Taiko Pauses Ethereum Layer-2 Network After Bridge Exploit Triggers Token Crash

Taiko halted block production on its Ethereum layer-2 network and urged users to withdraw funds after a bridge exploit was detected early Monday. The team estimated losses at roughly $1.7 million before quickly containing the incident, while the TAIKO token—valued at about $14.5 million in market cap—fell more than 20% since the start of the UTC day.

The attacker reportedly forged withdrawal proofs, exploiting the bridge mechanism that verifies whether a withdrawal corresponds to a valid deposit. This allowed fake withdrawal requests to be accepted on Ethereum without matching transactions on Taiko’s chain, enabling fraudulent outflows from the bridge and token vault, according to the project.

Bridges are cross-chain infrastructure tools that enable asset transfers between blockchains such as Taiko and Ethereum. Layer-2 networks process transactions off-chain and later settle them on Ethereum to improve speed and reduce costs.

The exploit suggests the attacker may have had access to a compromised or exposed signing key used in the proof-generation process. Security firm BlockSec said early findings point to a Raiko signing key—used to generate validity proofs—being publicly exposed on GitHub.

Normally, such keys are stored in secure hardware to ensure proofs cannot be tampered with. If exposed, attackers can impersonate legitimate provers, generate valid-looking signatures, and trick the system into approving fraudulent bridge withdrawals on Ethereum.

Following the incident, Taiko instructed users to exit all bridges, requested centralized exchanges to suspend TAIKO deposits, and temporarily stopped block production while investigating the breach.

By around 2 a.m. ET, the team said the exploit had been contained and withdrawals through the main bridge and token vault were halted. The attacker had already transferred roughly 2 million TAIKO—worth about $170,000—to an address on the MEXC exchange.

Although the direct financial loss was relatively limited, the exploit mirrors a broader pattern of vulnerabilities in cross-chain bridge systems, which have been responsible for major DeFi losses this year.

Similar attacks include $292 million drained from Kelp DAO’s bridge in April and $11.4 million stolen from the Verus-Ethereum bridge in May. Across 2026, bridge-related exploits have already exceeded $340 million in losses across at least 14 incidents, making them one of the most targeted attack vectors in crypto. Taiko’s losses remained contained largely due to rapid detection and response within hours.