From Flash Loans to Intra-Block Loans

The Next Evolution of DeFi Capital Access

Nir Magenheim, CEO Eureka Labs

Understanding the Architecture Shift

Flash Loans (Current Standard)

Transaction-Level Atomicity

Borrow and repay within a single atomic transaction Execution scope limited by transaction boundaries

Available through established protocols: Aave, Balancer, Uniswap Capital exists only during function call stack

Intra-Block Loans

(Q2 2026 Ethereum Mainnet)

Block-Level Atomicity

Borrow and repay across multiple transactions in the same block Enabled by sophisticated block builder guarantees

Supports complex multi-step execution: DEX routing, cascading liquidations, governance participation

Capital persists for ~12 seconds of block time

New Attack Vectors:

When Capital Lives for 12 Seconds

A few examples of new attack vectors

Oracle Manipulation Amplified

Attack Pattern: Borrow substantial capital ³ execute price manipulation across DEXs ³ trigger oracle update mid-block ³ force liquidations at distorted prices ³ repay loan before block finalizes

Critical Vulnerability: Dependency on mid-block price updates

DAO Governance Hijacking

Attack Pattern: Acquire massive voting power via intra-block loan

³ stake tokens immediately before snapshot ³ influence critical governance proposal ³ unstake and repay within same block

Critical Vulnerability: Protocols that rely on block.timestamp or

block.number for governance or reward snapshots.

How Auditors can stay ahead

Think Beyond Transactions

model behavior at the block level, not tx level.

​

The next wave of DeFi exploits won9t start in your smart contract 4 they9ll start in the block builder9s mempool