Flash Loans: How Uncollateralised DeFi Borrowing Works

What Are Flash Loans?

Flash loans are one of the most novel financial primitives to emerge from DeFi, uncollateralised loans that must be borrowed and repaid within a single blockchain transaction. If the loan is not repaid (plus any applicable fee) by the end of the transaction, the entire transaction reverts as if it never happened, meaning the lender is never at risk of losing funds. This unusual structure is made possible by the atomic nature of blockchain transactions, where either every step succeeds or nothing happens at all.

This guide explains how flash loans work, the legitimate use cases that make them valuable, how they have been used in DeFi attacks, and what they mean for the broader DeFi ecosystem.

How Flash Loans Work

The mechanics of flash loans rely on a feature unique to smart contract platforms. When a transaction is sent to an Ethereum-compatible blockchain, all the operations it performs either succeed together or fail together as an atomic unit. If any step in a transaction fails, the entire transaction's changes are rolled back, and the blockchain state returns to what it was before the transaction started.

A flash loan leverages this property. In a single transaction, the user borrows a large amount of capital from a lending protocol, uses that capital for whatever purpose they intend, and then repays the loan (plus a small fee) before the transaction ends. If they cannot repay, the transaction reverts, the loan is effectively unwound, and the lender's funds are returned to their original state. Because the lender cannot lose funds in this scenario, no collateral is needed — the atomicity of the transaction itself provides the security guarantee.

The typical flash loan flow goes like this: a user calls a flash loan function on a protocol like Aave, which sends the requested funds to a callback function in the user's contract. Within that callback, the user performs whatever operations they want with the borrowed capital. When the callback returns, the protocol checks that the loan has been repaid with the fee. If not, the whole thing reverts.

Legitimate Use Cases

Arbitrage is the most common legitimate use case for flash loans. Suppose ETH is trading at $3,000 on one DEX and $3,010 on another. An arbitrageur can flash-loan enough capital to take a meaningful position, buy on the cheaper DEX, sell on the more expensive one, repay the loan from the proceeds, and pocket the difference. Without flash loans, this kind of arbitrage would require the arbitrageur to already have significant capital; with flash loans, anyone can execute these trades with only enough ETH for gas.

Collateral swaps are another valuable use case. Suppose a user has a loan on Aave collateralised by ETH and wants to switch their collateral to wstETH without closing and reopening the position. Using a flash loan, they can borrow enough to repay the existing loan, swap the freed ETH for wstETH, deposit the wstETH as new collateral, and reopen a loan of equivalent size to repay the flash loan — all in one transaction. Without flash loans, this would require either repaying the loan from other funds (potentially triggering tax events and requiring additional capital) or going through a multi-step process with various risks between steps.

Self-liquidation is a related pattern. A user with a position near liquidation can use a flash loan to repay their own loan, recover their collateral, and avoid the liquidation penalty, all while paying only the flash loan fee. This can be more efficient than letting a third-party liquidator execute the liquidation.

Refinancing loans between protocols is a similar pattern, using a flash loan to close a position on one lending protocol and open an equivalent position on another, capturing any interest rate differences or avoiding specific protocol risks. Complex DeFi strategies involving leveraged yield farming, vault migrations, and position unwinding all benefit from flash loan functionality.

Where to Get Flash Loans

Several DeFi protocols offer flash loan functionality with different terms and fee structures. Aave is the most prominent flash loan provider, offering loans across the tokens available in its lending pools at a fee of roughly 0.05% (subject to governance updates). The deep liquidity in Aave's pools makes it suitable for large-scale flash loans across many token types.

Balancer offers flash loans on the tokens held in its vault, often with zero fees (flash loans can borrow any token in the vault as long as it's repaid by the end of the transaction). This fee-free structure has made Balancer a popular choice for DeFi developers building strategies that benefit from zero-cost capital.

Uniswap V3's flash functionality is a variant where users can borrow tokens from a pool within a single transaction, with the option to return either the same tokens plus a fee or a different amount implied by the pool's pricing formula. This is less commonly called a "flash loan" but provides similar functionality.

dYdX previously offered flash loans on its Solo lending platform, and other specialised providers exist. The flash loan ecosystem continues to evolve, with different providers targeting different use cases and fee structures.

