The Flow Foundation has released a report explaining a security flaw that led to the creation of fake tokens on December 27.
The issue resulted in confirmed losses of about $3.9 million before the problem was stopped.
According to the report, the attacker exploited an error in Flow’s Cadence system. This bug caused certain assets to be duplicated instead of being created properly.
Did you know?
Subscribe – We publish new crypto explainer videos every week!
4 Ways to Turn Fiat to Crypto VS Crypto to Fiat (Easily Explained)
This allowed the attacker to bypass the normal supply rules without actually taking money or tokens from existing accounts.
Once the first suspicious activity was detected, Flow’s validators acted quickly. They agreed to pause the network within six hours. While the system was stopped, exchanges also froze most of the fake tokens before they could be traded or sold.
During the pause, the network was switched to a mode that prevented new transactions. This step helped prevent further token copying and gave developers time to fix the problem.
Two days later, the system came back online under a controlled recovery plan. This plan protected all valid transactions and allowed the permanent removal of fake tokens through an approved governance process.
The Flow Foundation confirmed that no users lost their existing funds since the attack only created new tokens rather than stealing from wallets.
A small group of accounts that had interacted with the counterfeit tokens was temporarily limited as a safety measure. However, more than 99% of users were able to access their accounts as usual.
Recently, the Flow Foundation dropped its plan to roll back the Flow blockchain. Why? Read the full story.
