Taiko urges immediate withdrawal of funds from all its bridges after chain verification breach

Taiko’s ERC20 vault on Ethereum was exploited on June 22, with an attacker draining roughly $1.7 million by forging cross-chain message proofs. The stolen funds, approximately $2 million worth of Taiko’s native TKO token, were promptly deposited into MEXC and distributed across other wallets.

Security firm Blockaid flagged the exploit, tracing it to a vulnerability in Taiko’s bridge proof verification mechanism. The system accepted forged message proofs on the Ethereum mainnet even though no corresponding legitimate MessageSent event had been triggered on the Taiko chain.

How the exploit worked

The proof verification mechanism on the Ethereum side failed to validate that a genuine MessageSent event existed on the Taiko chain before authorizing withdrawals from the ERC20 vault. The attacker exploited this gap by crafting forged proofs that the system treated as legitimate, enabling unauthorized withdrawals directly from the vault.

Blockaid’s initial estimates placed losses at over $1 million, while subsequent on-chain analysis pushed the figure closer to $1.7 million.

The money trail and exchange deposits

On-chain data shows the attacker moved quickly after the exploit, depositing approximately $2 million in TKO tokens to MEXC along with transfers to other wallets.

As of the latest reports, Taiko Labs has not issued any official public communication regarding the exploit, nor has any recovery plan been disclosed.

Cross-chain bridges remain crypto’s soft underbelly

Taiko operates as a based rollup, meaning it relies on Ethereum for sequencing and derives security properties from the base layer. The bridge connecting the two chains introduced a vulnerability that undermined those guarantees entirely.

What this means for investors

For TKO holders, the immediate concern is twofold. First, the exploit itself represents a direct loss from the protocol’s vault. Second, the attacker depositing $2 million worth of TKO into exchanges creates sell pressure.

The lack of official communication from Taiko Labs means investors have no clarity on whether the vulnerability has been patched, whether additional funds remain at risk, or whether any recovery efforts are underway.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.