The Flow blockchain is set to resume operations following a key decision by its validators to revert the network’s transaction ledger to a state before a major security breach late Friday, which resulted in the theft of approximately $3.9 million. However, this move to unwind the chain without prior consultation with essential collaborators has understandably sparked significant criticism from operators of cross-chain bridges, highlighting concerns over potential disruptions and unfair impacts on some of legit blockchain network users.
Alex Smirnov, co-founder of deBridge—a bridge service connected to Flow—expressed frustration on X, noting that his team was caught off guard by the announcement.
Smirnov noted:
“The Flow team opted for a blockchain rollback and mentioned being in sync with major partners during a forced alignment period. Yet, as a primary bridge for Flow, we at deBridge got no heads-up or joint planning, which introduces serious hazards.”
Smirnov revealed that Flow’s developers did contact him after his online remarks, but they persisted with the rollback strategy.
He explained that during their talk, they were still set “on going ahead with it.”
He added that they “focused on clarifying what issue they thought a reversal would fix, especially since the hacker had already transferred the stolen assets off the network.”
Smirnov contended that reverting the chain would harm the innocent rather than the perpetrator.
He stated that in their view, a rollback now “wouldn’t touch the attacker but would burden honest participants, including everyday users, liquidity contributors, and allies who operated normally in that timeframe, possibly worsening the fallout.”
The discontent isn’t limited to bridges.
Smirnov shared that a prominent centralized exchange trading FLOW—reached out to by deBridge—was unaware of the plan and hadn’t been notified beforehand.
He kept the exchange’s identity confidential but stressed the risks:
They added that this poor coordination now ‘creates confusion on managing transactions from the affected period, which could lead to financial hits for the platform.”
Both deBridge and LayerZero, another key interoperability provider, are advocating for a different solution: a hard fork that patches the flaw and isolates exploited funds by blocking related addresses, avoiding a full ledger wipe.
Smirnov said that for layer-1 networks “dealing with breaches, a precise hard fork to secure the weakness and lock down tainted assets is the smart choice,”
He noted this while also referencing / pointing to BNB Chain‘s successful handling of a comparable event.
He said that they agree with LayerZero that fixing via fork, “not rollback, is optimal.”
Smirnov noted deBridge‘s resilient, zero-total-value-locked, non-custodial model shields it from direct losses, but the priority is safeguarding the wider network.
He added that it is “not about their finances; it’s about stopping ripple effects that could burden uninvolved partners, providers, and users.”
He has now urged Flow to create a collaborative “crisis hub” involving bridges, custodians, exchanges, and experts like Seal911 to devise a unified strategy.
Early this past Sunday (December 28, 2025), the Flow Foundation announced on X an extension of the alignment phase to include more stakeholders, warning that premature restarts might cause data some mismatches or user disruptions.
On December 27, 2025, they had actually acknowledged the hack, attributing it to a flaw in the execution engine.
Blockchain and web3 security analyst Taylor Monahan described how the intruder minted FLOW tokens and bridged assets like WBTC, WETH, and stablecoins.
On-chain investigator Wazz has now suggested that it stemmed from a leaked private key, not an actual contract vulnerability.
In their restoration outline, Flow stated the network would reset to pre-hack conditions, discarding interim transactions—which users must redo. A detailed analysis is promised within three days.
FLOW’s value cratered over 40% post-disclosure, dropping from about $0.17 to $0.079 before settling near $0.10; it’s now hovering at $0.11 per token at the time of writing.
South Korean trading and investing platforms Upbit, Bithumb, and Coinone halted FLOW movements, and the Digital Asset Exchange Alliance flagged transaction risks as well.
This incident now underscores the evolving challenges of blockchain recovery, balancing security with ecosystem trust. As discussions evolve, Flow’s path could influence how similar crises are managed industry-wide.