Flow rollback decision sparks controversy! $3.9 million vulnerability prompts deBridge founder to criticize

Flow hacked for $3.9 million, funds transferred out via bridges like Celer, Debridge, and others, then mixed through Thorchain. Flow’s network rollback prompted deBridge founder Alex Smirnov to question, claiming it could impact honest users and partners. FLOW’s price plummeted 46% to a new low of $0.097, with market cap shrinking from $284 million to $164 million.

Flow Rollback Controversy: deBridge Founder’s Three Major Questions

deBridge co-founder Alex Smirnov harshly criticized the Flow team’s decision to rollback their network after the hack. Smirnov stated that the rollback was too hasty and could cause far greater economic losses than the initial vulnerability. “A rollback introduces systemic issues, affecting honest bridge operators, custodians, users, and counterparties during the affected period,” Smirnov explained, urging all Flow validators not to validate transactions on the rollback chain until some key issues are clarified.

The first question Smirnov raised was: How does Flow plan to handle users who exited Flow during the rollback window and had their balances doubled due to the rollback, and how will users who joined Flow during the rollback be compensated? This question hits the core flaw of the rollback plan. Suppose a user withdrew 1 million FLOW to other chains during the rollback window; after the rollback, these tokens reappear on the Flow chain, but the assets on the other chains still exist, effectively copying assets out of thin air.

He also wants to know how ecosystem custodians like LayerZero will handle transactions executed during the rollback window. As a cross-chain communication protocol, LayerZero may have already completed a large volume of cross-chain messages during the rollback window. If Flow unilaterally rolls back but other chains do not, it will cause state inconsistencies, potentially leading to duplicated or lost assets.

Smirnov emphasized similar incidents, claiming these could be handled more professionally without rollback, with hackers being isolated. He asked, “Why did Flow take a different approach? Who specifically decided to roll back this supply chain?” In another tweet, Smirnov further highlighted the futility of Flow’s solution, noting that the attacker has already “moved about $4 million and consolidated the funds at this address, then took further actions.” He wrote, “At this stage, the rollback has no impact on the attacker and only harms honest users, liquidity providers, and ecosystem partners during the rollback window.”

$3.9 Million Attack Path and Fund Freeze Actions

According to the Flow Foundation, the attacker exploited vulnerabilities in the network execution layer to successfully transfer out $3.9 million. Evidence shows the stolen assets were first transferred via bridges like Celer, Debridge, Relay, and Stargate, then laundered through Thorchain and Chainflip. This multi-layered fund transfer route is typical of crypto money laundering, aiming to obfuscate the source of funds and make tracking difficult.

The attacker’s wallet was subsequently identified and flagged, with fund freeze requests submitted to Circle, Tether, and multiple exchanges. Such cross-platform coordination of freezes is uncommon in the crypto world, as decentralization and asset freezing are inherently at odds. However, in cases of clear theft, major stablecoin issuers and centralized exchanges usually cooperate with law enforcement.

In response, the Flow network paused all outbound routes to prevent further unauthorized transfers. Major Korean exchanges Upbit and Bithumb also suspended FLOW deposits and withdrawals following the breach. Despite the attack, reports indicate user account balances and on-chain deposits were unaffected. This suggests the attack targeted Flow’s system funds or liquidity pools, not individual user wallets.

FLOW Price Plunged 46% and Technical Indicators Collapsed

The hack had an immediate severe impact on FLOW’s market performance. The native token price dropped 46%, from $0.17 to a new low of $0.097, with some rebound afterward. At press time, FLOW was trading at $0.117, down 32.54% for the day. Meanwhile, market cap shrank from $284 million to $164 million, indicating significant capital outflow.

Flow Market Collapse: Three Key Data Points

Price Drop: From $0.17 to $0.097, a 46% plunge, hitting a new low

Market Cap Erosion: From $284 million to $164 million, a $120 million loss in one day

Sell Pressure Imbalance: Coinalyze data shows sell volume at 405 million, buy volume at 382 million, with a sell-side delta of up to 23 million

Technical indicators have also collapsed. The Directional Movement Index (DMI) fell to 5, indicating persistent bearish control and strong downward momentum. The Relative Strength Index (RSI) dropped from 29 to 19, pushing the token further into oversold territory. The decline in these indicators signals a weak market structure, and to some extent, suggests the continuation of the current bear trend.

If panic persists and investors remain defensive, Flow could face further downside pressure, potentially testing or breaking below the $0.1 support zone again. Conversely, if the price decline attracts bargain-seeking investors, the current rebound momentum might continue, possibly bringing FLOW back toward the pre-hack level of around $0.17.