Taiko ERC20 Vault Attacked, Losses Exceed $1M

Odaily Planet Daily News: Taiko's ERC20 Vault on Ethereum has been attacked, with losses exceeding $1 million. The root cause of the vulnerability lies in a defect in the source signal proof verification of the Taiko cross-chain bridge. A constructed message proof was accepted as valid on Ethereum L1 without requiring a corresponding legitimate MessageSent event on the Taiko source chain, allowing the attacker to register and extract fraudulent cross-chain messages and unauthorized release of assets from the ERC20 Vault.