Flash loans are one of DeFi's most innovative features — and one of its most exploited. They enable uncollateralized borrowing of millions of dollars in a single transaction, with the only requirement being that the loan is repaid before the transaction ends.
For attackers, this means virtually unlimited capital to exploit vulnerabilities. Here's exactly how it works.
What Is a Flash Loan?
A flash loan lets you borrow any amount of tokens with zero collateral, as long as you return them within the same transaction. If you can't repay, the entire transaction reverts as if it never happened.
Borrow
Request millions in tokens from Aave, dYdX, or Balancer — no collateral needed
Execute
Use the borrowed funds for arbitrage, liquidation, or exploitation
Repay
Return the borrowed amount plus a small fee in the same transaction
Legitimate uses: arbitrage between DEXs, self-liquidation, collateral swaps. Malicious uses: price manipulation, governance attacks, protocol exploitation.
The Attack Anatomy
Here's the general pattern behind most flash loan exploits:
Identify a price dependency
Find a protocol that reads prices from a manipulable source (DEX spot price, single-block TWAP, or a thin liquidity pool)
Flash borrow a large amount
Borrow enough tokens to significantly move the market — often $10M-$100M+ from Aave or dYdX
Manipulate the price
Execute large swaps on the DEX that the target protocol uses as its price oracle, moving the price dramatically
Exploit at the manipulated price
Interact with the vulnerable protocol while prices are distorted — borrow against inflated collateral, liquidate positions, or drain pools
Unwind and repay
Swap back to original tokens, repay the flash loan plus fees, and pocket the profit — all in one transaction
Real-World Example: The Classic Price Oracle Attack
Let's walk through a simplified but realistic scenario:
Attack Scenario: Lending Protocol Using DEX Spot Price
Setup
LendingProtocol uses the ETH/USDC ratio in a Uniswap pool to determine collateral values. The pool has $5M in liquidity.
Step 1: Flash Borrow
Attacker borrows $50M USDC from Aave
Step 2: Price Manipulation
Sells $50M USDC for ETH on the Uniswap pool, crashing the USDC/ETH price and making ETH appear extremely cheap
Step 3: Exploit
Deposits a small amount of ETH as collateral into LendingProtocol. Because ETH now appears very expensive relative to USDC (manipulated price), the protocol allows borrowing far more USDC than the ETH is actually worth.
Step 4: Unwind
Swaps the ETH back for USDC on Uniswap (restoring the price), repays the Aave flash loan, keeps the excess USDC from the lending protocol. Profit: $2-5M.
🛑This Is Not Theoretical
This exact pattern has been used in dozens of real exploits. The Harvest Finance attack ($34M), Cheese Bank ($3.3M), Warp Finance ($7.7M), and many others all followed this template.
Variant: Governance Flash Loan Attack
Flash loans can also compromise governance:
Flash borrow governance tokens
Borrow enough tokens to exceed the proposal threshold or quorum
Create or vote on a malicious proposal
If there's no time lock or snapshot mechanism, the attacker's borrowed tokens count as voting power
Execute the proposal
The malicious proposal passes and executes — draining the treasury, changing admin keys, or modifying critical parameters
Repay
Return the governance tokens. The damage is done.
⚠️Beanstalk: $182M
The Beanstalk Farms exploit used a flash loan to borrow enough governance tokens to pass a proposal that drained the protocol's entire treasury — $182M in a single transaction.
Why Flash Loans Are So Dangerous
$0
Capital Required
1 tx
Entire Attack
$2B+
Total Losses
12s
Attack Duration
The core problem: flash loans give anyone access to unlimited capital for the duration of a single transaction. This breaks a fundamental assumption that many protocols were built on — that large positions require large capital.
How to Protect Against Flash Loan Attacks
Price Oracle Defenses
- Use Chainlink or other decentralized oracles — They aggregate prices from multiple sources and aren't manipulable in a single transaction
- Implement TWAP — Time-Weighted Average Prices smooth out single-block manipulation
- Add deviation checks — Reject transactions if the price differs more than X% from a reference
- Use multiple oracle sources — Cross-reference Chainlink, Uniswap TWAP, and others
Governance Defenses
- Snapshot voting power at proposal creation — Don't count tokens acquired after a proposal is submitted
- Implement time locks — Require delays between proposal passage and execution
- Minimum holding period — Require tokens to be held for N blocks before they gain voting power
General Defenses
Vulnerable Pattern
- •Read spot price from DEX pool
- •Allow borrow and repay in same tx
- •No price deviation checks
- •Governance uses live token balances
Secure Pattern
- •Use decentralized oracle network
- •Require multi-block delays for critical operations
- •Circuit breakers on price movements over 5-10%
- •Governance snapshots voting power at proposal time
Testing for Flash Loan Vulnerabilities
In our audit process, we specifically test:
- Can any price feed be manipulated within a single transaction?
- Can governance actions be completed within a single transaction?
- Are there multi-block delays on sensitive operations?
- Do circuit breakers activate on extreme price movements?
- Are oracle freshness and deviation checks implemented?
ℹ️AI + Human Approach
Our AI agents automatically identify which price feeds and oracle integrations a protocol uses, then flag any that rely on manipulable sources. Human auditors then design protocol-specific attack scenarios and verify the economic viability of exploitation.
Building a DeFi protocol? Get a flash loan resistance audit before deployment. Our team has identified and prevented flash loan vulnerabilities in dozens of protocols.