Taiko, a blockchain protocol focused on scaling Ethereum, has issued an urgent alert telling users to pull their money out of every bridge connected to its network. The warning comes after what the team described as a chain verification breach. The extent of the compromise isn't yet clear, but the message was blunt: move your funds now.
What the alert says
In a post on its official channels, Taiko said the breach involved the verification layer of its chain. The company didn't specify whether the vulnerability was exploited or if funds had already been stolen. But it stressed that all bridge contracts should be considered unsafe until further notice. Users are being told to withdraw to a secure wallet or exchange as soon as possible.
The alert covers every bridge Taiko operates. That includes the main bridge connecting Taiko L2 to Ethereum as well as any third-party bridges that use Taiko's verification system. The team said it is still investigating the root cause and will provide updates once more is known.
Why bridges are at risk
Bridges are a common target in crypto. They move assets between different blockchains, and a flaw in the verification process can let an attacker drain the locked funds. In Taiko's case, the breach hit the mechanism that checks whether a transaction on one chain is valid before releasing funds on another. If that check can be bypassed, the whole bridge pool is exposed.
Taiko is a relatively new rollup — a type of layer-2 network that bundles transactions off-chain and posts proofs to Ethereum. Its security model relies on those proofs being correct. A verification breach undermines that trust. The team didn't say whether the breach was inside its own code or in an external component.
How to withdraw
Anyone with assets inside a Taiko bridge should act immediately. The process is straightforward: use the bridge's official interface to initiate a withdrawal back to the original chain. If the bridge interface is down or slow, Taiko suggested using a direct contract call — though that requires technical knowledge. For most users, moving funds through a connected wallet like MetaMask should work.
Taiko warned that after the withdrawal, users should not interact with any bridge contracts until the team gives the all-clear. The team also cautioned against using any third-party front ends that claim to be unaffected.
What comes next
The investigation is ongoing. Taiko has not yet said whether the breach was discovered internally or reported by an external security researcher. No official timeline for restoring bridge operations has been given. Users are left waiting for a post-mortem that explains exactly what went wrong and whether any funds were lost. Until then, the only safe move is to withdraw — and keep those funds off the bridges.
