Attackers exploited a vulnerability in Taiko's chain state verification, submitting forged message proofs that Ethereum mainnet accepted without corresponding valid MessageSent events from Taiko, draining funds from Taiko's ERC20 Vault on Ethereum.
On June 22, 2026, attackers exploited a vulnerability in Taiko's chain state verification mechanism. They submitted forged message proofs that Ethereum mainnet accepted without corresponding valid MessageSent events from Taiko, draining funds from Taiko's ERC20 Vault on Ethereum. Taiko halted block production, activated its Security Council, and requested exchanges suspend TAIKO deposits. Losses were primarily in USDC and ETH, totaling approximately $1.7M.
Drained assets (USDC and ETH) moved on Ethereum. No specific laundering trail or recovery reported at time of writing.
N/A