Flash Loan Attack Vectors
Flash loan attacks exploit the ability to borrow massive amounts of capital without collateral in a single transaction, using it to manipulate prices, drain liquidity pools, or exploit protocol logic.
How It Works
An attacker borrows a large amount via flash loan, uses it to manipulate an on-chain price oracle or liquidity pool, exploits the price discrepancy in a vulnerable protocol, then repays the loan — all in one transaction.
Real-World Examples
bZx Attack
One of the first major flash loan attacks, manipulating token prices on Uniswap to exploit bZx's lending protocol.
Pancake Bunny
A flash loan attack manipulated PancakeSwap prices to drain the Bunny protocol's reward system.
Code Examples
Vulnerable Code
// VULNERABLE: Spot price used as oracle
function getPrice() public view returns (uint256) {
// Using DEX spot price - easily manipulated!
return tokenReserve / ethReserve;
}
function liquidate(address user) external {
require(getPrice() < threshold); // Flash-manipulable
_liquidate(user);
}Secure Code
// FIXED: TWAP oracle resistant to manipulation
function getPrice() public view returns (uint256) {
// Use Chainlink or TWAP oracle
(, int256 price,,,) = priceFeed.latestRoundData();
require(price > 0, "Invalid price");
return uint256(price);
}Prevention
- Use time-weighted average price (TWAP) oracles instead of spot prices
- Integrate Chainlink or other decentralized oracle networks
- Add flash loan guards that prevent price-sensitive operations in the same block
- Implement minimum time delays for price-sensitive operations
Related Vulnerabilities
Scan Your Contract for Flash Loan Attack Vectors
Our AI-powered auditor automatically detects flash loan attack vectors and 20+ other vulnerability types. Get a detailed report in minutes.