What Is a Flash Loan and How Does It Work in DeFi?

Imagine borrowing $100 million for exactly 12 seconds, using it to make a profit, and returning every cent before anyone notices it was gone. That is a flash loan, and it requires no collateral, no credit check, and no paperwork. Just code executing a sequence of financial operations inside a single blockchain transaction, and if any step fails, the entire thing reverts as if it never happened. Aave alone processed over $7.5 billion in flash loan volume during 2025, and the protocol crossed $1 trillion in cumulative all-time loans in February 2026.

Flash loans are one of the most powerful and most misunderstood tools in decentralized finance. They enable legitimate strategies that would otherwise require millions in upfront capital, but they have also been weaponized to drain hundreds of millions from vulnerable protocols. Here is how the mechanics work, what the real risks look like, and why this matters for every DeFi user in 2026.

How a Flash Loan Works Step by Step

In traditional finance, borrowing money requires collateral, a credit history, and time. Flash loans throw all of that out. The borrower takes a loan and repays it within the same transaction on the blockchain, and if repayment does not happen, the blockchain rolls it back automatically. The lender never risks losing funds because the loan either completes successfully or never existed.

Think of it like a time-travel bank. You walk in, borrow $50 million, invest it, collect your profit, return the $50 million plus a small fee, and walk out. But if anything goes wrong at any point, the bank reverses time and the loan never happened, with no paperwork filed and no money actually moved.

The technical flow looks like this. A smart contract on Aave, dYdX, or another lending protocol issues the loan. The borrower's contract executes a series of operations (arbitrage trades, collateral swaps, liquidations) using the borrowed funds. At the end of that same transaction, the contract repays the loan plus a fee (typically 0.05% on Aave). If the repayment instruction is missing or the math does not add up, the Ethereum Virtual Machine reverts everything. The entire sequence happens in one block, roughly 12 seconds on Ethereum, and borrowing $10 million costs around $5,000 in protocol fees.

What Flash Loans Are Actually Used For

Most flash loan transactions are not attacks, and the majority of Aave's volume comes from three legitimate use cases.

Arbitrage. A token is priced at $1.02 on Uniswap and $0.98 on SushiSwap. A trader borrows $5 million via flash loan, buys the cheaper token, sells it on the more expensive exchange, pockets the difference, and repays the loan. This kind of arbitrage actually makes DeFi markets more efficient by closing price gaps that would otherwise persist until someone with millions in capital bothered to close them.

Collateral swaps. You have a loan on Aave backed by ETH, but you want to switch your collateral to USDC without closing the position. A flash loan lets you repay the original loan, free your ETH, deposit USDC as the new collateral, re-borrow, and repay the flash loan in one transaction instead of multiple steps that expose you to price risk.

Self-liquidation. If your DeFi loan is approaching its liquidation threshold, a flash loan lets you repay the debt, withdraw your collateral, sell part of it, and keep the rest. This avoids the liquidation penalty (typically 5-15% of your position), which costs far more than the flash loan fee.

How Flash Loan Attacks Work

The tool itself is neutral, but attackers have used flash loans to amplify exploits that would otherwise require enormous capital. Flash loan attacks have caused over $500 million in cumulative losses across DeFi protocols since 2020.

The attack pattern usually follows the same playbook. The attacker borrows a massive amount through a flash loan, then uses that capital to manipulate token prices on a decentralized exchange. The key vulnerability is price oracles. Many DeFi protocols rely on a single on-chain source (like a Uniswap pool) to determine what an asset is worth, and if an attacker can temporarily distort that pool's price by flooding it with one-sided trades, the protocol's smart contract reads the wrong price and makes bad decisions.

A simplified example. A lending protocol uses the ETH/USDC price on a single Uniswap pool as its oracle. The attacker borrows $200 million in a flash loan, dumps it into that pool to crash the apparent price of ETH, then borrows ETH from the lending protocol at the artificially low price. The Uniswap pool price normalizes after the transaction, but the attacker walks away with underpriced ETH and the lending protocol holds bad debt.

The entire attack happens in one transaction, and by the time the next block is confirmed 12 seconds later, it is already over.

The Biggest Flash Loan Exploits

The scale of these attacks has grown over time.

The Euler Finance attack in March 2023 stands out because it was the largest single flash loan exploit ever, and the stolen funds were eventually returned. The attacker negotiated with the Euler team through encrypted on-chain messages and returned approximately $240 million (more than the original amount due to price appreciation during negotiations). Euler later relaunched as v2 with 31 completed security audits.

