Hacker Attack Halves Flow, Rollback Plan Sparks Civil War in Ecosystem

marsbitPublished on 2025-12-29Last updated on 2025-12-29

Abstract

Flow, a Layer 1 blockchain built by Dapper Labs, suffered a major security breach last Saturday when a hacker exploited an execution layer vulnerability, transferring approximately $3.9 million in assets off-chain. The attack caused the price of FLOW to plummet by over 50%, dropping from $0.173 to $0.079, though it later partially recovered to around $0.107. Initially, the Flow Foundation proposed rolling back the network to a checkpoint before the attack occurred, which would have erased all transactions within a six-hour window. This decision was met with strong opposition from ecosystem partners, especially cross-chain bridges like deBridge and LayerZero, who warned that a rollback could cause asset duplication, inconsistencies, and significant losses for legitimate users. Facing community backlash and partner concerns, the foundation abandoned the rollback plan. Instead, it adopted an "Isolation Recovery Plan" developed in coordination with key partners. The new strategy involves no chain reorganization, preserves all legitimate user transactions, and temporarily restricts accounts that received illicitly minted tokens. The network will be restored in multiple stages, with full functionality expected within 24 to 48 hours. The incident has raised questions about network reliability and governance, shifting the crisis from a technical issue to a broader challenge of trust in Flow's decentralized integrity.

Author | Asher(@Asher_ 0210)

Last Saturday afternoon, a sudden hacker attack threw the Flow network into chaos. This Layer 1 network, built by the Dapper Labs team and tailored for the next generation of applications, games, and digital assets, watched helplessly as assets worth $3.9 million were transferred off-chain by exploiting an execution layer vulnerability. Following the attack, its token FLOW was halved in a short time, plummeting from $0.173 to $0.079, and has since rebounded slightly to around $0.107.

FLOW K-Line Chart

Below, Odaily Planet Daily breaks down this Flow theft incident, the official response, and why it has drawn strong skepticism from Flow's partners and community.

Flow Official Emergency Response: Isolate Network and Announce Rollback Plan

After the attack, the Flow Foundation quickly responded and confirmed the details of the incident. The attacker exploited an execution layer vulnerability to transfer approximately $3.9 million in assets; the incident did not affect users' existing balances, and user deposits remain safe. The relevant attack addresses have been marked, and money laundering paths are being continuously tracked. The Foundation has submitted asset freeze requests to Circle, Tether, and several major exchanges.

To clean up illegal on-chain transactions and fix the vulnerability, the Flow Foundation isolated the network and released a patched version of the mainnet, Mainnet 28. The Foundation's initial proposed solution was to roll back the network state to a checkpoint before the attack, specifically to Cadence block height 137363395, thereby deleting all transaction records generated within approximately 6 hours. All transactions, whether legitimate or not, would be erased together, and users would need to resubmit transactions after node restarts. The Foundation believed this plan was the safest path to restore network integrity, repeatedly emphasized that user funds would not be affected throughout the process, and promised to provide external updates on the incident's progress every two hours.

This rollback decision, seemingly decisive, quickly ignited an ecological firestorm—because the hacker's funds had already been bridged off-chain, the rollback would not affect the attacker but would only impact honest users and partners.

Cross-Chain Bridge Partners, Community Users Strongly Oppose, Rollback Plan Heavily Criticized

After the rollback plan was announced, cross-chain bridge partners within the Flow ecosystem and community users quickly faced collective skepticism. Alex Smirnov, co-founder of deBridge, a major cross-chain bridge partner of Flow, publicly criticized the decision on platform X as too hasty and made without any communication with key bridge partners beforehand. As a crucial asset channel for the Flow ecosystem, deBridge did not receive any advance notice regarding the rollback.

Smirnov pointed out that the potential damage from a rollback could far exceed that of the initial hacker attack itself. Since cross-chain assets are already circulated across multiple systems, a forced rollback would cause serious issues such as asset duplication and inconsistent custody states, ultimately harming the bridges, users, and counterparties who operated normally during the window. He disclosed that approximately $200,000 and $50,000 in deposits on deBridge fell within the rollback time window; once the rollback is executed, it could lead to funds disappearing on one side or the extreme scenario of assets being minted repeatedly.

Based on these risks, Smirnov called on Flow validators to suspend block production and validation until compensation plans, partner coordination mechanisms, and independent security team intervention plans are all clarified. Similar issues are not isolated cases. As the main cross-chain custodian for USDC on the Flow network, LayerZero also faces risks with approximately $220,000 and $180,000 in cross-chain transactions falling within the rollback window.

