Nine months ago, in a Denver convention center, a booth sat empty.
Littered with token stickers, the table was supposed to hold the physical representatives of decentralized finance (DeFi) protocol bZx. It remained empty, however, as the team struggled to make sense of the digital forces twisting their young project.
bZx, as they would come to find out, was 2020’s flash loan “patient zero”.
Flash loans remain the common thread through all those recent attacks. These DeFi-native tools enable a savvy investor to take out unbacked loans and amass leverage behind a position. For example, Monday’s Origin Protocol attacker pulled a 70,000 ETH loan from decentralized derivatives platform dYdX. It enabled the attacker to up the amount of loot sucked out of the project.
Yet, while they may be the string connecting these exploits, flash loans are not the cause in and of themselves, industry leaders told CoinDesk.
Oracle manipulation and flash loans
It may not even be fair to characterize the recent DeFi exploits as “flash loan attacks,” Chainlink co-founder Sergery Nazarov told CoinDesk in an email.
Nazarov said flash loans at their core are just lump sums of capital thrown at success