The key is meant to remain sealed inside secure hardware so that the evidence can be trusted. With that exposed, the attacker could register their own proofs as legitimate and sign fraudulent proofs that Taiko’s verifier accepted, then fake a bridge withdrawal that released real assets on Ethereum.
.@taikoxyz was allegedly attacked with losses of over 1.7 million. USD. Our initial investigation suggests that the likely root cause was an exposed Raiko SGX enclave signing key on GitHub. Raiko is Taiko’s multi-prover stack for Taiko and Ethereum blocks, so an exposed Raiko SGX enclave key… pic.twitter.com/eAq9Xjngz8
— BlockSec Phalcon (@Phalcon_xyz) June 22, 2026
Taiko urged all users to withdraw from every bridge on the network, asked centralized exchanges to suspend deposits of their TAIKO token, and ordered its block producers to stop creating new blocks during the investigation.
Around 02:00 ET it said the exploit was contained and withdrawals through the main bridge and token vault had completely stopped. The exploiter had already moved about 2 million TAIKO, worth about $170,000, to an account on the MEXC exchange.
The dollar loss is small, but the error came from the same DeFi mechanism that has caused losses of hundreds of millions this year.
Forged cross-chain messages drained $292 million from the Kelp DAO’s bridge in April and $11.4 million from the Verus-Ethereum bridge in May, the same error where one chain is tricked into trusting a fake instruction from another. Bridges has produced more than $340 million in losses across at least 14 exploits by 2026, making it the costliest target in crypto. Taiko’s injuries remained contained primarily because the team captured and froze it within hours.
