Taiko, an Ethereum layer-2 network, tells users to withdraw funds after a security breach involving its bridge and an ERC-20 vault. Multiple outlets report that an attacker compromises Taiko’s bridge by exploiting weaknesses in the system used to verify chain state proofs. According to the reports, the attacker forges withdrawal proofs, enabling unauthorized withdrawals from the bridge. The estimated amount reportedly stolen is about $1.7 million, though sources frame this as an estimate based on observed activity. CoinDesk and others say Taiko halts operations on the network as a containment measure, aiming to limit further loss. The described issue resembles proof-verification flaws seen in other major bridge incidents earlier this year. Taiko’s response includes warning users to withdraw their funds, with the expectation that stopping the network reduces the chance of additional withdrawals while the vulnerability is addressed. The outlets characterize the breach as a compromise of the proof or verification mechanism rather than a direct compromise of end-user wallets.
Taiko halts Ethereum L2 network after bridge exploit drains about $1.7 million
Taiko, an Ethereum layer-2 network, tells users to withdraw funds after a security breach involving its bridge and an ERC-20 vault. Multiple outlets report that an attacker compromises Taiko’s bridge...
- Taiko pauses its Ethereum layer-2 network after a bridge-related security breach.
- Reports say attackers exploit a chain state/proof verification mechanism to forge withdrawal proofs.
- About $1.7 million is reportedly stolen, with figures presented as estimates.
- Taiko urges users to withdraw funds following the incident.
- Sources describe the flaw as a proof-verification style vulnerability similar to other bridge hacks.
Researchers estimate more than $1.7 million was stolen after attackers allegedly exploited Taiko's proof verification process.
15 hours agoAn attacker forged withdrawal proofs to drain about $1.7 million, the same type of flaw behind this year's biggest bridge hacks. Fast containment kept the damage small.
21 hours agoTaiko’s bridge and ERC20 Vault on Ethereum suffered a compromise in its chain state verification mechanism, allowing forged proofs and unauthorized withdrawals.
1 day ago
Invesco ETFs declare quarterly cash distributions for SmallCap 600 funds
Invesco declares quarterly cash distributions for two exchange-traded funds tied to the S&P SmallCap 600 indexes. One is...
JaredFromSubway Ethereum MEV bot suffers multi-million dollar loss after logic manipulation
Several outlets report that the Ethereum MEV trading bot known as “JaredFromSubway” has been hit after an attacker manip...
Invesco declares ETF cash distributions across mid-cap, bond, and preferred strategies
In separate announcements, Invesco declares cash distributions for several exchange-traded funds. The Invesco S&P MidCap...