DeFi Insight: Flash Loans
Flash loans, are instant uncollateralized crypto loans where the borrowed asset (and a fee) is returned before the end of the blockchain transaction. Flash loans are a Decentralised Finance (DeFi) tool for borrowing money from pooled assets. In essence Flash loans, as the name suggests, are instant uncollateralized loans with a catch: (1) you take the loan, (2) use the funds and (3) repay the loan including interest in one transaction.
Authors: Valentin Kalinov, Christian Viehof
Flash loans are designed with zero counterparty risk in mind: the likelihood of those involved in the transaction defaulting on their obligations is non-existent. If a borrower fails to repay his loan including interest the transaction never executes, thus nobody loses anything. The flash loan originates from pooled tokens, provided by individuals and investors who are incentivized by the interest they could earn. There are no background checks or credit ratings involved in the process.
Flash loans are special uncollateralized loans that allow the borrowing of an asset, as long as the borrowed amount (and a fee) is returned before the end of the transaction. The lending protocol gives loans to anyone who manages to return the money (plus interest) within the same transaction. The average Ethereum transaction takes 16 seconds, which would mean that a Flash loan would exist no longer than that. Sixteen seconds might not sound a lot, but people have come up with many powerful use cases and hacks.
Flash Loans Use Cases
Since flash loans don’t last long, borrowing a volatile asset such as ether doesn’t pose a price risk. Flash loan can be performed with any ERC-20 asset provided there is enough liquidity in the pool. Interesting use-cases include:
- Arbitrage between decentralized exchanges
- Liquidation of crypto loans on lending platforms like Compound
- Refinancing Crypto Loans
- Flash Minting — instantaneous minting of an arbitrary amount of an asset being burned at the end of the transaction cycle
- Create a leveraged long or short positions
Example: Liquidation of Crypto Loans
Borrowers on Compound and similar platforms are required to put up collateral before they take a crypto loan. Such loans are always overcollateralized. One other aspect of taking a crypto loan is the variable interest rates. Both interest rates and asset prices could play a crucial role in the decision to close a position by quickly repaying the loan. If the price of the underlying collateral drops fast and reaches, a liquidation stage one could lose the collateral and also pay a penalty fee. By using flash loans, one could self-liquidate the loan by losing the collateral while avoiding the penalty fee. In the DeFi ecosystem, the liquidations penalties for loans could range between 3% and 15% depending on the platform. Avoiding the penalty fee could be a considerable cost saving. Obviously, flash loans also impose fees, but it is much better to pay under 1% fee for a flash loan rather than a 15% penalty fee.
The concept of self-liquidation could also be applied to Maker Vaults (also known as CDPs). If a Vault’s position approaches 150% collateralization, the risk of automatic liquidation rises. Taking out Dai flash loan equal to the outstanding debt would enable investors to repay the debt, unlock the collateral and convert enough collateral into Dai on a Decentralised Exchange to repay the loan. All actions happen in one transaction. Platforms like DeFi Saver offer a simple user interface to perform basic flash loan actions such as Maker Vault self-liquidation.
Flash Loan Attacks
Flash loans offer endless opportunities. This, of course, opens many attack vectors for some DeFi protocols. Any arbitrage opportunity or code mistake could result in a loss of funds. With flash loans hackers have millions of dollars at their disposal. One of the earlier flash loan hacks happened in February 2020 when a hacker used his flash loan to manipulate the price of wBTC (a BTC synthetic asset on Ethereum). With 112 wBTC on his disposal, he placed a large sell order on Kyber (DEX) while also shorting wBTC. The result was a profit of $350,000. In this case, the attacker was able to make a profit by manipulating market prices on a Decentralised Exchange.
Sometimes it is the developer’s fault for not holding on to the Ethereum token recommendations. ERC-20 is Ethereum universal standard for token creation. It covers all the basics for a token to be functional while secure. Developers of the SET token failed to comply with the ERC-20 standard when they introduced a new economic model to their token: each transaction would require a 1% fee on top of the Ethereum fees. This error made $500 000 in profits for a hacker who took a simple flash loan worth 104 000 ETH.
Other notable flash loan attacks include:
- February 2020, September 2021, bZx: bZx was one of the first DeFi protocols to be a victim of a flash loan attack. The hacker made off with 1,300 wrapped ETH, worth $366,000 at the time.
- May 19, 2021, Pancake Bunny: The attacker was able to manipulate price differences to steal 114,631 WBNB worth approximately $45 million.
- May 20, 2021, Belt Finance: Belt fell victim to a flash loan attack that netted the attacker about $6.3 million in cryptocurrency
- August 30, 2021, CREAM Finance: A flash loan attack wiped out an estimated $130 million from its Ethereum-based liquidity pools.
- October 2, 2021, Twindex: A fractional-algorithmic synthetic asset system was exploited by an attacker to gain a profit of approximately $538,110.
- October 2021, Cream Finance: The lending protocol lost $130 million in a flash loan attack
- December 2021, Grim Finance: The protocol suffered a reentrancy attack, a type of exploit where an attacker fakes additional deposits into a vault while a previous transaction has yet to be settled. $30 million were stolen.
- April 2022, Deus Finance: $13 million were stolen from the platform by manipulating the price of its stablecoin (DEI).