Beyond cross-chain bridge partners within the Flow ecosystem, users on platform X began to集中 express concerns about fund safety, developers questioned the network's reliability and governance mechanisms in extreme situations, investor sentiment turned cautious, and selling pressure intensified accordingly. Many voices pointed out that the rollback itself exposed the reality of centralized control on the chain, rapidly turning a technical accident into a crisis of trust.

Some community views further targeted the core principles of blockchain. Some argued that the rollback directly shook transaction finality and immutability, making Flow resemble an alliance chain subject to administrative intervention at critical moments. Others compared it to historical security incidents on other public chains, noting that similar situations are usually handled by isolating attacker addresses and freezing fund flows, rather than performing a global rollback of the entire network state.

Crypto KOL Wazz(@WazzCrypto) stated bluntly on platform X that Flow's rollback decision was one of the worst handling methods he had ever seen. In his view, the attacker had already transferred nearly $4 million in assets off-chain and would hardly be substantively affected by the rollback; the real cost would be borne by innocent users who used the network normally via cross-chain bridges.

Flow Official Changes Stance: Abandons Rollback, Adopts Isolated Recovery New Plan

Facing strong opposition from partners and the community, the Flow official ultimately decided to abandon the network rollback and shift to an "Isolated Recovery Plan." This plan was developed through direct consultation with cross-chain bridges, exchanges, and infrastructure partners. Key points include:

  • No rollback/reorganization, preserving all legitimate user activity;
  • No need for partners to replay transactions;
  • Over 99.9% of accounts unaffected, normal operation upon restart;
  • Temporary restriction of accounts receiving illegally minted tokens upon restart;

Additionally, the network will be restored in phases:

  • Phase 1: Cadence environment goes online, EVM temporarily restricted;
  • Phase 2: Cadence repair (approximately 24 to 48 hours);
  • Phase 3: EVM repair and restart;
  • Phase 4: Cross-chain bridges/exchanges resume operation, specific recovery time determined by operators based on actual conditions after confirming stability.

Furthermore, Dapper Labs, the team behind Flow, expressed support for this plan on platform X, stating it "preserves legitimate activity and provides a clear path to recovery."

This "abandon rollback" stance alleviated ecological tensions in the short term and avoided the systemic risk扩散 that a rollback might have triggered. As of now, the network is still in the phased coordination and recovery process, and officials state that user funds remain safe.

In the highly uncertain environment of the crypto market, this crisis may become a significant watershed in Flow's development path. Its long-term impact remains to be tested by time.

Related Questions

QWhat was the initial response from the Flow Foundation to the hack, and what plan did they propose?

AThe Flow Foundation quickly responded by isolating the network and proposing to roll back the network state to the checkpoint before the attack (Cadence block height 137363395), which would erase all transactions from the approximately 6-hour window.

QWhy did the cross-chain bridge partners and community strongly oppose the rollback plan?

AThey opposed it because the rollback would not affect the hacker, who had already bridged the funds off-chain, but would instead harm honest users and partners by causing issues like double-spending, asset duplication, and inconsistencies in cross-chain asset custody.

QWhat was the alternative solution Flow adopted after abandoning the rollback plan?

AFlow adopted an 'Isolation Recovery Plan' that involved no rollback, preserving all legitimate user activity, temporarily restricting accounts that received illegally minted tokens, and restarting the network in phases with coordination from bridges and exchanges.

QHow did the hack impact the price of the FLOW token?

AThe FLOW token price was halved, dropping from $0.173 to $0.079 shortly after the hack, though it later saw a small rebound to around $0.107.

QWhat major risk did deBridge highlight regarding the rollback window?

AdeBridge highlighted that about $200,000 in ETH and $50,000 in USDC on their bridge fell within the rollback window, and executing the rollback could cause those funds to vanish or be duplicated, leading to severe inconsistencies.

Related Reads

Zcash Bug Could Have Minted Unlimited ZEC Undetected

A critical vulnerability in Zcash's Orchard shielded pool, discovered by researcher Taylor Hornby on May 29, 2026, could have allowed an attacker to create an unlimited amount of undetectable counterfeit ZEC. The flaw, involving an under-constrained element in the Orchard circuit, existed from the pool's 2022 activation until an emergency fix was deployed by June 2, 2026. Hornby identified the bug using AI-assisted auditing tools and confirmed its exploitability in a test environment. Due to Orchard's privacy features, which hide transaction amounts and history, there is no cryptographic way to prove whether the vulnerability was exploited before the fix. While Shielded Labs assesses prior exploitation as unlikely, this uncertainty has sparked a debate on proving supply integrity in privacy-preserving systems. In response, Shielded Labs and other developers are exploring a network upgrade, potentially involving a new shielded pool and formal verification of the circuit rules to prevent future vulnerabilities and allow verification of the ZEC supply's integrity. ZEC's price fell nearly 45% following the disclosure.

