Updated Jun 22, 2026, 9:52 a.m. Published Jun 22, 2026, 9:23 a.m. 2 min read(Clint Patterson/Unsplash)SummaryTaiko, an Ethereum layer-2 network, halted block production and urged users to withdraw funds after an attacker exploited its bridge to steal about $1.7 million.The attacker forged cross-chain proofs so that fake withdrawal requests were accepted on Ethereum without matching deposits on Taiko, draining the bridge and its token vault before the team froze activity.While the dollar loss was relatively small, the exploit used the same cross-chain messaging flaw behind more than $340 million in bridge hacks this year, and Taiko said it will release a full incident report.Taiko, an Ethereum layer-2 network, halted block production and told users to pull their funds after an attacker exploited its bridge earlier Monday.The team estimated losses at about $1.7 million before it stopped the outflows. The chain's TAIKO token, which has a market capitalization of $14.5 million, has slumped more than 20% since midnight UTC.The attacker was able to forge the proofs a bridge uses to confirm that a withdrawal matches a real deposit. Fake withdrawal requests were accepted on Ethereum without any matching transaction on Taiko's chain, which let the attacker register fraudulent withdrawals and drain funds from the bridge and its token vault, Taiko said. Bridges are blockchain-based tools that move assets between different chains, in this case, Taiko and Ethereum. Layer-2 blockchains process transactions off the main chain and settle them back to it, to provide faster, cheaper service than the host system.The attacker's ability to forge valid-looking proofs indicates it may have had access to a leaked key. Security firm BlockSec said its initial investigation traced the likely cause to a signing key for Raiko, which Taiko uses to produce proofs indicating a transaction is genuine, that was left publicly accessible on GitHub.The key is meant to stay sealed inside secure hardware so the proofs can be trusted. If it's exposed, attackers can enroll their own provers as legitimate and sign fraudulent proofs that Taiko's verifier accepted, then fake a bridge withdrawal that releases real assets on Ethereum..@taikoxyz was reportedly attacked, with losses exceeding $1.7M. Our initial investigation suggests the likely root cause was an exposed Raiko SGX enclave signing key on GitHub. Raiko is Taiko’s multi-prover stack for Taiko and Ethereum blocks, so an exposed Raiko SGX enclave key… https://t.co/8BIiEeNtYJ pic.twitter.com/eAq9Xjngz8— BlockSec Phalcon (@Phalcon_xyz) June 22, 2026