4 hours ago
17
Ethereum layer 2 project Taiko has called for immediate withdrawals from all network bridges and requested that exchanges halt TAIKO deposits following a security incident affecting its chain-state verification process.
⚠️ Security Notice
1/2: We have confirmed a compromise of Taiko’s chain state verification mechanism. As a result, the security assumptions of all bridges deployed on Taiko can no longer be relied upon.
We are actively coordinating with the Security Council and ecosystem…
— Taiko.eth 🥁 (@taikoxyz) June 22, 2026
Blockaid, which first flagged the exploit, said the attack targeted Taiko’s ERC20 Vault on Ethereum and resulted in losses exceeding $1 million.
The root cause appears to be a flaw in Taiko bridge source-signal proof validation. Crafted message proofs were accepted as valid on Ethereum L1 without corresponding legitimate MessageSent events on the Taiko source chain.
This allowed the attacker to register and later…
— Blockaid (@blockaid_) June 21, 2026
According to the blockchain security firm, forged message proofs were accepted on Ethereum without matching MessageSent events on the Taiko chain, allowing an attacker to register fraudulent bridge messages and obtain unauthorized asset releases.
Taiko is actively coordinating response efforts with its Security Council and ecosystem partners, including efforts to contain the incident and pause impacted systems where possible.
TAIKO surged as much as 11.5% over the past 24 hours, climbing from about $0.087 to $0.097, before trimming gains to trade around $0.088 at press time, per CoinGecko.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.
English (US) ·