The exploit functioned by tricking the Ethereum L1 contract into accepting fraudulent message proofs. These proofs bypassed the system despite lacking corresponding legitimate "MessageSent" events on the Taiko source chain, enabling the attacker to retrieve assets from the vault. In response, Taiko halted all block production by proposers and requested that centralized exchanges immediately suspend TAIKO deposits.
Taiko acknowledged that the security assumptions underpinning its bridge infrastructure are no longer viable. The project is currently collaborating with its Security Council and ecosystem partners to address the vulnerability, though no timeline for resuming normal operations or restoring bridge security has been provided. This incident adds to a troubling year for cross-chain infrastructure, following significant losses at Verus Protocol and Aztec Connect, highlighting the persistent risks associated with bridge verification protocols.
Comments (0)
No comments yet. Be the first!