Flow Blockchain Prepares Full Restart After $3.9M Bridge Exploit

Flow Blockchain moves toward a full restart after a $3.9 million exploit, with user funds safe and recovery underway.

Flow Blockchain is preparing for a full network restart after a serious security incident. The breach took place on December 27, 2020. An attacker targeted a vulnerability of the execution layer. As a result, approximately $3.9 million of assets were stolen before the network halted.

Flow Halts Network After Execution Layer Exploit

According to Flow Foundation, the exploit was on the execution layer. The attacker minted illegal wrapped assets. These included WFLOW, wBTC, and wETH, as well as some stablecoins. Shortly after this was detected, validators shut down the network. This action avoided additional losses.

On-chain investigations revealed that the attacker transferred funds into off-network. The assets had exited primarily via cross-chain bridges. These were Celer, Debridge, Relay and Stargate. Later, the money was channelled through Thorchain and Chainflip. 

Related Reading: LOW Token Crashes Over 42% as Flow Network Probes Possible Security Incident

Importantly, Flow verified that user balances were kept safe. Existing deposits were not tapped during the attack. This assurance helped in reducing the panic of the users. Nevertheless, shaken confidence was spread throughout the ecosystem.

The Flow Foundation had close cooperation with validators. Together, they blocked all exit routes in short order. They also started a forensic investigation. Requests to freeze related funds were sent to large exchanges. Circle and Tether also received freeze requests.

Law enforcement agencies have been informed. The wallet address of the attacker was identified and flagged. Continuous cooperation is intended for reclaiming a portion of the stolen assets. However, recovery is still uncertain at this point.

Restart Plan and Network Recovery Steps

Following containment, Flow came up with a protocol fix. The update is for the execution layer vulnerability. The fix is currently under final validation. Node operators are organizing its placement on the network.

The recovery plan incorporates a network rollback. Flow will go back to a checkpoint before the attack took place. This rewind will have the effect of cancelling unauthorized transactions. As a result, the stolen mint events will be erased from the ledger.

At the present point, the network is in read-only mode. This state enables the monitoring without the processing of new transactions. A complete restart is due after a 72-hour technical review. Ecosystem partners also need to do syncing before relaunch.

For the people affected during the halt undergo a temporary inconvenience. Transactions conducted from 21:25 to 15:25 UTC+8 and between 21:30 and 21:30 UTC+8 will not be retained. These users have to resubmit transactions following relaunch. Flow stated clear instructions will follow.

Despite the exploit, Flow stressed operational resiliency. Validators took action within a matter of minutes of their detection. Rapid coordination restricted losses considerably. Analysts wrote that delays might have caused extensive damage.

The Flow Foundation was committed to transparency. There will be a complete technical post-mortem of it published. This declaration will be detailed in this report, the vulnerability, and the steps to remediation. Community members are looking for better safeguards afterward.

Flow’s response falls under broader lessons taken from the industry. Quick stops, coordination of valedors, and rollbacks are of paramount importance. While the $3.9 million loss is notable, the containment saved the ship from more serious damage. The impending restart will put confidence in Flow’s long-term security posture to the test.

The post Flow Blockchain Prepares Full Restart After $3.9M Bridge Exploit appeared first on Live Bitcoin News.