bitcoinist8m ago

Zcash Bug Could Have Minted Unlimited ZEC Undetected

bitcoinist8m ago

Silicon Valley 'Startup Guru' Steve Hoffman: Web3 + AI Could Be a Trap

Silicon Valley investor and "Godfather of Startups" Steve Hoffman warns that combining Web3 with AI is likely a trap, not a promising venture. In an interview, Hoffman argues that while AI is a foundational technology touching all industries, Web3 adds complexity, friction, and regulatory risk without solving mainstream consumer or business needs. He advises founders to focus on deep, specialized applications where startups can out-iterate giants, rather than on generic features easily replicated by large tech companies. Hoffman observes that Silicon Valley will lead foundational AI research, while China excels at rapid, large-scale application and commercialization, particularly in robotics. He stresses that AI-driven autonomous agents capable of collaborative, multi-step tasks are 2-4 years away, which will cause significant job displacement. The solution is not to slow AI but to redesign business models around human-AI collaboration and reform social systems like education and retraining. For startups, Hoffman recommends focusing on vertical, expertise-heavy domains to build defensibility. He sees major opportunities in AI fraud detection and cybersecurity. Key founder mindsets include systemic thinking over feature-focus, relentless customer centricity, building adaptive teams, and deeply understanding AI's capabilities and limits. Hoffman is also leading a non-profit initiative to establish university centers aimed at training future leaders in responsible, human-value-aligned AI innovation.

marsbit1h ago

Silicon Valley 'Startup Guru' Steve Hoffman: Web3 + AI Could Be a Trap

marsbit1h ago

Token Inefficient, Economy Tokenless

The article "Tokens Aren't Economical, Economics Aren't Tokenized" analyzes a pivotal shift in the AI industry from a technology-driven narrative to one dominated by capital efficiency. It highlights two concurrent trends: a severe capital shortage due to the exorbitant and recurring costs of compute (e.g., OpenAI's high burn rate) and a wave of corporate spin-offs where major tech companies are separating their AI units (like Kuaishou's Kling and Baidu's Kunlunxin). The core argument is that AI's "anti-internet" business model, where user growth increases costs rather than profits, has created a disconnect between high valuations and actual cash flow. Spin-offs address this by allowing AI assets to be valued independently. Within a parent company, they are seen as cost centers, but as standalone entities, they are priced based on their growth potential and scarcity in the primary market, leading to massive valuation premiums (e.g., Kling's estimated value tripling post-spin-off). The industry is at an inflection point, moving from "model worship" to "value realization." The competition is evolving from a pure compute (GPU) race to a broader focus on systemic efficiency and full-stack engineering (involving CPUs and orchestration) to achieve viable commercialization. The year 2026 is framed as a critical moment where the industry must definitively answer how to economically translate AI capability into tangible business value, reshaping the sector's future power structure.

marsbit1h ago

Token Inefficient, Economy Tokenless

marsbit1h ago

Crossing the 'Memory Wall': The Wafer-Level Revolution and Computing Power Routes in the AI Inference Era

In 2026, a historic shift occurred in AI as major cloud providers' inference spending surpassed training spending for the first time, signaling a move from "building large models" to "using large models." This shifts the core challenge from computing power to the "memory wall"—the bottleneck of data movement (model weights, activations, KV Cache) between external DRAM and processors, where energy and latency from data transfer far exceed computation itself. Companies like Nvidia face GPU idle time due to bandwidth limits. In contrast, Cerebras Systems adopts a radical "wafer-scale" approach with its Wafer-Scale Engine (WSE). Instead of cutting a silicon wafer into many chips, Cerebras uses almost the entire wafer as one massive chip (WSE-3). This design provides 44GB of on-chip SRAM, delivering memory bandwidth thousands of times higher than traditional HBM (e.g., 21 PB/s vs. Nvidia B200). For LLM inference, weights are streamed layer-by-layer from external MemoryX storage to the chip, avoiding HBM bottlenecks. This results in token generation speeds 1.5–5 times faster than Nvidia's B200 in some models and significant advantages in first-token latency and long-context tasks. Additionally, Cerebras's architecture offers much lower interconnect power consumption (0.15 pJ/bit vs. GPU's ~10 pJ/bit). However, Cerebras faces challenges: SRAM scaling has slowed with advanced nodes, limiting future capacity gains; the chip requires specialized liquid cooling and custom software stacks; and its external I/O bandwidth (150 GB/s) is low compared to NVLink, hindering multi-system scaling for very large models. Competition is intensifying. Major players are pursuing three paths: 1) Developing proprietary inference ASICs (e.g., Google TPU, Microsoft Maia), 2) Leveraging advanced packaging (e.g., TSMC's SoW) to democratize wafer-scale-like integration, potentially eroding Cerebras's process advantage within a few years, and 3) Exploring optical interconnects for ultimate bandwidth. Commercially, Cerebras is transitioning from a hardware vendor to a service provider, facing the immense challenge of building high-power, specialized data centers to meet large contracts (e.g., 250MW/year from 2026–2028). In conclusion, the AI inference era presents a fundamental architectural trade-off. Cerebras opts for extreme physical optimization for low-latency, single-task performance, while Nvidia prioritizes versatility and massive cluster throughput. The path forward remains uncertain, with technology and business models still evolving in the race toward advanced AI.

