Late on December 28, 2025 , the Flow blockchain was put on hold after a hacker attack, and the company decided to revert mainnet data to its pre-attack state. This move was intended to recover approximately $3.9 million in losses, but it also put the core tenet of "on-chain records cannot be tampered with" in jeopardy, casting a shadow over the crypto market before the year-end.
Event Summary
The vulnerability on February 27th existed at the execution layer. Attackers bypassed authorization checks and transferred funds out via cross-chain bridges such as Celer, deBridge, and Stargate. Within 24 hours, the Flow Foundation released the "Mainnet 28" update, fixing the on-chain height at 137,385,824, putting the network into read-only mode. In other words, the entire chain was like a video recording on rewind, with all subsequent transactions suspended from confirmation.
Key technology decisions
Rollback provides a quick fix for blockchain issues, but at a heavy cost. The Flow mechanism relies on validator consensus; when validators agree to rewrite history, it's tantamount to acknowledging the malleability of the ledger content. This directly conflicts with the long-held industry advocacy of "code is law" and undermines external applications' trust in the Flow asset settlement layer.
Rollback operations can trigger systemic risks. If users have already transferred assets out via cross-chain bridges during the rollback period, the original balance on the Flow chain will be restored after the rollback. These double balances may ultimately be covered by the cross-chain bridges or liquidity providers.
This warning from deBridge co-founder Alex Smirnov points out a potential danger: unilateral rollbacks disrupt the inter-chain settlement order, creating uncorresponding "ghost assets." When a bridging contract has already recorded payments on the other end, but Flow deletes the payment source, it's tantamount to dumping bad debts on a third party.
Spillover risks and governance controversies
Delphi Labs General Counsel Gabriel Shapiro bluntly stated that the Flow Foundation is creating "unsecured assets" to mask technological flaws. He pointed out that this reflects how highly centralized governance can manipulate ledger history, a far cry from the promise of decentralization. For creators and game developers, if on-chain records can be unilaterally revoked, the business models tailored to smart contracts lose their legal certainty.
On the eve of the new US administration's transition, regulators are accelerating their deliberations on encryption-related legislation. This move exposes the weaknesses of highly centralized governance and provides an immediate case study for policymakers to assess "similar risks."
Market reaction and follow-up observations
FLOW tokens plummeted 42% within 24 hours of the announcement, shrinking to less than $200 million. In terms of cost, to recover $3.9 million, the market lost tens of millions of dollars in market capitalization. The hard work of early investors like a16z and Dapper Labs over the years is now at risk of being wiped out.
Next, Flow needs to coordinate loss settlement with cross-chain bridges, disclose the complete technical post-mortem analysis, and rebuild validator confidence. If a transparent and verifiable improvement plan is not proposed, the trust deficit may be difficult to bridge in the short term.
While choosing to "turn back time," Flow also opened the deepest Pandora's box in the blockchain world. Immutability is the foundation of the blockchain's social contract; once exceptions are made, every future failure could lead to the same outcome. Friction costs are no longer a technical issue, but a long-term test of whether trust can be rebuilt.
