Blockchain Security Firm Quantstamp Hopes to Battle Flash Loan Attacks With New Service
Blockchain security platform Quantstamp is hoping to quell the increasing threats of flash loan attacks with a new service that claims to catch exploits before they go off, the company told CoinDesk.
The Economic Exploit Analysis service detects common attack pathways used by exploiters through automated tooling before protocols get hacked. The service has been released in collaboration with researchers from the University of Toronto.
In the first half of 2023 alone, an estimated $207 million worth of tokens were stolen through flash loan attacks.
A flash loan is an uncollateralized loan provided by a smart contract that can be taken out for as short as a single transaction. In these attacks, hackers leverage flash loans to borrow substantial funds and manipulate DeFi protocols into unexpected states that developers may not have anticipated.
Flash loan attacks can drain the entire total value locked (TVL) of a DeFi protocol, and their complicated nature combined with DeFi’s composability means these attacks often evade conventional audits.
“DeFi has the potential to change the global financial infrastructure for the better, but its success requires preempting threats like flash loan attacks. We developed this tool to provide DeFi protocols an extra layer of security on top of audits,” said Martin Derka, head of new initiatives at Quantstamp, in a note to CoinDesk. “As DeFi evolves, security measures need to evolve with it. Services like Economic Exploit Analysis give us an edge against hackers.”
The Quantstamp service is available for both deployed and undeployed protocols. However, while the search process of the tool is automated, some manual guidance and protocol-specific adaptations are required.
Edited by Parikshit Mishra.