Taiko has urged users to withdraw funds from all bridges on its network after a security breach led to losses of up to $1.7 million and compromised the trust assumptions behind its bridge infrastructure.
Key Takeaways
- Taiko confirmed a compromise of its chain state verification mechanism.
- The exploit resulted in losses estimated at up to $1.7 million from Taiko’s ERC20 Vault on Ethereum.
- Users have been urged to withdraw assets from all Taiko bridges, while exchanges were asked to suspend TAIKO deposits.
- Security researchers believe the attack stemmed from a flaw in bridge proof validation that enabled unauthorized asset releases.
What Happened?
Ethereum Layer 2 network Taiko issued an urgent security warning after confirming that its chain state verification mechanism had been compromised. The incident prompted the project to advise users to immediately withdraw funds from all bridges deployed on the network.
The warning followed alerts from blockchain security firm Blockaid, which detected an ongoing exploit targeting Taiko’s ERC20 Vault on Ethereum. Initial estimates suggest the attacker was able to steal assets worth up to $1.7 million.
⚠️ Security Notice
— Taiko.eth 🥁 (@taikoxyz) June 22, 2026
We have confirmed a compromise of Taiko’s chain state verification mechanism. As a result, the security assumptions of all bridges deployed on Taiko can no longer be relied upon.
We are actively coordinating with the Security Council and ecosystem partners to…
Security Flaw Allowed Unauthorized Asset Releases
According to Blockaid, the attack appears to have originated from a flaw in the way the Taiko bridge validated source signals. The security firm said specially crafted message proofs were accepted as valid on Ethereum despite lacking legitimate corresponding events on the Taiko source chain.
As a result, the attacker was allegedly able to register and later retrieve fraudulent bridge messages. This process ultimately led to unauthorized releases of assets from the protocol’s ERC20 vault.
Blockaid described the issue as a failure in source signal proof validation, while Taiko later confirmed a broader compromise involving its chain state verification mechanism.
The root cause appears to be a flaw in Taiko bridge source-signal proof validation. Crafted message proofs were accepted as valid on Ethereum L1 without corresponding legitimate MessageSent events on the Taiko source chain.
— Blockaid (@blockaid_) June 21, 2026
This allowed the attacker to register and later…
In a public security notice, the project stated:
Taiko Suspends Key Network Operations
As part of its emergency response, Taiko temporarily halted block production while engineers investigate the incident and work toward a fix.
The team also requested that centralized exchanges suspend TAIKO token deposits until further notice. Deposits are expected to remain paused until the project determines that bridge security has been restored.
Taiko said it is actively coordinating with its Security Council and ecosystem partners to contain the impact of the exploit. The project also indicated that both technical and legal actions may be pursued against those responsible.
In addition, the team publicly disclosed several attacker wallet addresses to help exchanges, investigators, and security firms monitor the movement of stolen funds.
Attacker Begins Moving Stolen Assets
Blockchain analytics shared by Lookonchain indicates that the attacker has already started moving part of the stolen funds.
According to the data, approximately 1.99 million TAIKO tokens, valued at around $189,000, were transferred to crypto exchange MEXC. The attacker wallet reportedly continues to hold about 870.8 ETH, worth nearly $1.52 million at current prices.
The public disclosure of attacker addresses provides investigators with a potential trail to follow as the funds move across the blockchain. Any recovery effort could depend on how quickly exchanges identify and freeze suspicious transactions linked to the exploit.
Bridge Security Remains a Major Industry Concern
The incident adds to a growing list of bridge-related attacks that have affected the crypto industry in recent years.
Taiko operates as a Type 1 Ethereum equivalent ZK EVM rollup designed to maintain close compatibility with Ethereum while settling activity back to the main network. Despite these design goals, the latest exploit highlights the ongoing challenges associated with securing cross chain infrastructure.
Bridge vulnerabilities have remained one of the industry’s most costly attack vectors. Recent incidents involving Verus Protocol, Axelar, and Aztec Connect have demonstrated how verification and messaging flaws can result in significant losses.
Data cited by security firms also shows that bridge exploits accounted for a substantial share of crypto losses in recent months. Separately, tracking data from DefiLlama shows that more than 20 crypto hacks have already been recorded during June 2026 alone.
CoinLaw’s Takeaway
In my experience, bridge security continues to be one of the biggest unresolved risks in crypto. What stands out in the Taiko incident is that the problem appears tied to the system responsible for verifying chain state itself, which sits at the heart of user trust. I found the decision to halt block production and urge immediate withdrawals to be a sign of how seriously the team views the breach. The coming days will likely determine whether the stolen funds can be tracked and whether confidence in Taiko’s bridge infrastructure can be restored.
