金链科技
06/22 20:30
Taiko Warns Bridge Users After Verification System Breach
Researchers estimate the exploit drained about $1.7 million, affecting assets including ETH, USDC, USDT, and TAIKO.
The incident was contained, pending transactions remain paused, and a full post-mortem is expected from Taiko.
Taiko issued an urgent security notice after confirming a compromise of its chain-state verification mechanism, a core component used to validate bridge activity across the network. The project disclosed the incident after researchers linked a bridge exploit to losses exceeding $1 million on June 21, prompting Taiko to advise users to withdraw funds, request exchange support, and begin emergency containment measures.
Verification Failure Triggers Emergency Response
According to Taiko, the compromise undermined the security assumptions of all bridges deployed on its network. The team said it immediately coordinated with its Security Council and ecosystem partners to contain the incident.
At the same time, Taiko urged users to withdraw funds from affected bridges. Additionally, the project requested centralized exchanges to suspend TAIKO deposits until further notice. However, Taiko later provided an update confirming the incident had been contained.
The team paused both the Bridge and the ERC20Vault. As a result, withdrawals stopped completely, and users no longer needed to take action. Taiko added that pending transactions remain paused rather than lost.
Researchers Trace Exploit Path
While the investigation continued, security firms and researchers released preliminary findings. According to Blockaid, attackers targeted Taiko’s ERC20 Vault on Ethereum. Initial estimates placed losses above $1 million.
Later analysis suggested approximately $1.7 million in assets left the protocol. Security researcher Defi Nerd reported that the attacker registered new SGX verifier instances and created a checkpoint.
The attacker then allegedly used that state to validate forged bridge messages. Consequently, fake bridge messages appeared legitimate despite lacking matching MessageSent events on the Taiko chain.
Researchers said the vulnerability originated in the source-signal proof verification process rather than the ERC20 vault itself.
Stolen Assets Move Across Networks
Following the exploit, investigators tracked withdrawals involving multiple assets. The stolen funds included USDC, USDT, crvUSD, ETH, WETH, WBTC, weETH, CRV, iZi tokens, and TAIKO.
According to Lookonchain, the attacker transferred 1.99 million TAIKO, valued at roughly $189,000, to MEXC. Meanwhile, the wallet continued holding about 870.8 ETH, worth approximately $1.52 million.
Taiko also confirmed that block proposers temporarily stopped producing new blocks during the investigation. The project said a full post-mortem will follow, while its request for exchanges to suspend TAIKO deposits remains in effect.
The post Taiko Warns Bridge Users After Verification System Breach appears on Crypto Front News. Visit our website to read more interesting articles about cryptocurrency, blockchain technology, and digital assets.
#World Cup Predictions: 100,000 USDT Daily#2026 World Cup Posting Challenge on HTX Square#1$ Margin Trade
1Chia sẻ
Tất cả bình luận0Mới nhấtPhổ biến