Flow $3.9M Cadence exploit: 1.09B fake FLOW, 484M don return and destroy; recovery dey ongoing

Published: 2026-01-07 14:44:37 |

Flow tok say dem expose exploit we happen for December 26–27 we produce about $3.9M fake FLOW by using type‑confusion bug inside Cadence runtime. Di attacker deploy like 40 bad Cadence contracts from block 137,363,398 and start create fake FLOW minutes later. Validators join head and pause network inside six hours (block 137,390,190) make dem stop further minting. Di attacker deposit about 1.094 billion fake FLOW to centralized exchanges; Gate.io, MEXC and OKX return and destroy 484,434,923 FLOW. Flow talk say 98.7% of the rest fake supply don isolate on‑chain and dem dey destroy am; full remediation and coordination with exchanges suppose finish within 30 days. No existing user balances touch and total correct supply no change because dem duplicate assets instead of removing real balances. Flow choose isolated recovery (restart from last sealed block) after dem consult infrastructure partners instead of full rollback. Immediate market reaction include sharp drop for FLOW price as dem liquidate fake tokens; exchange controls and token destruction fit limit long‑term impact on circulating supply. Traders suppose expect short‑term sell pressure and more volatility for FLOW while audits, patches and exchange reconciliations dey finish, and make dem monitor on‑chain proofs of destruction, exchange statements and Flow/Cadence security fixes for signs say confidence dey restore.

Bearish

Short term: Bearish. Di exploit create pass 1 billion fake FLOW and e cause immediate liquidations for exchanges, wey lead to sharp sell pressure and price drop quick. Even though dem return and destroy big chunk (484M) and 98.7% of the remaining fake tokens dem report say dem don isolate am, the sudden influx and how exchanges handle am dey increase short‑term supply volatility and make investors dey fear risk more. Traders get higher downside risk until dem fit fully verify on‑chain destruction proofs and exchange reconciliations. Medium/long term: Mixed to neutral‑bearish. If Flow fit complete transparent token destruction, patch Cadence, and publish thorough audits, confidence fit slowly recover and supply impact fit dey limited — this go reduce long‑term negative pressure. But the incident raise structural security concerns about Cadence runtime safety; prolonged scrutiny, slower developer adoption, or reputational damage fit weigh down FLOW demand for months. Overall impact: mainly short‑term bearish for FLOW with possible partial recovery depending on transparent remediation and regained market confidence.