A hacker who stole the decentralized stablecoin platform Beanstalk in April had a powerful tool at his disposal: a billion-dollar loan taken out with no collateral, no proof of income and no identity verification. The loan had to be repaid in less than a second, but that was all it took to steal tens of millions of dollars.
The hacker used what is called a flash loan, a cheap, instant and anonymous form of financing based on cryptocurrencies.
These flash loans have beneficial uses, including helping traders trying to capitalize on price differences between cryptocurrencies on different exchanges. In that sense, they are very similar to the funding that an investment bank might provide to an investment fund to make bets on different stocks or currencies.
But flash loans also have a dark side. There have been a series of recent thefts using flash loans. In addition to the Beanstalk theft revealed last month, a decentralized financial platform called Rari Capital said a hacker used a flash loan to help steal around $80 million from it. And Cream Finance said in October that a hacker used a flash loan to help steal around $130 million from its platform.
Decentralized finance, or DeFi, is a growing area of the cryptocurrency world that provides funding and liquidity to people who trade in its markets. In a sense, flash loans are similar to funding that banks might provide to algorithmic traders who enter and exit positions in milliseconds.
A DeFi platform, such as Aave or Uniswap, is software that allows users to build and support applications. Users of different apps and services deposit cryptocurrency into accounts within each service. The combined assets on a platform are the pools from which flash loans are made.
Services such as borrowing and lending are handled by “smart contracts”, pieces of code that are written to automate an agreement. These replace a loan application or bank application that would be used in traditional finance.
Flash loans are not a retail tool, however. To use a flash loan, someone must be able to code a contract and execute it. The flash loan part of the Beanstalk hack, for example, involved nearly two dozen steps.
““There is so much more profit in harmful uses.””
What puts the flash in a flash loan is the repayment period: It is almost immediate. A flash loan is both granted and repaid within the same transaction. The loan life cycle is about as long as it takes a computer to process a transaction.
It’s not a lot of time. But in an automated world, all you have to do is make a trade.
The smart contract contains written terms that guarantee repayment. If the borrower does not repay the loan, the contract cancels the transaction before it is confirmed, as well as any market maneuver to which it was linked. It is as if the loan never took place and is therefore an all or nothing proposition. For this reason, there is virtually no credit risk for lenders.
And since there is no credit risk, the amounts that can be borrowed are only limited by the amount of capital held on a specific DeFi platform. Aave, for example, has approximately $21 billion in liquidity across its services, held in a variety of cryptocurrencies.
In theory, flash loans allow people to use borrowed funds the way financiers do in traditional markets, like an activist investor would use the funding to acquire a business, or the way George Soros used borrowed money to bet against the pound sterling.
But their speed, the absence of guarantees required and the anonymity allowed make them very different in practice. “They open up the potential for things you couldn’t even do in traditional markets and weren’t possible in crypto before,” said Max Galka, founder and CEO of crypto analytics firm Elementus.
There are several DeFi platforms that allow flash loans, but Aave, where the loans come from, is the biggest. Since 2020, Aave has processed 52,000 flash loans totaling $15.6 billion in market value, according to Elementus. Borrowers pay a small fee for the loan.
This is small compared to the total value of the crypto market of $1.8 trillion. But even a few hundred million can be enough to manipulate or attack some of the smaller and less liquid assets in the crypto market.
For coders who understand how to use flash loans, the potential for malpractice is enormous, said Hassan Bassiri, fund manager at Arca, a crypto-focused investment manager. Because DeFi is such a new field, many services have poor security or poorly written code, or both, making the potential for abuse even greater.
“You’re not going to make $80 million in 30 seconds of work doing arbitrage,” Bassiri said. “There is so much more profit in harmful uses.”
The Beanstalk incident is an example of a hacker using a flash loan to temporarily take over a crypto project. Beanstalk is a stablecoin platform, which means that each token is pegged to the US dollar, where the investors are also the owners. Each person who buys a token receives one voting share. Investors can propose and vote to make changes to the platform.
A day before the attack, the hacker offered to send money from Beanstalk to Ukraine as help, although the code was instead directed to a wallet controlled by the hacker.
The Beanstalk hacker borrowed $1 billion in a flash loan from the Aave platform, in several different crypto denominations, which the hacker used to buy Beanstalk and temporarily take control of the voting mechanism. The Beanstalk founders declined to comment. Aave did not respond to a request for comment.
At the time of the attack, the hacker had to do several things quickly with a computer program: take out the flash loan, buy enough tokens to give the person a voting majority, and vote to approve the previous day’s proposal. Then the hacker sent the funds to another location and sold the Beanstalk tokens to repay the original loan.
The result: the hacker drained around $76 million worth of cryptocurrency in the blink of an eye.
Write to Paul Vigna at Paul.Vigna@wsj.com
Copyright ©2022 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8