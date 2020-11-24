2020 has definitely been the year of the Ethereum (ETH) network-based decentralized finance (DeFi) world and projects. Chainlink, Yearn Finance, Compound, Aave and many other projects have made their mark on the market with the increases experienced. However, the “flash loan” attacks, which have recently increased, attracted the attention of Chainlink CEO. Sergey Nazarov shared with his followers what should change in this regard.

LINK CEO commented on DeFi attacks

The flash loan, which we heard about with two different attacks in a few days in the past week, is not exactly an attack. This method can be defined as the fact that malicious people use different DeFi projects and gain significant gains by exploiting the systemic vulnerability in them. Value DeFi, Harvest Finance, Origin Dollar and Cheese Bank are known as protocols exposed to flashloan attacks only this month.

Nazarov stated that the most troublesome feature of DeFi applications is the price tracking mechanisms. In fact, LINK comes into play at this point and provides oracle services to projects, ensuring that the correct price data are always transferred. Many decentralized finance applications make use of multiple decentralized cryptocurrency exchanges (DEX) for their smart contracts.

Nazarov argues that the main point of these flash loan attacks is that they are made to protocols that receive price information from a single location. So projects put security in the background for the sake of convenience and speed of development. An attacker takes the first steps of the flash loan attack, causing manipulation in the price mechanism of the heavy funds in his possession.

The weakness of DeFi platforms is that they focus on a single point.

Nazarov points out that all it takes to execute flash loan attacks is to manipulate a DEX’s commandboard. This does not require any technical knowledge or coding skills. Having a good command of the DeFi sector and having a large fund stand out as two necessary conditions for the flash loan.

Nazarov notes that even projects with price data, not one but up to five cryptocurrency exchanges, are vulnerable to these attacks. According to the famous CEO, this only makes things a little more complicated and a little more funded.

So is there a solution to this?

Although there is no clear solution to this, according to Nazarov, things can be made much more difficult for attackers. For this, DeFi platforms need to expand the platforms from which price data is obtained and their scope much more. This will require manipulation of the actual price of an asset, rather than the price of several decentralized exchanges. It is unlikely that attackers will attempt this, as this will require huge amounts of funds.

So although there is no clear solution to flash loan attacks, it is possible to make them more difficult for attackers. Perhaps the DeFi industry can increase its security, with each protocol being more careful.



