Taiko Bridge Exploited for Up to $1.7M in DeFi Hack

Taiko Bridge Exploited for Up to $1.7M in DeFi Hack — Cointelegraph.com News
Source: Cointelegraph.com News

Taiko, an Ethereum layer-2 blockchain, urged users to withdraw assets from the network’s bridges after an exploit on one of its bridge protocols allowed attackers to steal up to $1.7 million. "We have confirmed a compromise of Taiko’s chain state verification mechanism," Taiko posted to X early on Monday, adding: "We strongly advise all users to withdraw their funds from all bridges deployed on Taiko immediately." Taiko said it was coordinating partners to contain the incident and had paused affected systems.

Crypto security firm Blockaid said the root cause appears to be a flaw in how the Taiko bridge validated source signals, noting that message proofs were accepted as valid on Ethereum without corresponding legitimate proofs on the Taiko blockchain. "This allowed the attacker to register and later retrieve fraudulent bridge messages, resulting in unauthorized asset releases from the ERC20 vault," Blockaid said.

taiko, taiko bridge, ethereum, layer-2, bridge exploit, defi hack, chain state, blockaid, erc20 vault, message proofs