PANews, June 22 – According to Blockaid monitoring, Taiko’s ERC20 Vault on Ethereum was attacked, resulting in a loss exceeding $1 million. The root cause of the vulnerability lies in a flaw in the source signal proof verification of the Taiko cross-chain bridge, where a fabricated message proof was accepted as valid on Ethereum L1 without a corresponding legitimate MessageSent event on the Taiko source chain. This allowed the attacker to register and extract fraudulent cross-chain messages, thereby releasing assets from the ERC20 Vault without authorization.
