Flow revises response to $3,9 million exploit following criticism.

• Exploit in Flow hits execution layer.
• Global rollback generates criticism within the ecosystem.
• Revised plan isolates fraudulent tokens.

The Flow blockchain faced strong backlash from partners and ecosystem operators after a $3,9 million exploit hit its execution layer, prompting an initial proposal to roll back transactions. In response to the criticism, the foundation responsible for the network decided to revise its remediation strategy to reduce the impact on users and connected infrastructure.

The incident occurred on December 27th, when an attacker exploited a vulnerability in Flow's execution layer and diverted approximately $3,9 million in assets through multiple cross-chain bridges. Following the identification of the problem, validators shut down the network, while the Flow Foundation and forensic firm FindLabs stated that existing user balances were not accessed. Simultaneously, asset freeze orders were sent to major exchanges and stablecoin issuers.

Investigators were able to identify the Ethereum wallet associated with the attacker and trace money laundering attempts using protocols such as Thorchain and Chainflip. As an initial response, Flow developers suggested a rollback to a checkpoint prior to the attack, which would erase hours of transactions and require users and infrastructure providers to resubmit operations.

The proposal generated immediate concern among bridge operators. Alex Smirnov, founder of the bridge platform deBridge, warned that the rollback could create duplicate balances for some users, while others could suffer losses without a clear compensation mechanism. He also raised questions about how custodians and issuers would handle affected transfers during the rollback period.

On-chain data showed that the network remained stagnant at a fixed block height for an extended period. In the market, the FLOW token registered a drop after the announcement of the exploit and the proposed rollback, while some centralized exchanges temporarily suspended deposits and withdrawals. The total value locked in Flow also declined, before showing a partial recovery in the following 24 hours.

Legal experts in the sector warned that a broad rollback could transfer losses to bridges and issuers, resulting in unsecured assets. In light of this scenario, the Flow Foundation announced a revised plan on December 29th, developed in conjunction with bridge operators, exchanges, and validators.

The new approach abandons global reversal and focuses instead on identifying and destroying fraudulently minted tokens, preserving legitimate user activity. Dapper Labs, the creator of Flow, reported that it has reviewed and supports the updated plan, emphasizing that none of its users' balances were affected.

According to the foundation, the network will be restarted in phases, with temporary restrictions only for accounts flagged by forensic analysis. Validators approved a software update that allows for targeted fixes, and Flow is back online initially in read-only mode, with a gradual resumption of normal operations.