- April 2022, Beanstalk: An attacker used a flash loan to vote to send themself $182 million netting $80 million in profits.
A version of this post was originally published at https://blog.kalinoff.com
The classification of DAI according to the ITC:
Since many of the flash loan examples include Maker and the stablecoin DAI here is the DAI classification according to the ITC:
Economic Purpose (EEP): DAI is listed as a fiat-pegged payment token (EEP21PP01USD) similar to the other stablecoins in the industry.
Industry Type (EIN): The issuer of DAI is active in the field of Payment Services and Infrastructure (EIN06PS).
Technological Setup (TTS): DAI is an Ethereum ERC-20 Standard Token (TTS42ET01). The Class “Ethereum ERC-20 Standard Token” captures every token that is implemented by means of the ERC-20 Standard on top of the Ethereum blockchain.
Legal Clam (LLC): The DAI token does not entitle its holder to any legal claim or rights against the issuing organization, therefore it is listed as a No-Claim Token (LLC31).
Issuer Type (LIT): The dimension “Issuer Type” provides information on the nature of the issuer of the token. DAI was initially developed by the Maker Foundation. However in July 2021 Maker announced that it is switching to a DAO structure, its Issuer Type is an Entity without Legal Personality (LIT62AL).
Regulatory Framework (EU) (REU): The dimension “Regulatory Status EU” provides information on the potential classification of a token according to the European Commission’s proposal for a Regulation on Markets in Crypto Assets (MiCA, Regulation Proposal COM/2020/593 final). The DAI token qualifies as a Non-Authorized Significant E-Money Token (REU51EM12) according to the definition provided in Article 3 (5) of Regulation Proposal COM/2020/593 final.
List of all DAI tokens:
Figure 3: Tokenbase list with all DAI tokens (Source: https://api.itsa.global)
The International Token Standardization Association (ITSA) e.V.
The International Token Standardization Association (ITSA) e.V. is a not-for-profit association of German law that aims at promoting the development and implementation of comprehensive market standards for the identification, classification, and analysis of DLT- and blockchain-based cryptographic tokens. As an independent industry membership body, ITSA unites over 100 international associated founding members from various interest groups. In order to increase transparency and safety on global token markets, ITSA currently develops and implements the International Token Identification Number (ITIN) as a market standard for the identification of cryptographic tokens, the International Token Classification (ITC) as a standard framework for the classification of cryptographic tokens according to their inherent characteristics. ITSA then adds the identified and classified token to the world’s largest register for tokens in our Tokenbase.
- The International Token Identification Number (ITIN) is a 9-digit alphanumeric technical identifier for both fungible and non-fungible DLT-based tokens. Thanks to its underlying Uniform Token Locator (UTL), ITIN presents a unique and fork-resilient identification of tokens. The ITIN also allows for the connecting and matching of other media and data to the token, such as legal contracts or price data, and increases safety and operational transparency when handling these tokens.
- The International Token Classification (ITC) is a multi-dimensional, expandable framework for the classification of tokens. Current dimensions include technological, economic, legal, and regulatory dimensions with multiple sub-dimensions. By mid-2021, there will be at least two new dimensions added, including a tax dimension. So far, our classification framework has been applied to 99% of the token market according to the market capitalization of classified tokens.
- ITSA’s Tokenbase currently holds data on over 4000 tokens. Tokenbase is a holistic database for the analysis of tokens and combines our identification and classification data with market and blockchain data from external providers. Third-party data of several partners is already integrated, and API access is also in development.
Remarks
If you like this article, we would be happy if you forward it to your colleagues or share it on social networks. More information about the International Token Standardization Association can be found on the Internet, on Twitter, or on LinkedIn.
Valentin Kalinov is an Executive Director at International Token Standardization Association (ITSA) e.V., working to create the world’s largest token database, including a classification framework and unique token identifiers and locators. He has over five years of experience working at BlockchainHub Berlin in content creation and token analysis, as a project manager at the Research Institute for Cryptoeconomics at the Vienna University of Economics and token analyst at Token Kitchen. You can contact Valentin via valentin.kalinov@itsa.global and connect on Linkedin if you would like to further discuss ITSA e.V. or have any other open questions.
Christian Viehof is an Executive Director at the International Token Standardization Association (ITSA) e.V., working to create the world’s largest token database including a classification framework and unique token identifiers and locators. He completed his Bachelor in Economics at the University of Bonn, the Hong Kong University and the London School of Economics and Political Science with a focus on Behavioral Economics and Finance. Currently pursuing his Master of Finance at the Frankfurt School of Finance and Management, you can contact him via christian.viehof@itsa.global and connect with him on Linkedin, if you would like to further discuss ITSA e.V. or have any open questions.
References:
- https://halborn.com/the-10-biggest-defi-hacks-of-2021-a-recap/
- https://medium.com/valixconsulting/twindex-full-incident-analysis-of-flash-loan-and-price-oracle-manipulation-attacks-eff6f4c376db
- https://therecord.media/more-than-13-million-stolen-from-defi-platform-deus-finance/
- https://www.theverge.com/2022/4/18/23030754/beanstalk-cryptocurrency-hack-182-million-dao-voting