Layer 1 network Flow has halted plans to rollback its blockchain following a $3.9 million exploit, reversing course following backlash from ecosystem partners who warned that rewriting the chain’s history would undermine decentralization and create operational risks.
Instead, the network issued a statement on Dec. 29 announcing that it would restart from the last sealed block before transactions were halted on Dec. 27 and preserve all legitimate transaction history, in accordance with the recovery plan it shared with its partners. The revised approach avoids chain restructuring and instead targets illicit assets through account restrictions and token destruction.
According to CoinGecko data, the exploit and the initial rollback proposal had a significant impact on the FLOW token, which has fallen by around 42% since the incident.
what happened
Over the weekend, Flow acknowledged the attack on X and said that while it exploited a vulnerability in its execution layer, existing user balances were not compromised and all legitimate deposits remained intact.
In order to recover the funds and undo the abuse, Flow originally proposed a rollback proposal via X on December 27th. Under the rollback recovery framework, accounts that received fraudulent tokens will be temporarily restricted while their assets are withdrawn and burned, and affected decentralized exchange pools will be rebalanced using tokens held by the Foundation.
Rolling back transactions on a blockchain has long been discussed in the community as a potential way to return the network to the state it was in before a certain event (in this case, an attack) occurred. Rollback effectively erases malicious transactions and restores lost funds. The idea is to help hacked networks, but this raises questions about decentralization, which is the basis of crypto networks. No centralized organization can change the blockchain network, ensuring that the blockchain network is immutable and cannot be manipulated. However, if a rollback occurs, it effectively means that a centrally managed entity can change the way the network operates.
Unsurprisingly, the Flow episode renewed this discussion about how networks are decentralized in times of crisis, as foundations and verifiers weigh intervention versus immutability. Flow drew sharp criticism from developers and infrastructure providers, who warned that it could force bridges and exchanges to adjust for days and create a risk of replays.
For example, Alex Smirnov, co-founder of deBridge, one of Flow’s main bridge providers, told X that his company “received no communication or coordination” from Flow before the rollback plan emerged. He warned that the rollback could result in unresolved liability for users who bridged in or bridged out assets during the affected period.
“I like their new plan.”
Following the backlash, Flow announced that it had revised its original plans in response to feedback received from the community.
The new plan still relies on special governance measures, including temporary software upgrades that grant network service account privileges that don’t exist during normal operations. The verifier must approve the changes, and Flow says their permissions will be revoked once the fixes are complete.
Some industry participants praised the decision not to implement the rollback plan.
Blockchain analyst Matthew Jessup said Flow’s new recovery plan is sound and, unlike the original rollback plan, has no impact on decentralization. “We like their new plan. Compliance and approvals rely on validators. Keeping the EVM chain read-only is a good decision as it gives the team time to fix exploits.”
However, experts have cast doubt on this possibility, and it remains unclear whether the $3.9 million taken in the exploit will be recovered.
Grant Blaisdell, co-founder of blockchain analytics firm CoinFarm and CEO and co-founder of Copernic Space, told CoinDesk that recovery of hacked funds largely depends on where they end up. “Whether the funds flowed to a centralized exchange, how quickly the incident was reported, and the exchange’s willingness to cooperate all play a role,” he said. “Once funds are offboarded, recovery is a complex legal process spanning multiple jurisdictions.”
Jessup also noted that the attackers primarily moved assets out of the network through bridges in the Ethereum network before the hackers moved them into the Bitcoin network, making it questionable whether the assets could be recovered. This was confirmed in an X post by Arkham partner B-Block.
Read more: Arthur Hayes floats idea of rolling back Ethereum network to nullify $1.4 billion Bybit hack, drawing community outrage
