Flow draws Huobi HTX ire with $3.9M hack recovery plan

Huobi HTX has called out the Flow network for creating an isolated recovery plan. The exchange claims the team transferred its identified FLOW assets from centralized exchange addresses, including Huobi HTX. It urged Flow to handle this incident more transparently and responsibly, while fully respecting the legitimate rights and interests of all parties involved. The Flow protocol can’t seem to catch a break, as Huobi HTX, an exchange linked to Justin Sun, publicly condemned the project’s recovery plans after it suffered close to a $4 million exploit. An update shared via the Huobi official site detailed the major security incident that occurred on the Flow network in December last year, and claimed that after the incident, Huobi HTX immediately attempted to verify the situation by reaching out to the team and providing abnormal price monitoring and on-chain data. Huobi criticizes Flow’s recovery plans The report claims that after the project team confirmed the security incident, Huobi HTX continued to provide assistance to the project team in risk management and on-chain tracking, including providing relevant address information and related recharge information. Through this process, Huobi HTX’s risk control and monitoring system continuously tracked abnormal capital flows and took restrictive measures on identifiable hacker-related assets to prevent further inflows into the market as much as possible while protecting the overall interests of currency holders. However, the report claims that without fully communicating with the exchange and the community, the Flow project party decided to unilaterally promote its so-called “Isolated Recovery” plan through protocol layer authority. Without mastering the private key, the team directly forcibly transferred its identified FLOW assets from centralized exchange addresses, including Huobi HTX. These assets included a large number of normal user positions obtained via real market transactions, and they were going to be unilaterally destroyed on January 30, 2026, according to plans announced by the team. The collateral damage from the Flow exploit The hack that disrupted the Flow ecosystem went down on December 27, 2025. The hacker minted counterfeit or duplicate tokens, which led to about $3.9 million in assets being drained and bridged out to other chains. To be clear, the exploit did not affect legitimate user deposits and balances; it only created fake assets. In the days that followed, the Flow team claimed there was no other logical way forward than to initiate a rollback that would restore the network to a pre-hack state while removing unauthorized transactions from the ledger. The rollback raised eyebrows and critics like Alex Smirnov, whose company, deBridge, is integrated with Flow, alleged the team had reached the decision to effect a rollback without communicating or coordinating with his platform, even though it had claimed they were synchronizing with critical partners. After consulting, the foundation altered course, switching to a targeted recovery approach that saw it maintain most valid transactions on-chain and only process transactions that failed to act correctly. The plan saw affected accounts temporarily frozen as forensic analysis was carried out to identify and fully remediate the illicitly minted tokens. The foundation called it the “scalpel” approach and claimed it would enable them to resolve the issue while staying true to their principles of decentralization.