Flash Loan Attacks

Flash loans have also enabled some of the largest attacks in DeFi history. The same capital efficiency that makes flash loans useful for legitimate activity makes them a powerful tool for exploiting vulnerable protocols. An attacker with limited initial capital can flash-borrow millions or even billions of dollars' worth of tokens and use that capital to manipulate prices, drain vulnerable protocols, or exploit specific smart contract bugs.

The classic flash loan attack pattern targets protocols that use spot prices from a single DEX as oracle input. The attacker flash-borrows a large amount of Token A, dumps it on the target DEX (crashing the price), uses the artificially low price in a vulnerable protocol (perhaps to borrow against Token A collateral at inflated values), and finally repays the flash loan. The manipulation typically lasts only for the duration of the transaction, but within that transaction the attacker can extract significant value from any protocol that reads the manipulated price.

Many of the largest DeFi exploits in recent years have involved flash loans as a component, though the flash loan itself is usually not the vulnerability. The real vulnerability is typically in the target protocol, usually poor oracle design, incorrect assumptions about market conditions, or logic errors in protocol mechanics. Flash loans simply make these vulnerabilities more easily exploitable by anyone, rather than only by entities with significant existing capital.

Defending Against Flash Loan Attacks

DeFi protocols have developed various defences against flash loan attacks. Using time-weighted average prices (TWAPs) rather than spot prices as oracle inputs makes short-term manipulation within a single transaction much less effective. Using multi-venue oracle aggregation prevents manipulation of a single DEX from cascading through protocols. Implementing circuit breakers that halt operations during extreme price movements adds an additional safety layer.

Some protocols have implemented flash loan detection mechanisms that check whether a call is happening inside a flash loan and restrict certain operations in that context. This approach is controversial; it introduces complexity and can have unintended consequences, but some protocols have found it useful for specific operations.

Ultimately, the best defence is robust protocol design that does not rely on assumptions about capital availability or single-venue pricing. Protocols built with awareness of flash loan attack patterns can be secure even against attackers with unlimited capital, because the security of the design does not depend on financial constraints on would-be attackers.

Implications for DeFi Users

For regular DeFi users, flash loans have both direct and indirect implications. Directly, users interested in arbitrage, collateral swaps, or complex position management can use flash loans to execute sophisticated strategies with minimal capital. Various user-facing tools and dashboards now abstract the complexity of flash loan construction, making these strategies more accessible than they once were.

Indirectly, flash loans affect the risk profile of the protocols users interact with. Because flash loans make capital-intensive attacks more accessible, any vulnerability in a protocol that could be exploited with large capital is essentially equivalent to a vulnerability that can be exploited with minimal capital. This raises the bar for protocol security, defence-in-depth designs, robust oracle strategies, and careful economic modelling all become more important in a world where flash loans exist.

Flash Loan Risks and Considerations

Using flash loans directly carries several risks. Smart contract complexity is a major one; flash loan strategies typically involve interacting with multiple protocols in sequence within a single transaction, creating many opportunities for bugs or unexpected behaviour. Users writing their own flash loan contracts should audit their code carefully and understand all the protocol interactions involved.

Gas cost risk is relevant for complex flash loan strategies. If the strategy fails at any point, the user loses the gas spent on the attempted transaction. For intricate strategies on Ethereum mainnet, this can be substantial. Simulation tools help users predict transaction outcomes before submitting to mainnet, but do not eliminate the risk entirely.

Protocol risk applies to all flash loan providers. A bug in the flash loan provider's contract could potentially be exploited, though this has happened less frequently than bugs in other parts of DeFi. Using well-audited providers like Aave or Balancer reduces but does not eliminate this risk.

Exploring DeFi Strategies via Portals.fi

Portals.fi is a DeFi aggregation platform that allows users to interact with various DeFi protocols through a unified interface. Users exploring lending, swapping, and other DeFi opportunities can access different protocols from a single access point.

For more information about how Portals.fi works, visit portals.fi.

This article is for informational purposes only and does not constitute financial advice. DeFi protocols carry inherent risks including smart contract vulnerabilities, liquidation risk, and market volatility. Always conduct your own research before interacting with any protocol. For our full disclaimer, please visit here.