Story from

Protecting The $50 Billion DeFi Industry From Flash Loan Attacks With Chainlink

There is currently over $50 billion total value locked (TVL) in decentralized finance (DeFi), an amount which could grow to $500 billion this year. Unfortunately, many DeFi protocols still rely on a single exchange as their sole price feed oracle. As more people around the world seek control of their own economic destinies through the DeFi ecosystem, it’s vital that DeFi protocols adopt decentralized oracle solutions to protect their users from preventable attacks, particularly those involving flash loans.  

Using smart contracts on blockchain, flash loans allow anyone to borrow unlimited funds without collateral – as long as those funds are repaid within the same transaction. Flash loans can temporarily allow anyone in the world to act as a well-capitalized actor. Malicious actors can thus use flash loans to manipulate the market with a whale’s influence – but only when a protocol relies on a single centralized price feed. 

As CMO of Chainlink Labs, Adelyn Zhou, noted in an article for CoinDesk, “Flash loans do not create vulnerabilities within DeFi – they simply reveal vulnerabilities that already exist.” She went on to explain that the term “flash loan attack” is misleading, because the attacks actually target exploitable price oracles.

This past December, DeFi lending protocol Warp Finance was the victim of an $8 million flash loan attack shortly after its release. On-chain researchers determined that hackers were able to withdraw $7.7 million from the Warp Finance protocol by manipulating a faulty price oracle – a third-party service that connects blockchain to verified off-chain data. 

Chainlink solves the problem of malicious actors using flash loans to exploit DeFi protocols that rely on a single exchange as a sole price oracle. By hyper-validating data using as many different exchanges, data providers and oracle nodes as possible, Chainlink’s decentralized oracle network protects DeFi protocols from being manipulated by any one participant in the system.

This is why Warp Finance integrated with Chainlink to prevent future flash loan attacks. A Medium post announcing the integration explained:

“After determining that the root cause of the exploit was an insecure, gameable price oracle, we set out to find the most robust oracle solution in the market. Our research and due diligence concluded that Chainlink was the most secure, reliable, and proven oracle solution, and will protect the Warp Finance ecosystem from similar flash loan-funded price oracle attacks moving forward.”

The Warp Finance protocol relaunch ensures user funds are protected from future attacks and exploitation by using Chainlink Price Feeds for DAI/ETH, BTC/ETH, USDT/ETH and USDC/ETH to determine the valuations for both stablecoins used as loans and liquidity provider (LP) tokens used as collateral.

Chainlink’s decentralized oracle network arrives at incorruptible “definitive truth” about cryptocurrency pricing from an aggregation of hundreds of different exchanges, data providers and nodes. As Chainlink Co-Founder Sergey Nazarov explained on a recent episode of the Ground Floor Consensus podcast, “It’s all about reliability, and reliability boils down to truth and truth, in the case of blockchain, boils down to redundancy.” 

Read more about

Have an idea for a story?

If you’re interested in submitting content to be considered for publication, please carefully review the Chainlink Today Content Submission Guidelines to help you get started. We’re excited to hear from you.

Related Stories