Taiko Bridge Attack: $1.7M Stolen, Users Told to Withdraw

The developers behind the Taiko network issued an urgent security warning on Sunday after confirming a breach of its chain state verification mechanism. Consequently, they strongly advised all users to withdraw their funds from all bridges deployed on the Ethereum layer-2 blockchain immediately.

In a security notice, the project stated the security assumptions for all bridges on Taiko could no longer be trusted. The team wrote on X that they are coordinating with partners to contain the incident and pause affected systems. However, they did not disclose the cause of the breach or provide a loss estimate.

Blockchain security firm BlockSec Phalcon reported losses exceeding $1.7 million in a preliminary analysis. The firm linked the attack to an exposed Raiko SGX enclave signing key that had been publicly accessible on GitHub. “Because the enclave signing key was publicly accessible, the SGX prover trust model may have been broken,” they explained.

According to BlockSec, attackers likely used compromised verifier instances to generate fraudulent proofs accepted by Taiko’s contracts. This allowed them to forge a bridge message and trigger the release of Ethereum-based assets. Meanwhile, the breach follows a string of other major crypto exploits in recent months.

In April, attackers stole $292 million from KelpDAO’s cross-chain bridge. Earlier this month, the Solana-based exchange Raydium lost $1.34 million after attackers exploited deprecated liquidity pools. In total, DeFi protocols lost more than $840 million in the first five months of the year.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

• Baillie Gifford Launches $237B Tokenized Fund
• Robinhood raises $2B in debt, sets $300M for buybacks
• UK’s FTSE 100 Nears Crucial Breakout Point
• Strategy Boosts Bitcoin Treasury With $34.9M Buy
• Canada’s spy agency hacked, neutralized state-linked botnets