Our thoughts on the recent DeFi “Flashloan” attack
Background
bZx’s Flashloan attack event has sparked wide discussions across DeFi industry recently. This all began with a new DeFi primitive enabling uncollateralized loans: Flashloan, which allows you to get uncollateralized loans when your operations guarantee it will be repaid in 13–15 seconds (Almost free if you pay it back in the same one transaction ).
In this article, we share our thoughts on the flash loan-related facts, its impact and how this will change the whole DeFi world.
Flashloan
Flashloan was first implemented on Aave Protocol and it allows users to borrow from the reserves within a single transaction (i.e., within one block), as long as the user returns more liquidity that has been taken.
Aave is not the first one to bring this concept up. In 2018, Marble protocol introduced a flash lending concept which is exactly the same idea that enables borrow and payback within the same transaction.
Uniflash, a flash loan project developed recently by Cheng Wang (founder of sharding project @Alephium), is a Uniswap-like simple tool and shares all the fees to the lenders. Aave’s flash loan charges interest rate of 0.09% per loan.
DeFi lending protocols are in general built upon over-collateralization with a haircut rate of around 25% to 50%, which means that for every unit of collateral posted, only 50% to 75 % of the credit will be given. While providing the necessary safety of the system, over-collateralization introduces further inefficiency. We believe that a low collateralization rate will be the future of DeFi and find flash loans innovative. With flash loans, borrowers can take advantage of 100% undercollateralized loans with interest rates as low as 0.09% per flash loan, compared with a 30-day average borrow rate on dydx’s 125% collateralized ETH loans, which is ~ 0.45% annually (or ~0.0012% daily). (source: defirate.com as of Feb 24, 2020)
Note that flash loan cannot be freely deployed on every lending liquidity pool and it is functional only when the lending protocol supports this feature. For example, the Fulcrum team released the flash loan feature on the Ethereum Mainnet on Jan 11, 2020. Aave and dydx also support this feature.
The attacks
There are two successful attacks up to now. The attacks happened simultaneously across multiple protocols: Compound, dYdX, Uniswap. And we find some interesting facts:
· Return on Capital (17% for the first and 54% for the second) is pretty high considering only within several seconds.
· In the second attack, the attack’s profit takes 88% of the total loss compared to the first one’s 50%.
· bZx is the only one suffering from these two attacks. The first attack left a bankruptcy position and the second one left an undercollateralized loan.
Note our conclusions calculated based on our assumptions. It is for analysis purposes only and shall not be treated as the truth.
There are three aspects worth being looked into and are elaborated below respectively.
Firstly, collateralized loan provider (i,e,.Compound) was not a victim in the first attack, while it was in the second attack(i,e,. bZx). It is because the Compound’s collateral was ETH, while bZx’s was sUSD, the one being pumped.
Secondly, the ways of pumping and dumping worth to be compared. A successful attack is “buy low, pump to the high and dump high”. Attack 1&2 “buy low” through collateralized loan-borrowed WBTC and Synthetix system-mint sUSD at a fair price; they “pump high” through bZx margin trade and direct Dex swap, both taking advantage of Dex’s low liquidity; they “dump high” through Dex swap and collateralized loan-borrowed ETH and left the position open to liquidation, respectively.
Lastly, attack 1 took away ~1,171ETH out of bZx’s total lost ~2,320ETH with ~1,149ETH residual profit for the Dex’s market makers, representing a 50% profit to loss ratio. Attack 2 managed to get ~2,378ETH out of the total lost ~2,696ETH, representing an 88% profit to loss ratio. Note the first attack had 6,800ETH in use while the second is 4,418ETH. The second attack is more successful in regards to higher capital efficiency.
Future
DeFi lending is normally overcollateralized as the anonymity of blockchains, which brings low capital efficiency. There are some attempts to lessen the LTV ratio (Loan to Value) such as credit scoring tool. Basically, the logic here is to lower the counterparty risk (~the possibility that the principal and interest will not be paid back) as much as possible. Flashloan as an example makes it possible and remains only system risk.
The attacks have raised many discussions. People questioned DeFi infrastructure such as oracles. However, even perfect oracles cannot avoid this kind of market manipulation attack. It exists already in the traditional financial market and it will continue to exist because the price can always be manipulated by whales. We think the flash loan is a good start. It brings leverage impact to DeFi that every 15 seconds the collaterals can be borrowed out once. In other words, the velocity of money is 1 for ~15 seconds, while the velocity of US M2 money was around 1.4 for a quarter (Source: https://fred.stlouisfed.org/series/M2V).
The idea of flash loan has the potential to be evolved further and areas below might be restructured.
· A costless decentralized futures exchange. Fees for margin trading can be much lower as the borrowed money must be paid back. A low-risk premium is possible. Centralized futures exchanges may face more competition when safer and costless decentralized derivatives exchange finally appear.
· To C financial product. Flashloan is not designed for everyone but for people who understand solidity. However, it is not impossible to make it available to the end-users. For example, aggregation platforms and user-friendly tools such as Zerion may deploy flash loan and allow users to do a one-click collateral swap and refinancing. Furthermore, high-frequency arbitrage trading strategies could be developed by professionals and create a market to sell the strategies on Set protocol.
· Insurance. Nexus Mutual paid out two claims worth~$31k after the attacks, which proved the system works. Since the attack is not unusual in traditional financial history and DeFi is still in an early stage, we believe asset protection in the form of cryptocurrency insurance is creating a huge demand.
· DAO. DAOs become vulnerable as the voting tokens can be borrowed almost without cost. It creates a possibility to act badly intervening system’s security.
· DeFi or CeFi. bZx used their admin key to stream interest and exit liquidity with the $600K of wBTC left by the arbitrager as collateral after the attack. So, is it after all DeFi at all or a CeFi indeed? Admin key means that the team has still the possibility to take away all the money collateralized by users, while the ultimate goal of DeFi is to eliminate a central party.
