Flash Loans are uncollateralized loans in DeFi that must be borrowed and fully repaid within a single atomic blockchain transaction. Unlike traditional loans requiring collateral or credit checks, flash loans are secured by atomicity—if the borrower fails to repay by transaction end, the entire transaction reverts, including the initial loan disbursement. This innovation has enabled capital-efficient arbitrage, efficient liquidations, and sophisticated attacks that were previously impossible without substantial capital.

The concept was pioneered by Aave (formerly ETHLend) and dYdX in 2019-2020, fundamentally changing DeFi's landscape. Flash loans democratized access to capital for legitimate use cases like arbitrage and collateral swapping, but also enabled a new class of attacks where adversaries could borrow millions to manipulate markets, exploit vulnerabilities, or drain protocols—all without risking personal capital since failed attacks simply revert.

Technical Implementation

Flash loans leverage blockchain atomicity. In Ethereum, transactions either succeed completely or revert entirely—there's no partial execution. A flash loan smart contract disburses borrowed funds at the transaction's start, executes borrower-specified logic (via a callback function), then verifies repayment plus a small fee. If any step fails, the EVM reverts all state changes, meaning the loan never actually occurred on the final blockchain state.

The basic flash loan pattern follows this sequence: borrower calls flashLoan(amount, data) on the lending pool, pool transfers amount tokens to borrower's contract, pool calls executeOperation(amount, fee, data) callback on borrower's contract enabling arbitrary operations, borrower's logic executes (arbitrage, swaps, etc.), borrower's contract repays amount + fee to pool, and pool verifies repayment or reverts entire transaction.

Aave's implementation charges a 0.09% flash loan fee that accrues to liquidity providers. The contract uses the "optimistic transfer" pattern—it sends tokens before verifying repayment, relying on atomicity to ensure either proper repayment or full reversion. This gas-optimized approach trusts the EVM's atomic execution rather than implementing multiple transfer-and-check cycles.

dYdX's flash loans are implicit in their margin trading system. Users can borrow up to pool capacity, execute operations, then repay within the same transaction. While not explicitly marketed as flash loans initially, dYdX's architecture enabled the same atomic borrow-execute-repay pattern. Many early flash loan exploits used dYdX as the capital source.

Legitimate Use Cases

Arbitrage execution is the most common legitimate flash loan application. Traders borrow large amounts to exploit price discrepancies between markets without needing personal capital. A trader might borrow 1,000 ETH, sell it on DEX A for USDC at a higher price, buy 1,005 ETH on DEX B at a lower price, repay the flash loan plus fee, and keep the profit. If the arbitrage isn't profitable enough to cover fees, the transaction reverts.

Collateral swapping enables users to change collateral types without closing positions. A borrower with ETH collateral in Compound who wants to switch to USDC can flash loan enough USDC to repay their Compound debt, withdraw their ETH, sell the ETH for USDC, deposit USDC as new collateral, and repay the flash loan—all atomically. This improves capital efficiency and user experience.

Liquidation execution by keepers often uses flash loans to maximize capital efficiency. Rather than maintaining large capital reserves, liquidation bots can flash borrow assets to liquidate undercollateralized positions, seize collateral, sell it to repay the loan, and pocket the liquidation bonus. This democratizes liquidation participation and improves protocol safety through increased liquidator competition.

Self-liquidation allows users to exit positions atomically during market volatility. A user facing potential liquidation can flash borrow to repay their debt, withdraw collateral, repay the flash loan with some collateral, and keep the remainder—avoiding liquidation penalties. This requires technical sophistication but saves users from external liquidators capturing value.

Attack Vectors and Exploits

Flash loans have enabled some of DeFi's largest exploits. The article emphasizes price oracle manipulation as a critical vulnerability. Attackers borrow massive capital via flash loan, execute huge trades to manipulate AMM pool prices, exploit protocols using manipulated prices as oracles (triggering undercollateralized loans or incorrect liquidations), then reverse the trades to restore prices and repay the flash loan. All within one transaction, extracting millions.

