#钱包安全事件 The Flow execution layer vulnerability resulted in the transfer of $3.9 million. However, there are several noteworthy details about this incident. First, the attacker only accessed liquidity rather than user deposits, indicating that the vulnerability trigger point was relatively limited. Second, the flow of funds has been traced to a clear path—bridging protocols such as Celer, Debridge, Relay, Stargate, and others have become the main exit points, and the attacker wallet has been marked, which means subsequent on-chain movements are basically transparent.

From a risk mitigation perspective, the key lies in the response speed at three levels: protocol fixes have been released, exchange freeze requests have been submitted, and real-time tracking of money laundering activities on Thorchain and Chainflip is ongoing. The scale of $3.9 million is relatively manageable, but the real concern is whether this funds can ultimately be recovered or locked—this depends on the efficiency of cross-chain bridge execution and the cooperation of exchanges.

It is recommended to closely monitor the whereabouts of these funds after exiting through Thorchain, as well as whether new signs of vulnerability exploitation appear. Similar execution layer vulnerabilities often imply that there are other undiscovered edge cases, and the completion of node deployment upgrades needs continuous observation.