TL;DR
A flash loan is an uncollateralized loan that must be borrowed and repaid within a single transaction — if the borrower can’t repay, the entire transaction reverts as if it never happened.
In a single atomic transaction, you: (1) borrow millions from a lending pool, (2) use the funds for some operation, (3) repay the loan plus a small fee. If step 3 fails, the entire transaction reverts — including the borrow. This means there’s zero risk for the lender (they either get repaid or the loan never happened) and zero collateral needed from the borrower. You only need to pay the gas/transaction fee.
Arbitrage: borrow large amounts to capture price differences across DEXs. Collateral swaps: swap your lending collateral from one asset to another in one transaction. Liquidation: borrow to liquidate underwater positions and capture the liquidation bonus. Self-liquidation: repay your own debt and withdraw collateral in one transaction. Flash loans democratize strategies that previously required large capital.
Flash loans have been used to exploit DeFi protocols — an attacker borrows millions, manipulates a price oracle or vulnerable protocol, extracts profit, and repays the loan in one transaction. These attacks have caused hundreds of millions in losses across DeFi. As a user, flash loan risk means: favor protocols that use robust oracles (Pyth, Chainlink) over those using on-chain price calculations that can be manipulated within a transaction.