Famous flash loan attacks include the bZx exploits (February 2020) where attackers borrowed ETH, manipulated Uniswap prices through large trades, exploited bZx's flawed oracle, and profited $350k-$600k per attack. This was the first major demonstration of flash loan attack potential and sparked widespread recognition of oracle manipulation risks.

Harvest Finance (October 2020) suffered a $24M flash loan attack exploiting price manipulation in Curve pools. The attacker borrowed stablecoins, executed large swaps that caused temporary price imbalances in Curve pools, exploited those imbalances through Harvest's yield aggregation strategy, and reversed the trades to repay loans. The attack demonstrated that even sophisticated protocols could be vulnerable to flash loan-enabled price manipulation.

Cream Finance experienced multiple flash loan attacks totaling over $130M. Attackers exploited flawed collateral valuation, manipulated price feeds, and triggered recursive borrowing bugs—all made possible by flash loan access to unlimited capital. These attacks highlighted the compounding risks when protocols have multiple interconnected vulnerabilities.

Reentrancy attacks are amplified by flash loans. While reentrancy vulnerabilities existed before flash loans, having access to massive capital enables more damaging exploits. Attackers can borrow large amounts, use them to trigger reentrancy bugs multiple times within the attack transaction, and extract maximum value before repaying the loan.

Defense Strategies

Time-Weighted Average Price (TWAP) oracles represent the primary defense against flash loan price manipulation. Unlike spot prices that can be manipulated within a single transaction, TWAP oracles accumulate prices over multiple blocks. Since flash loan attacks must complete atomically within one transaction, they cannot manipulate TWAP values. Uniswap V2's TWAP implementation became the gold standard for manipulation-resistant price feeds.

Chainlink price feeds provide external, aggregated price data resistant to single-pool manipulation. Rather than relying on any DEX's spot price, protocols query Chainlink's decentralized oracle network that aggregates prices from multiple sources. Flash loan attacks cannot manipulate these external feeds, making them significantly safer for critical protocol logic.

Reentrancy guards from OpenZeppelin prevent recursive calls during flash loan execution. The nonReentrant modifier ensures functions cannot be called recursively, blocking attacks that rely on reentering protocol logic mid-flash-loan with manipulated state.

Flash loan detection via balance checks can identify when a protocol is being called within a flash loan context. Some protocols check if caller balances changed suspiciously large amounts in the same transaction, flagging potential flash loan attacks. However, this defense is fragile—sophisticated attackers can structure transactions to evade such checks.

Rate limiting and cool-downs prevent rapid-fire operations common in flash loan attacks. Requiring time delays between large operations makes atomic flash loan attacks impossible. However, this degrades user experience and capital efficiency, creating tradeoffs between security and usability.

Economic and Market Impact

Flash loans have dramatically increased DeFi capital efficiency. Liquidation efficiency improved as more participants can execute liquidations without holding large capital reserves, reducing the probability of bad debt accumulation in lending protocols. Competition among flash-loan-enabled liquidators also reduced liquidation bonuses over time, benefiting borrowers.

MEV (Maximal Extractable Value) extraction has been democratized but intensified. Anyone with programming skills can extract arbitrage and liquidation MEV using flash loans, not just well-capitalized entities. This increased competition but also increased sophistication of MEV extraction, with complex multi-protocol strategies becoming common.

Protocol design evolution responded to flash loan risks. Post-2020, protocols design assuming flash loans are available to attackers. Security models must account for adversaries having unlimited capital within single transactions. This has driven adoption of TWAP oracles, external price feeds, and more robust access controls around critical functions.

Understanding flash loans is essential for DeFi security. The article's discussion of using flash loans for oracle manipulation highlights why instant spot prices from AMM pools are "fundamentally insecure price oracles." Security auditors must analyze every protocol assuming attackers have unlimited capital within single transactions, identifying whether any combination of protocol features becomes exploitable when the attacker isn't capital-constrained. Flash loans transformed DeFi by democratizing access to capital while simultaneously enabling a new class of atomic, capital-intensive attacks that require comprehensive defensive design to prevent.