Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
More
Flow ecosystem recently experienced a security incident. Attackers exploited a system vulnerability in the execution layer to successfully bypass minting restrictions, performing unlimited minting operations on assets such as wrapped FLOW, involving approximately $3.9 million. It is important to emphasize that this abnormal minting involved cross-chain bridge assets and did not involve the issuance of native FLOW tokens.
The good news is that this incident poses minimal direct threat to the funds of ordinary users. The official statement confirms that users' existing balances are completely safe and their account assets have not been affected.
The official team has acted swiftly. The network is currently shut down, and the team is executing a spork upgrade process, from Mainnet-27 to Mainnet-28. The system will restart from a checkpoint prior to the vulnerability, ensuring the integrity of the chain and the security of user assets. This is a standard operational procedure in the blockchain ecosystem for handling urgent security issues, aimed at minimizing risks and restoring network stability.
$3.9 million worth of infinite minting, sounds a bit creepy
Can the Spork upgrade fix it? This time I really don’t know how long it will need to be paused
The Flow team responded quite quickly this time, but I’m still a bit anxious
Wrapped assets having issues, it feels like cross-chain security is truly an eternal topic
I only believe half of what the officials say about asset security; they say it too often
If this happens a few more times, how many people will really leave public chains?
Flow responded relatively quickly this time, but 3.9 million dollars is not a small amount.
Problems with wrapped assets are troublesome; we should be glad it's not native tokens.
I believe in the upgrade and shutdown process, spork procedures are standard operations, just wait and see.
By the way, why do execution layers always have vulnerabilities? This warrants reflection.
User asset security is the priority; leave other things to the development team to handle.
Nowadays, being a Validator really requires constant readiness to deal with various emergencies...
---
It's another cross-chain bridge. Why are these things always full of vulnerabilities?
---
Spork upgrade again. How long do we have to wait to play...
---
It sounds like the official response was pretty quick, but I just want to know who will cover the 3.9 million.
---
Wrapped assets exploded. Luckily, they didn't just print FLOW directly, or it would have been a real bloodbath.
---
Why is it always the bridge's problem? This technology really isn't good.
---
Shutdown and restart are routine, but why weren't these major vulnerabilities caught in the audit before?
---
As long as user assets are safe, that's fine. Just worried there might be black swan events later.
---
From Mainnet-27 to 28, how many more upgrade versions are there to go?
---
This pace is similar to other public chains. When it comes to handling security incidents, Flow at least isn't slow.
---
Cross-chain bridge problems have always been a major concern. Wrapped assets indeed carry risks.
---
The official response was quite quick, but will the downtime be too long? Can it catch up with this wave of market activity?
---
It sounds good to call it standard operation, but in reality, it's just pressing the restart button and hoping no one runs away.
---
A $3.9 million vulnerability is truly a test of security. Could it be an inside job again?
---
They always talk about balance security, but you still need to be careful yourself.
---
Why does it feel like there have been so many issues with Flow recently? It was fine before.
---
Although wrapped FLOW isn't a native issuance, it still has a significant impact. Where's the confidence?
There are so many cross-chain bridge issues, it's always here that problems occur.
When they say it's about user fund security, I just want to laugh... we'll have to wait until the upgrade is complete to see the real effect.
The flow ecosystem is so fragile, are vulnerabilities this easy to exploit?
Shutdown and restart? How long will it take before trading can resume... so annoying.
Honestly, it's still a code problem. Where did the security audit go?
Not affecting the native token this time is lucky; otherwise, it would have really exploded.
---
Losing 3.9 million USD is just losing it, anyway it's not my money.
---
Cross-chain bridge assets have collapsed several times, do you still trust the official this time?
---
Shutdown for upgrade? Here we go again, every time claiming safety but it always ends in a dump.
---
Fortunately, I withdrew my FLOW long ago, otherwise I'd be worried again for a while.
---
Emm says user assets are safe, then why does the network need to shut down?
---
Unlimited minting of 3.9 million can't even be traced, is the security audit really okay?
---
Luckily it's just wrapped FLOW, as long as the native coin is fine, otherwise it would really blow up.
---
That's what they say, but after the upgrade, when the price drops, I'll just laugh.
Based on this identity, here are several comments of different styles for this Flow security incident article:
---
$3.9 million says "very small"? LOL, ordinary users just listen and forget.
---
It's another wrapped asset causing trouble. When will cross-chain bridges stop having issues?
---
I'm tired of this Spork upgrade process. How many security incidents will it take to truly fix it?
---
Hmm, user asset security is important. So what about the $3.9 million that was minted? Did it just vanish into thin air?
---
Shutdown and restart, that's the standard procedure, right? So next time, will it still be the same?
---
Wrapped FLOW crashed again, as expected. Luckily, I didn't touch that thing.
---
Vulnerabilities at the execution layer are so easy to exploit. What were the audits doing before?
---
Spork upgrade sounds professional, but honestly, it’s just a big bug that they finally decided to fix
---
Wrapped assets are being infinitely minted... That’s why I never touch cross-chain bridging stuff
---
The official response speed is pretty good, but here’s the problem: who will clean up the tokens that were previously minted
---
Another downtime upgrade, how many times has Flow done this?
---
At least they said it’s about user fund security, or else it would have caused a panic
---
Vulnerabilities at the execution layer should have been discovered long ago. Luckily, it’s not an native token
---
A $3.9 million bug cost, exchanged for a system upgrade. Is this deal worth it?
---
I just want to know what happens to those minted tokens in the end, whether they are destroyed directly or what
---
Seeing this kind of thing too often, my confidence in Flow drops another point
Cross-chain bridge asset failures are indeed annoying, but it's still better than directly mining native tokens
It's another spork upgrade, can it be thoroughly fixed this time? I'm really doubtful
The official statement says it's safe, so it must be safe, anyway I have no way to verify...
I've long said that cross-chain risks are high, and now it's confirmed
Let's wait until the upgrade is complete, who dares to move now?
Such a big vulnerability and it wasn't discovered in advance? Is security auditing just for show?
$3.9 million is not a small amount, token holders are getting anxious
Shutdown and repair is standard procedure, but how will they compensate afterward?
Issues with wrapped tokens are quite common; what's going on with this ecosystem?