
The layer-1 network, Flow, abandoned its plans to reverse its blockchain after a $3.9 million exploit, changing its stance following feedback from ecosystem partners who cautioned that altering the chain’s history would compromise decentralization and introduce operational risks.
Instead, the network issued a statement on Dec. 29 indicating it will resume from the last sealed block prior to transaction halts on Dec. 27, maintaining all legitimate transaction history, as outlined in a recovery plan shared with partners. This revised strategy avoids a chain reorganization and instead focuses on curbing fraudulent assets through account restrictions and the destruction of tokens.
The exploit and the initial rollback suggestion had a significant negative impact on the FLOW token, which has dropped around 42% since the incident, according to data from CoinGecko shows.
What occurred
Over the weekend, Flow confirmed the attack on X, explaining that it exploited a vulnerability in its execution layer while ensuring that current user balances were not affected, with all legitimate deposits remaining safe.
To reclaim the funds and counter the exploit, Flow initially proposed the rollback plan on X on Dec. 27. The rollback recovery framework would temporarily restrict accounts that received fraudulent tokens while allowing for those assets to be withdrawn and burned, and it would rebalance affected decentralized exchange pools using tokens held by the foundation.
Rolling back transactions on a blockchain has sparked prior debates within the community as a method to revert a network to a condition before a specific incident, in this situation, the attack. The rollback would erase harmful transactions and restore lost funds. However, this raises fundamental questions about cryptographic networks: decentralization. No central authority can modify the blockchain network, ensuring its immutability and protection against manipulation. If a rollback were to happen, it would suggest that a centralized body could modify how the network functions.
The Flow incident has reignited discussions about the network’s decentralization in crisis scenarios, as foundations and validators weigh emergency interventions against immutability. In Flow’s case, there was sharp criticism from developers and infrastructure providers, warning that it could lead to days of reconciliation work for bridges and exchanges and introduce replay risks.
For instance, Alex Smirnov, the co-founder of deBridge, a major bridge provider for Flow, stated on X that his company received “zero communication or coordination” from Flow before the rollback proposal was made public. He cautioned that a rollback could have resulted in unresolved liabilities for users who bridged assets during the affected timeframe.
‘I appreciate their new strategy’
After the backlash, Flow announced it had modified its initial approach in light of community feedback.
The new strategy still depends on exceptional governance measures, including a temporary software upgrade that grants the network’s service account powers not typically available during normal operations. Validators will need to approve this change, and Flow asserts that permissions will be rescinded once the remediation is completed.
The choice to abandon the rollback plan was welcomed by some industry experts.
Blockchain analyst Matthew Jessup remarked that Flow’s new recovery strategy is robust and, unlike the original rollback plan, does not pose decentralization concerns. “I appreciate their new strategy. It requires validators to comply and approve. Keeping the EVM chain read-only is a wise choice as it allows the team time to address the exploits.”
Nevertheless, it remains uncertain if the $3.9 million lost in the exploit can be retrieved, as experts are skeptical about this possibility.
Recovering hacked funds heavily depends on their final destination, Grant Blaisdell, co-founder of blockchain analytics firm Coinfirm and CEO and co-founder of Copernic Space, told CoinDesk. “Factors such as whether the funds ended up on a centralized exchange, how promptly the incident was reported, and the exchange’s willingness to cooperate all play crucial roles,” he noted. “Once the funds are off-boarded, recovery transforms into a complex legal process spanning multiple jurisdictions.”
Jessup also expressed doubts about the recovery of the assets, mentioning that the hacker has transferred them into the Bitcoin network, after which the attackers largely moved assets off-network through bridges in the Ethereum network. This was confirmed in a post on X by B-Block, a partner of Arkham.
Read more: Arthur Hayes Presents the Idea of Rolling Back the Ethereum Network to Counteract the $1.4B Bybit Hack, Provoking Community Outrage