marsbit1h ago

Crossing the 'Memory Wall': The Wafer-Level Revolution and Computing Power Routes in the AI Inference Era

marsbit1h ago

Has Bitcoin's 'Rebound Ended', Officially Entering the Late Bear Market Phase?

**Title: Has Bitcoin's Rebound Ended, Entering the Late Bear Market Phase?** **Summary:** Bitcoin's price has declined by 13% this week, signaling a potential return to late-stage bear market conditions. The price fell to around $67k, positioned between the Realized Price and Realized Cap Weighted Average. For the first time since early 2022, the Short-Term Holder cost basis has dropped below this key average, confirming a hallmark of late-cycle bear markets. Profitability metrics have collapsed sharply. The 7-day average of the Realized Profit/Loss ratio plummeted from a local high of 3.16 to 0.29, mirroring the February panic sell-off. Critically, the 90-day average never breached the threshold of 2, indicating the recent rally to $82k was a bear market bounce, not a structural shift. Realized losses surged to $1.35 billion daily, with $770 million coming from Long-Term Holders selling at a loss. This accelerating redistribution of supply from weak to strong hands is a necessary but ongoing process for a market bottom. The rally stalled almost precisely at the aggregate cost basis (~$83k) of US spot Bitcoin ETF investors, turning that level into strong resistance and leaving the average ETF holder underwater again. Spot market flows have turned decisively negative, showing sellers are dominating order books despite the price drop. While a significant futures long liquidation event cleared over $400 million in leverage, providing a potential reset, sustained spot demand is yet to materialize. Options markets continue to price in higher future volatility (Implied Volatility) than recent price action (Realized Volatility) has shown, with a persistent skew towards put options, indicating ongoing demand for downside protection. In conclusion, multiple metrics point to a fragile market structure. Resistance at the ETF cost basis, accelerating realized losses, dominant spot selling, and cautious options pricing all suggest the bear market trend persists. A sustainable recovery likely requires a resurgence of spot demand, ETF holders returning to profit, and a clear reduction in selling pressure.

marsbit1h ago

Has Bitcoin's 'Rebound Ended', Officially Entering the Late Bear Market Phase?

marsbit1h ago

Trading

Spot
Futures

Hot Articles

How to Buy FLOW

Welcome to HTX.com! We've made purchasing Flow (FLOW) simple and convenient. Follow our step-by-step guide to embark on your crypto journey.Step 1: Create Your HTX AccountUse your email or phone number to sign up for a free account on HTX. Experience a hassle-free registration journey and unlock all features.Get My AccountStep 2: Go to Buy Crypto and Choose Your Payment MethodCredit/Debit Card: Use your Visa or Mastercard to buy Flow (FLOW) instantly.Balance: Use funds from your HTX account balance to trade seamlessly.Third Parties: We've added popular payment methods such as Google Pay and Apple Pay to enhance convenience.P2P: Trade directly with other users on HTX.Over-the-Counter (OTC): We offer tailor-made services and competitive exchange rates for traders.Step 3: Store Your Flow (FLOW)After purchasing your Flow (FLOW), store it in your HTX account. Alternatively, you can send it elsewhere via blockchain transfer or use it to trade other cryptocurrencies.Step 4: Trade Flow (FLOW)Easily trade Flow (FLOW) on HTX's spot market. Simply access your account, select your trading pair, execute your trades, and monitor in real-time. We offer a user-friendly experience for both beginners and seasoned traders.

3.2k Total ViewsPublished 2024.03.29Updated 2026.06.02

How to Buy FLOW

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of FLOW (FLOW) are presented below.

活动图片

Top Questions