This key is intended to remain sealed in secure hardware so that evidence can be trusted. Once exposed, the attacker could register their own provers as legitimate and sign fraudulent proofs accepted by Taiko’s verifier, then simulate a bridging withdrawal that would release real assets onto Ethereum.
.@taikoxyz was reportedly attacked, with losses exceeding $1.7 million. Our initial investigation suggests that the likely root cause was a Raiko SGX enclave signing key exposed on GitHub. Raiko is Taiko’s multi-prover stack for Taiko and Ethereum blocks, so an exposed Raiko SGX enclave key… pic.twitter.com/eAq9Xjngz8
– BlockSec Phalcon (@Phalcon_xyz) June 22, 2026
Taiko urged all users to withdraw from every bridge in the network, asked centralized exchanges to suspend deposits of its TAIKO token, and asked its block producers to stop creating new blocks during the investigation.
Around 2 a.m. EST, the exploit was brought under control and withdrawals via the main deck and token vault were completely shut down. The exploiter had already transferred approximately 2 million TAIKO, worth approximately $170,000, to an account on the MEXC exchange.
The dollar loss is small, but the flaw comes from the same DeFi mechanism that caused losses in the hundreds of millions this year.
Fake cross-chain messages drained $292 million from the Kelp DAO bridge in April and $11.4 million from the Verus-Ethereum bridge in May, the same failure where one chain is tricked into trusting a fake instruction from another. Bridges have generated over $340 million in losses across at least 14 exploits in 2026, making them the most expensive target in crypto. Taiko’s damage remained contained mainly because the team caught and froze him within a few hours.
