Taiko halts its Ethereum layer-2 network after a bridge exploit, token dives

Updated Jun 22, 2026, 9:52 a.m. Published Jun 22, 2026, 9:23 a.m. 2 min read(Clint Patterson/Unsplash)SummaryTaiko, an Ethereum layer-2 network, halted block production and urged users to withdraw funds after an attacker exploited its bridge to steal about $1.7 million.The attacker forged cross-chain proofs so that fake withdrawal requests were accepted on Ethereum without matching deposits on Taiko, draining the bridge and its token vault before the team froze activity.While the dollar loss was relatively small, the exploit used the same cross-chain messaging flaw behind more than $340 million in bridge hacks this year, and Taiko said it will release a full incident report.Taiko, an Ethereum layer-2 network, halted block production and told users to pull their funds after an attacker exploited its bridge earlier Monday.The team estimated losses at about $1.7 million before it stopped the outflows. The chain's TAIKO token, which has a market capitalization of $14.5 million, has slumped more than 20% since midnight UTC.The attacker was able to forge the proofs a bridge uses to confirm that a withdrawal matches a real deposit. Fake withdrawal requests were accepted on Ethereum without any matching transaction on Taiko's chain, which let the attacker register fraudulent withdrawals and drain funds from the bridge and its token vault, Taiko said. Bridges are blockchain-based tools that move assets between different chains, in this case, Taiko and Ethereum. Layer-2 blockchains process transactions off the main chain and settle them back to it, to provide faster, cheaper service than the host system.The attacker's ability to forge valid-looking proofs indicates it may have had access to a leaked key. Security firm BlockSec said its initial investigation traced the likely cause to a signing key for Raiko, which Taiko uses to produce proofs indicating a transaction is genuine, that was left publicly accessible on GitHub.The key is meant to stay sealed inside secure hardware so the proofs can be trusted. If it's exposed, attackers can enroll their own provers as legitimate and sign fraudulent proofs that Taiko's verifier accepted, then fake a bridge withdrawal that releases real assets on Ethereum..@taikoxyz was reportedly attacked, with losses exceeding $1.7M. Our initial investigation suggests the likely root cause was an exposed Raiko SGX enclave signing key on GitHub. Raiko is Taiko’s multi-prover stack for Taiko and Ethereum blocks, so an exposed Raiko SGX enclave key… https://t.co/8BIiEeNtYJ pic.twitter.com/eAq9Xjngz8— BlockSec Phalcon (@ ) June 22, 2026 Taiko urged all users to withdraw from every bridge on the network, asked centralized exchanges to suspend deposits of its TAIKO token, and had its block producers stop making new blocks during the investigation. By about 2 a.m. ET Taiko said the exploit had been contained and that withdrawals through the main bridge and token vault halted. The exploiter had already moved about 2 million TAIKO, worth roughly $170,000, to an account on the MEXC exchange.The dollar loss is small, but the flaw came from the same DeFi mechanism that has caused hundreds of millions worth of losses this year.Forged cross-chain messages drained $292 million from Kelp DAO's bridge in April and $11.4 million from the Verus-Ethereum bridge in May. Bridges have produced more than $340 million in losses across at least 14 exploits in 2026, making it the costliest target in crypto. Taiko's damage stayed contained mainly because the team caught and froze it within hours.Taiko, which started up on Ethereum in May 2024, said it is preparing a full breakdown of the incident.12345678910