Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Flow’s initiative to reverse a portion of its blockchain history following a $3.9 million exploit has sparked significant backlash from ecosystem collaborators. This action has reignited an ongoing discussion regarding immutability and crisis management within cryptocurrency networks.
The issue arose when an attacker took advantage of a flaw in Flow’s execution layer on December 27, extracting approximately $3.9 million in assets from the network via several cross-chain bridges before validators paused the chain.
The Flow Foundation, along with forensic partner FindLabs, later verified that existing user balances were not compromised and stated that the exploit was swiftly contained, with exit strategies outlined and freeze requests dispatched to major exchanges and stablecoin issuers.
FLOW NETWORK INCIDENT: Forensic Fund Tracking Report
FindLabs is releasing the following analysis in partnership with the
Flow Foundation’s security and engineering teams, who conducted the
primary forensic investigation.
• INCIDENT CONFIRMATION
On December 27, 2025, an…— Find Labs (@findlabs) December 27, 2025
The attacker’s Ethereum wallet was traced, and investigators reported that laundering attempts via Thorchain and Chainflip were being monitored in real time.
Shortly after the halt, Flow core developers suggested a rollback to a checkpoint prior to the exploit, a decision that would eliminate all transactions made during a several-hour period and necessitate that users and infrastructure providers resubmit their activities.
Flow Partners Question Rollback as Network Activity Freezes
The Foundation characterized the rollback as a means to eliminate unauthorized minting and restore the ledger to an untainted state. However, this proposal immediately raised concerns among key partners who indicated they had not been consulted.
Alex Smirnov, founder of cross-chain bridge deBridge, one of Flow’s primary bridge providers, stated he became aware of the rollback decision only after it was publicly announced.
I woke up to the news about Flow’s decision to roll back the chain.
Despite Flow asserting that they are “in a mandatory synchronization window with critical ecosystem partners (bridges, CEXs, DEXs),” I can confirm that 𝐝𝐞𝐁𝐫𝐢𝐝𝐠𝐞 — 𝐨𝐧𝐞 𝐨𝐟 𝐭𝐡𝐞 𝐦𝐚𝐣𝐨𝐫 𝐛𝐫𝐢𝐝𝐠𝐞… https://t.co/oVTPbKDMcl— deAlex (@AlexSmirnov) December 28, 2025
Smirnov cautioned that reverting the chain could result in duplicated balances for users who bridged assets out during the rollback period, while others who bridged in might incur losses without a clear reimbursement strategy.
He urged Flow validators to suspend transaction validation until the Foundation clarified how these exceptional cases would be addressed and how custodians like LayerZero, the main USDC custodian on Flow, were expected to manage affected transfers.
Data from Flowscan indicated that the network remained stalled at a fixed block height for an extended duration, even as the Foundation claimed a restart was anticipated within hours.
Source: flowscan
Related Posts
The uncertainty reverberated through the market as the FLOW token plummeted over 40% following the exploit and rollback announcement, prompting some centralized exchanges to temporarily halt transactions.
Source: DefiLlama
Data from DefiLlama revealed that Flow’s total value locked fell from $107 million to $73.8 million after the incident, before recovering to approximately $97.2 million, marking a 31% rebound within 24 hours.
Rollback Debate Ends as Flow Adopts Narrow Recovery Plan
Delphi Labs general counsel Gabriel Shapiro remarked that the approach risked transferring losses onto bridges and issuers by effectively generating unbacked assets, while Smirnov contended that the financial repercussions of a rollback could surpass those of the initial exploit.
Chain rollbacks are infrequent and contentious in the crypto space because they reverse confirmed transactions and raise concerns about decentralization and trust.
Under increasing pressure, the Flow Foundation altered its strategy. On December 29, it unveiled a revised remediation plan developed in collaboration with bridge operators, exchanges, and validators.
The new strategy abandoned a global rollback and instead concentrated on isolating and eliminating fraudulently minted tokens while maintaining legitimate user activity.
Dapper Labs, the entity behind Flow, stated it reviewed and endorsed the revised plan.
Following this update from Flow, we want to clarify that no Dapper Labs user balances or assets are affected, including the Dapper Labs treasury.
Dapper Platforms will resume operations when the Flow network returns to normal, which is currently expected to occur in ~6… https://t.co/NPx6vtSqFw— Dapper Labs (@dapperlabs) December 27, 2025
According to the new plan, the network would restart in phases, temporarily restricting accounts identified through independent forensic analysis as recipients of illicit tokens.
Validators subsequently approved a software upgrade that enabled this targeted remediation, and the network came back online in a read-only testing mode ahead of a phased restoration.
The Foundation indicated that over 99.9% of accounts would remain unaffected, with ongoing updates promised as normal operations gradually resume.
The post Flow Blockchain Plans Controversial Rollback to Undo $3.9M Hack — Partners “Blindsided” appeared first on Cryptonews.
