DeFi Exploits Can't Be Pinned on Flash Loans, Industry Leaders Say

Flash loans remain the common thread through all those recent attacks.

These DeFi-native tools enable a savvy investor to take out unbacked loans and amass leverage behind a position.

While they may be the string connecting these exploits, flash loans are not the cause in and of themselves, industry leaders told CoinDesk.

It may not even be fair to characterize the recent DeFi exploits as "Flash loan attacks," Chainlink co-founder Sergery Nazarov told CoinDesk in an email.

Nazarov said flash loans at their core are just lump sums of capital thrown at success trade positions.

"While many are trying to frame this trend as the result of flash loans, most of these exploits could have been committed by any well-capitalized actor. All a flash loan does is temporarily make anyone a well-capitalized actor," Nazarov said.

A flash loan worth $50 million deviated asset prices temporarily away from the market value, creating an arbitrage opportunity.

It's also notable that none of the top DeFi projects have suffered oracle attacks spurred by flash loans, dYdX founder Antonio Juliano told CoinDesk in a message.

Many flash loans used in attacks have originated on his platform, which offers the product without a fee.

"In the same way you wouldn't blame Ethereum for an implementation detail of the chain being used for an attack, the way flash loans are being used in exploits is the fault of developers building insecure applications, not the flash loans themselves," Juliano said.