Not every story ends that way, and most flash loan attackers route funds through mixers like Tornado Cash and disappear permanently.

How Protocols Defend Against Flash Loan Attacks

The DeFi ecosystem has developed several defense layers since the early attacks, and protocols launching in 2026 build these in from day one.

TWAP oracles. Instead of reading a single spot price from one DEX pool, protocols use Time-Weighted Average Prices that sample an asset's price at regular intervals over a longer window (typically 10-30 minutes). An attacker can manipulate a spot price for one block, but sustaining a distorted price across 30 minutes of samples becomes prohibitively expensive.

Multi-source price feeds. Chainlink and other oracle networks aggregate prices from dozens of sources, both on-chain and off-chain. A protocol checking Chainlink's feed alongside Uniswap and SushiSwap TWAPs simultaneously makes single-pool manipulation ineffective.

Circuit breakers. Smart contracts can automatically pause when they detect abnormal price movements, halting transactions for an asset if one oracle's price deviates from others by more than a set threshold (often 5%).

Well-audited protocols with modern oracle infrastructure are significantly harder to exploit than the early DeFi projects that fell to these attacks. But "harder" is not "impossible," and new attack vectors continue to emerge as DeFi grows more complex.

Are Flash Loans Legal?

Flash loans themselves are not illegal, and using one for arbitrage or collateral management is no different from using any other DeFi feature. They are financial tools built into open-source smart contracts that anyone can access.

The legal question gets complicated when flash loans are used to exploit vulnerabilities. In most jurisdictions, exploiting a software vulnerability to steal funds is a crime regardless of the tool used, but enforcement is the real challenge. Flash loan attacks happen on-chain, often through privacy tools, and the attackers are frequently anonymous. Law enforcement has had limited success recovering funds, with the Euler Finance case being a notable exception because the attacker chose to return the money voluntarily.

The OWASP Smart Contract Security project now lists flash loan attacks as a top 10 smart contract security risk, signaling that protocol-level defenses matter more than hoping for legal deterrence.

Why This Matters for DeFi Users

You do not need to execute flash loans yourself to be affected by them. If you provide liquidity to a DeFi protocol or supply collateral to a lending platform, flash loan risk is already part of your risk profile.

Before depositing into any DeFi protocol, check three things. Does it use multi-source oracles or a single on-chain price feed? Has it been audited by a reputable firm with flash loan vectors specifically tested? And does it have circuit breakers built into its smart contracts? Protocols with strong oracle infrastructure and active bug bounty programs are not immune to exploits, but they are far less likely to lose your funds than something that launched last week with one audit and a single-pool price feed.

Frequently Asked Questions

Can anyone take out a flash loan?

Yes, but it requires writing or interacting with smart contract code. You need the technical knowledge to build a transaction that borrows, executes your strategy, and repays within one block. Several no-code tools have simplified the process, but flash loans are still primarily used by developers and sophisticated traders.

What happens if you cannot repay a flash loan?

Nothing. The blockchain reverts the entire transaction as if it never occurred, and you lose only the gas fee you paid to submit it. The lender's funds are never at risk because the loan and repayment are atomic, meaning they either both execute or neither does.

How much does a flash loan cost?

Aave currently charges a 0.05% fee on all flash loans processed through its protocol. On a $10 million flash loan, that is $5,000 in protocol fees plus Ethereum gas costs, which typically run $50-$500 depending on network congestion and transaction complexity.

Are flash loan attacks getting worse?

Total dollar losses have grown alongside DeFi TVL, but the rate of successful attacks against top-tier protocols has declined as oracle defenses have improved. Most successful flash loan exploits in 2025 targeted smaller, newer protocols with weaker security rather than established platforms like Aave or Compound.

Bottom Line

Flash loans are the closest thing crypto has to a financial superpower, giving any developer with a good idea temporary access to millions in capital. They have made DeFi markets more efficient through arbitrage while creating self-service tools for debt management. But that same power has been weaponized to drain over $500 million from protocols that relied on single-source price oracles and skipped thorough audits.

The defense playbook in 2026 is well established. TWAP oracles, Chainlink price feeds, circuit breakers, and rigorous audit cycles have made the top lending protocols significantly harder to exploit. For DeFi users, the practical takeaway is straightforward and worth repeating. Check your protocol's oracle setup before depositing a single dollar. If it relies on a single pool for pricing, that is your risk, not the attacker's.

This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency trading involves substantial risk. Always conduct your own research before making trading decisions.