Given all of the discussion over the past year regarding the promotion of manual active voting, this case study may serve as a reason to protect the passive vote - the security of the NNS.
That is a crazy story. What I don’t understand is how the hacker was able to secure $1 billion in flash loans from Aave. Don’t you need to put down a lot of collateral for taking loans on a DeFi platform?
My naive understanding is that all of this apparently happens in the midst of a single smart contract where repayment is assured at the end of the contract. I would imagine the smart contract is engineered in such a way that funds cannot fall below a particular threshold within the state of the contract’s execution. If it’s not bulletproof…a billion is a helluva lot of risk to be taking on.
From https://www.coindesk.com/learn/2021/02/17/what-is-a-flash-loan/
- Unsecured loan : Often lenders require borrowers to put up collateral to ensure that if the borrower can’t pay back the loan the lender is still able to get their money back. But in an unsecured loan, no collateral is required. This lack of collateral doesn’t mean the flash loan lender will not get its money back. It’s just sent back in a different way. Instead of offering collateral, the borrower needs to pay back the money right away, which brings us to our next point.
- Instant : Usually, obtaining and fulfilling a loan is a long process. If a borrower gets approved for a loan, he or she typically has to pay it back steadily over a period of months or years. A flash loan, however, is instantaneous. The smart contract for the loan must be fulfilled in the same transaction that it is lent out. This means the borrower has to call on other smart contracts to perform instant trades with the loaned capital before the transaction ends, which is usually a few seconds.