The rapid adoption of Layer 2 (L2) blockchain scaling solutions, such as optimistic rollup (OR), have introduced new vulnerabilities that compromise the security and efficiency of blockchain. In this work, we introduce a critical security vulnerability in the OR system, where attackers exploit remote procedure call (RPC) address manipulation to deceive verifiers into challenging legitimate state roots. By altering the sender's RPC address during transaction processing delays, attackers create a false perception of fraud, resulting in unwarranted challenges and penalties for verifiers, thereby undermining the pro tocol's integrity. To mitigate this flaw, we propose RollGuard, a graph machine learning (ML) approach that dynamically models interactions within the blockchain as a graph, with nodes representing senders and receivers (RPC endpoints). Utilizing a graph neural network (GNN), this method detects unusual RPC address changes by analyzing real-time and historical transaction patterns, enabling proactive identification of potential attacks. The GNN flags anomalous behavior in RPC address updates, offering early alerts to verifiers and reducing false challenges. Our experimental results show that RollGuardframework significantly enhances protocol security, lowering false-positive challenge rates and protecting verifiers from undue penalties.