Taiko, an Ethereum layer-2 network, is telling users to pull their funds from its bridge after a security breach that researchers say cost more than $1.7 million. The attackers allegedly exploited a flaw in Taiko’s proof verification process.
How the exploit worked
The breach targeted the bridge connecting Taiko to Ethereum. According to researchers, the attackers manipulated Taiko's proof verification — the cryptographic mechanism that validates transactions submitted from the layer-2 to the main chain. By bypassing these checks, they were able to drain funds. The exact method hasn't been disclosed, but the vulnerability appears to have been in the verification logic itself.
The warning to users
Taiko issued an alert urging anyone with assets in the bridge to withdraw them immediately. The message went out via the project's official channels. It's not clear how many users still had funds locked at the time of the breach, but the estimated $1.7 million loss suggests a non-trivial amount was at risk.
What happens next
Taiko has not announced a timeline for restoring full bridge operations or deploying a fix. The team is likely reviewing the proof verification code and patching the exploit. Until then, the bridge remains in a restricted state. For users, the advice is simple: get your money out while you can.
