Auto-sync: 2026-04-21 17:12

wiki/concepts/Flash-Loan-Attack.md

@@ -1,38 +0,0 @@
----
-title: "Flash Loan Attack"
-type: concept
-tags: [smart-contract, vulnerability, defi, security]
-sources: [blockchain-security-auditor]
-last_updated: 2026-04-20
----
-
-## Definition
-闪电贷攻击（Flash Loan Attack）是 DeFi 特有的攻击向量，利用闪电贷在单笔交易内借用大量资产、操纵市场状态并获取利润的攻击方式。
-
-## Characteristics
-- **无抵押**：利用区块内临时资金
-- **原子性**：所有操作在单笔交易内完成
-- **大规模**：可借用数百万甚至数亿资产
-- **瞬时性**：交易结束后状态回滚（除非成功）
-
-## Common Targets
-- 借贷协议的抵押品 valuation
-- AMM 流动性池价格
-- 跨协议收益聚合器
-- 治理系统（Flash Loan Voting）
-
-## Attack Patterns
-1. **预言机操纵**：借用资产操纵价格后套利
-2. **重入攻击**：借用资产触发重入漏洞
-3. **治理攻击**：借用代币操纵投票
-
-## Notable Examples
-- Euler Finance ($197M, 2023)：donate-to-reserves 操纵
-- Balancer ($2M, 2021)：嵌套 Flash Loan
-- Cream Finance ($130M, 2021)：Flash Loan + 重入
-
-## Connections
-- [[DeFi Attack Vector]] ← is_type_of ← [[Flash Loan Attack]]
-- [[Oracle Manipulation]] ← often_combines_with ← [[Flash Loan Attack]]
-- [[Reentrancy]] ← can_combine_with ← [[Flash Loan Attack]]
-