Market· 23 Jun 2026

Taiko bridge breach forces withdrawals after proof failure

Taiko bridge breach forces withdrawals after proof failure

Taiko users were told to withdraw funds from all bridges on the network after the project confirmed a compromise in its chain state verification mechanism. For investors, the warning matters because it turns a mostly hidden rollup assumption into a direct fund access risk: if message proofs cannot be trusted, bridge balances and withdrawals may no longer be safe.

Taiko said the security assumptions behind every bridge deployed on its L2 could not be relied on. It also asked centralized exchanges to suspend TAIKO deposits until further notice. Security firm Blockaid said the failure point was source-signal proof validation, where crafted message proofs were accepted on Ethereum L1 even though the Taiko chain had not emitted legitimate MessageSent events.

That flaw allowed fraudulent bridge messages to be registered and later redeemed, leading to unauthorized releases from the ERC20 vault. Taiko later described the issue in similar terms, saying forged proofs were accepted on L1 without a valid source-chain event and caused fraudulent withdrawals from bridge and token vault funds.

An Etherscan transaction showed 649,761.236201 USDC leaving the Taiko ERC20 Vault for an exploiter address on June 21. Early loss estimates ranged from about $1.7 million to roughly $2.2 million. Taiko said affected users are expected to be reimbursed from the protocol treasury while it pauses systems and tightens proof controls.

Source

Originally published by CryptoSlate on June 23, 2026.