![](\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjYtMDEvMDE5Yjk1MzctZTEzYS03MDQxLTljM2EtMzI2ODZmNGJkM2I4LmpwZw==.jpg\")
\n <\/p>\n\n \n <\/p>\n
A protocol-level flaw allowed assets to be duplicated rather than minted, prompting a network halt and a governance-led recovery process.<\/p>\n
The Flow Foundation on Tuesday published a technical post-mortem detailing a protocol-level exploit that occurred on Dec. 27, when an attacker was able to counterfeit tokens on the network, resulting in about $3.9 million in confirmed losses before the exploit was contained.<\/p>\n
According to the report<\/a>, the attacker exploited a flaw in Flow\u2019s Cadence runtime that allowed certain assets to be duplicated rather than minted, bypassing supply controls without accessing or draining existing user balances. Validators coordinated a network halt within six hours of the first malicious transaction, while exchange partners froze most counterfeit assets before they could be sold.<\/p>\n Flow said the temporary halt placed the network into a read-only mode to sever exit paths and prevent further duplication while the issue was investigated. Operations resumed two days later under an \u201cisolated recovery\u201d plan that preserved legitimate transaction history and authorized the recovery and permanent destruction of counterfeit assets through a governance-app<\/a>roved process.<\/p>\n Read more<\/p>\n<\/p>\n If you liked the article, do not forget to share it with your friends. Follow us on\u00a0Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n If you want to read more News<\/a> articles, you can visit our General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n\n