Flow sought blockchain ‘rollback’ after $3.9 million hack. Then came the community backlash

The layer-1 network, Flow, scrapped plans to roll back its blockchain following a $3.9 million exploit, reversing course after pushback from ecosystem partners who warned that rewriting chain history would undermine decentralization and create operational risks.

Instead, the network released a statement on Dec. 29 saying it will restart from the last sealed block before transactions were halted on Dec. 27, preserving all legitimate transaction history, according to a recovery plan shared with partners. The revised approach avoids a chain reorganization and instead targets fraudulent assets through account restrictions and token destruction.

The exploit and initial rollback proposal weighed heavily on the FLOW token, which is down roughly 42% since the incident, CoinGecko data shows.

What happened

During the weekend, Flow confirmed the attack on X, stating that it exploited a vulnerability in its execution layer but did not compromise existing user balances, noting that all legitimate deposits remain intact.

To claw back the funds and reverse the exploit, Flow initially suggested the rollback proposal via X on Dec. 27. Under the rollback recovery framework, accounts that received fraudulent tokens will be temporarily restricted while those assets are withdrawn and burned, and affected decentralized exchange pools will be rebalanced using foundation-held tokens.

Rolling back transactions on a blockchain has been debated previously by the community as a potential way to revert a network to a state prior to a specific event, in this case, the attack. The rollback would effectively erase the malicious transactions and restore lost funds. While the idea is to help a hacked network, this raises questions about the fundamentals of cryptographic networks: decentralization. No centralized entity can alter the blockchain network, ensuring that it remains immutable and free from manipulation. However, if a rollback occurs, it effectively means that a centralized entity will be able to alter how the network operates.

The Flow episode, unsurprisingly, renewed this debate over how decentralized the network is during crisis situations, as foundations and validators weigh intervention against immutability. In the case of Flow, sharp criticism came from developers and infrastructure providers, who cautioned that it could force days of reconciliation work for bridges and exchanges and introduce replay risks.

For example, Alex Smirnov, co-founder of deBridge, one of Flow’s major bridge providers, said on X that his company received “zero communication or coordination” from Flow before the rollback plan was floated. He warned that a rollback could have created unresolved liabilities for users who bridged assets in or out during the affected window.

‘I like their new plan’

Following the backlash, Flow said it has revised its initial plan in response to feedback received from the community.

The new plan still relies on extraordinary governance measures, including a temporary software upgrade granting the network’s service account powers that do not exist under normal operation. Validators must approve the change, and Flow says the permissions will be revoked once remediation is complete.

The decision not to go through with the rollback plan was applauded by some industry observers.

Blockchain analyst Matthew Jessup said Flow’s new recovery plan is sound and, unlike the original rollback one, has no decentralization implications. “I like their new plan. It relies on validators to comply and approve. Keeping the EVM chain read-only is a good decision as it gives the team time to fix the exploits.”

However, it remains unclear whether the $3.9 million taken in the exploit can be recovered, as experts have cast doubt on this possibility.

Recovering hacked funds largely depends on where they end up, Grant Blaisdell, co-founder of blockchain analytics firm Coinfirm and CEO and co-founder of Copernic Space told CoinDesk. “Whether the funds landed on a centralized exchange, how quickly the incident was reported, and the exchange’s willingness to cooperate all play a role,” he said. “Once funds are off-boarded, recovery becomes a complex legal process across multiple jurisdictions.”

Jessup also said he doubts they can recover the assets, noting that the hacker has moved them into the Bitcoin network, after the attackers mostly transferred assets off-network through bridges in the Ethereum network. This was confirmed in an X post by B-Block, an Arkham partner.

Read more: Arthur Hayes Floats the Idea of Rolling Back Ethereum Network to Negate $1.4B Bybit Hack, Drawing Community Ire