Crypto Gloss

Flash Loan Attack

Definition:

A flash loan attack is an exploit in which an attacker borrows a large amount of assets using a flash loan — an uncollateralized loan that must be repaid within the same transaction — and uses those funds to manipulate prices, drain protocols, or trigger unintended contract behavior before repaying the loan and profiting from the difference. Since everything happens atomically in one blockchain transaction, the attacker risks nothing: if the exploit fails, the transaction reverts and no funds are at risk. If it succeeds, the attacker keeps the profit. Flash loan attacks are the primary technique behind many of the largest DeFi exploits.

How It Works

A flash loan attack has a standard structure:

  1. Borrow: The attacker takes a flash loan from a provider (Aave, dYdX, Uniswap v3) — often millions of dollars worth of assets with zero collateral.
  2. Manipulate: The attacker uses the borrowed capital to do one or more of:
    Drive up or crash a token’s price on a DEX that serves as a price oracle
    Drain a lending protocol by artificially inflating collateral values
    Exploit a governance mechanism by temporarily holding enough voting power to pass a malicious proposal
  3. Extract: The attacker extracts profit from the manipulated state — usually by selling an inflated asset, withdrawing excess collateral, or claiming governance-unlocked funds.
  4. Repay: The flash loan is repaid (plus fee) within the same transaction.
  5. Block closes: Everything happened atomically. The oracle has already settled at the manipulated price. The protocol has already paid out. The attacker keeps the difference.

Common Flash Loan Attack Vectors

Oracle Manipulation (most common)

Many DeFi protocols use a DEX’s spot price as their price oracle. A flash loan can temporarily move that price on a low-liquidity DEX — the attacker buys a large amount of a token (pushing the price up), uses the inflated price as collateral on a lending protocol to borrow more than the collateral is worth, then dumps the token, repays the flash loan, and keeps the excess borrowed funds.

Example logic:

  • Token X is worth $1 on a lending protocol using Uniswap V2 spot as oracle
  • Attacker flash loans $10M of ETH, swaps it all for Token X on Uniswap V2 → price spikes to $10
  • Attacker deposits Token X at inflated price, borrows $8M in USDC against it
  • Attacker sells Token X back → price returns to $1; loan repaid
  • Net: borrowed $8M against $1M of real collateral

Governance Attacks (see also: Governance Attack)

Some DAOs use token holding at the moment of a governance vote. Flash loans let an attacker borrow enough tokens to pass a malicious proposal in a single transaction. The most famous example: Beanstalk (April 2022) — an attacker flash-loaned enough governance tokens to pass a proposal that donated the protocol’s treasury to themselves, stealing ~$182M.

Liquidity Pool Manipulation

Certain AMM designs are vulnerable to flash loan-induced imbalances. An attacker can temporarily distort pool ratios, exploit pricing curves, or trigger edge-case contract conditions.

History

  • 2020-02 — The first major flash loan attack: bZx Protocol exploited twice in the same week. Combined losses: ~$1M. The concept entered public awareness.
  • 2020-10 — Harvest Finance: $33M stolen via oracle manipulation of Curve pool prices.
  • 2021-05 — PancakeBunny: $200M damage (loss + token price crash) via flash loan-induced BUNNY price manipulation.
  • 2022-04 — Beanstalk: $182M stolen via flash loan governance attack in a single transaction.
  • 2022-10 — Mango Markets (Solana): $116M via self-manipulation of MNGO price oracle to over-borrow. Not technically a flash loan (Solana doesn’t have native flash loans) but used the same conceptual attack.
  • Ongoing — Flash loan attacks remain one of the most common exploit types. Immunefi’s annual reports consistently list oracle manipulation as a top exploit category.

Common Misconceptions

“Flash loans are inherently malicious and should be banned.”

Flash loans are a legitimate DeFi primitive. They are used for arbitrage, collateral swaps, self-liquidation, and refinancing — beneficial operations that improve market efficiency. The problem is not the flash loan but the vulnerable protocol designs (spot oracle usage, single-block governance) that attacks exploit.

“Flash loan attacks are impossible to prevent.”

They are preventable through proper oracle design. Time-weighted average price (TWAP) oracles are not manipulable in a single transaction because they smooth prices over many blocks. Chainlink-style off-chain oracles are similarly resistant. The vulnerabilities that flash loan attacks exploit are mostly known design anti-patterns.

Criticisms

  1. Permissionless attack surface: Flash loan providers cannot meaningfully refuse service to attackers — any smart contract can call them.
  2. Audit blindspot: Many audits focus on code logic rather than economic attack vectors. Flash loan vulnerabilities are often economic rather than code bugs, making them harder to catch in standard audits.
  3. Reentrancy + flash loan combinations: More sophisticated attacks chain flash loans with reentrancy vulnerabilities, making the attack surface multi-dimensional.

Social Media Sentiment

Flash loan attacks generate significant attention on crypto Twitter/X immediately after an exploit — “another flash loan hack” is a recurring headline. The community response is predictably bifurcated: DeFi critics use them as evidence that DeFi is fundamentally insecure; DeFi defenders point out that flash loans are a tool and the vulnerability lies in protocol design. Security researchers often post detailed post-mortems that generate engagement. The phrase “flash loan attack” is commonly misused to describe any exploit, even those that did not use flash loans (e.g. the Mango Markets exploit).

Last updated: 2026-04

Related Terms

See Also

Sources