the repayment of the loan in the same block of the distributed registry where it was received.

How flash credit appeared

Initially, decentralized lending assumed that the borrower would provide excess collateral for the loan. In 2020, the Ave vending company proposed a mechanism for decentralized loans based on the basis of liquidity pools. At the same time, third-party developers of decentralized finance were able to implement the function of instant loans without collateral.

The main and basic requirement for obtaining a flash loan is to obtain a loan, all operations with it, as well as refunds must occur within one block of the distributed registry. At the same time, the loan amount, in fact, is not limited, and can amount to tens of millions of dollars, and the fee for obtaining and servicing the loan is only nine hundredths of a percent. Although, in fairness, it should be noted that the creditee will also have to pay the network commission for transactions and access to smart contracts.

Following the growing popularity of DeFi, and, accordingly, commissions for their circulation, instant loans also gained popularity as a tool, for example, for additional profit. In total, in the first two years of the existence of flash lending, contracts worth more than $6 billion, $2 billion and $4.2 billion per year were processed, respectively. The largest loan almost reached the amount of $200 million.

Where flash credits are used

As already mentioned, the main role of instant loans was found in additional profit extraction, mainly on the basis of market inefficiency.

The main industry has become arbitrage trading, where a large amount of funds allows you to extract sufficient profit, and the occurrence of an arbitration situation, as well as the loan term, can last only a few seconds. In general, the mechanism of arbitrage trading with flash credit looks like this:

  • get an instant loan without collateral,
  • purchase an asset on a platform with a lower price,
  • sell an asset on a platform with a high price,
  • repay the loan with commission and interest.

Currently, it is generally believed that it was arbitrage trading that allowed fast loans in cryptocurrency without collateral to achieve such popularity.

Another application of Flash Loans was found in the field of, oddly enough, collateral lending. Thus, when the value of the collateral asset decreases, the contracts are configured in such a way that the collateral will be automatically sold with a substantial commission. To prevent losses, the borrower can take out a loan and close the loan himself, followed by self-realization of the collateral and repayment of the instant loan from the funds received, or purchase a less volatile asset, replacing the cheaper collateral with it.

Disadvantages of instant loans

All the advantages of instant loans could be appreciated not only by ordinary users, but also by hackers. Although vulnerabilities have not yet been found in flash loans themselves, they are used as a tool for extracting illegal profits. Most of the attacks on decentralized finance protocols were carried out using instant loans, such as a few days ago, although the re-entry exploit is still also popular.

Due to the imperfection of the mechanism of price oracles in a particular protocol, or low liquidity on the stock exchange, an attacker gets the opportunity to attack quotes by artificially inflating the price with a large purchase volume, with subsequent profit extraction from this situation. The attack itself can last a fraction of a second, which fits perfectly into the period of one block of a distributed registry.