Flow validators are facing mounting pressure to halt their work following a contentious decision to roll back the blockchain after a $3.9 million exploit. The rollback, intended to undo the damage from the hack, has triggered a backlash from key ecosystem partners who claim they were not consulted before the action was taken.

On December 27, 2025, the Flow Foundation confirmed a security breach where an attacker exploited a vulnerability in Flow's execution layer, leading to the theft of $3.9 million in assets. In response, validators coordinated to halt transaction ingestion to prevent further unauthorized transactions. The Flow Foundation assured users that the attack did not compromise user balances and that all deposits remained secure.

To address the situation, the Flow Foundation proposed a protocol fix (Mainnet 28), which was accepted and deployed by network validators. The network was brought back online and is producing blocks, but general transaction ingestion remains paused. A mandatory synchronization window with critical ecosystem partners, including bridges, centralized exchanges (CEXs), and decentralized exchanges (DEXs) is currently in effect to ensure their internal systems are fully synced with the restored state of the Flow ledger.

However, the decision to roll back the blockchain has been met with significant criticism. Alex Smirnov, co-founder of deBridge, a major cross-chain bridge for Flow, voiced strong concerns about the lack of communication and coordination from the Flow team. Smirnov warned that a hasty rollback could lead to economic losses exceeding the initial security incident and potentially cause systemic issues. These issues could affect cross-chain bridges, custodians, users, and counterparties operating during the synchronization window, potentially leading to problems such as balance doubling and unrecoverable assets.

Smirnov has urged Flow validators to stop processing transactions on the rolled-back chain until a clear remediation plan is established, ecosystem coordination is completed, and security organizations are involved. He emphasized the need for transparency, collaboration, and restraint in handling the situation, rather than resorting to rapid and aggressive actions.

The situation has drawn comparisons to past incidents like the BNB Chain, where isolating attackers was favored over a global state rollback. The Flow Foundation has stated they are carefully evaluating feedback from partners to ensure full alignment moving forward.

Several exchanges, including Bitget, suspended FLOW deposit services following the security incident. The price of the FLOW token also experienced a sharp decline, dropping by over 40% after the attack.

The Flow Foundation stated that requests to freeze funds have been submitted to Circle, Tether, and major exchanges, and that forensic analysis is ongoing. While the network is undergoing maintenance, it will remain in "read-only" mode until critical infrastructure providers achieve full compliance.

Viktoras Karapetjanc, a senior analyst at Traders Union, noted that while Flow's technicals are under significant pressure, the swift response by validators and the transparency of the Flow Foundation could help limit systemic fallout and support gradual sentiment recovery.