Taiko, an Ethereum-based layer2, confirmed that its chain state verification mechanism was breached, The Block reported on Sunday.

In a post on X, Taiko said all bridges deployed on the protocol were no longer safe because of the breach. It strongly urged all users to withdraw funds immediately.

It also asked centralized exchanges to immediately halt deposits of the Taiko native token until further notice. All Taiko block proposers also stopped producing new blocks while the team investigates the incident, The Block reported.

In a later notice, Taiko said the exploit had been blocked and withdrawals via the layer1 bridge and the ERC20 vault had been fully cut off.

Taiko said the attacker exploited a vulnerability in verifying bridge message proofs. It said a forged message proof, without a legitimate event on the source chain, was accepted as valid on layer1, allowing the attacker to register fake withdrawals and drain funds from the bridge and token vault.

On-chain security firm Blockaid earlier identified a vulnerability in verifying Taiko bridge source signal proofs as the root cause. Blockaid said a manipulated message proof was accepted as valid on Ethereum layer1 without a corresponding legitimate message transmission event on the Taiko source chain.

On the scale of losses, Blockaid put it at about $1 million, while on-chain analytics platform PeckShield estimated about $1.7 million, The Block reported.

Taiko is an Ethereum layer2 network that began development in 2022 and launched its mainnet in May 2024. It uses a method in which Ethereum block validators determine the transaction order.