Attacking the DeFi Ecosystem with Flash Loans for Fun and Profit

TL;DR

This paper analyzes how flash loans and transaction atomicity in DeFi enable high-profit attacks, demonstrating how malicious actors can optimize attack parameters to significantly increase profits and damage the ecosystem.

Contribution

It is the first to quantitatively analyze flash loan attacks in DeFi, formulating attack optimization as a problem and showing how to maximize profits from such exploits.

Findings

Transaction atomicity increases arbitrage revenue.

Existing attacks can be boosted to over $1 million profit.

Malicious optimization can significantly amplify attack gains.

Abstract

Credit allows a lender to loan out surplus capital to a borrower. In the traditional economy, credit bears the risk that the borrower may default on its debt, the lender hence requires upfront collateral from the borrower, plus interest fee payments. Due to the atomicity of blockchain transactions, lenders can offer flash loans, i.e., loans that are only valid within one transaction and must be repaid by the end of that transaction. This concept has lead to a number of interesting attack possibilities, some of which were exploited in February 2020. This paper is the first to explore the implication of transaction atomicity and flash loans for the nascent decentralized finance (DeFi) ecosystem. We show quantitatively how transaction atomicity increases the arbitrage revenue. We moreover analyze two existing attacks with ROIs beyond 500k%. We formulate finding the attack parameters as an optimization problem over the state of the underlying Ethereum blockchain and the state of the DeFi ecosystem. We show how malicious adversaries can efficiently maximize an attack profit and hence damage the DeFi ecosystem further. Specifically, we present how two previously executed attacks can be "boosted" to result in a profit of 829.5k USD and 1.1M USD, respectively, which is a boost of 2.37x and 1.73x, respectively.