Skip to main content
Esc

Type to search

Articles / crypto-defi-blockchain / Taiko Bridge Drained $1.7M After SGX Signing Key Left Exposed on GitHub

Taiko Bridge Drained $1.7M After SGX Signing Key Left Exposed on GitHub

Jun 24, 2026 · Source: thedefiant.io · Topic:  crypto-defi-blockchain
Total Loss
$1.7M
Total amount drained from the Taiko Bridge due to the attack.
TAIKO Tokens Moved
1.99M TAIKO
The number of TAIKO tokens transferred by the attacker to the MEXC exchange.
Bridge Exploit Count
14
Number of cross-chain bridge exploits documented by PeckShield in 2026, highlighting ongoing security vulnerabilities.

§ 01 Executive Snapshot

  • What: Taiko Bridge suffered a loss of approximately $1.7 million due to an exposed SGX signing key on GitHub.
  • Who: Taiko, an Ethereum Layer 2 (L2) protocol, and the attacker who exploited the vulnerability.
  • Why it matters: This incident highlights significant security risks in decentralized finance (DeFi), particularly concerning the integrity of bridge infrastructures connecting Layer 1 and Layer 2 solutions.

§ 02 Key Developments

  • An RSA-3072 private key was publicly exposed as enclave-key.pem in the taikoxyz/raiko GitHub repository, allowing unauthorized access.
  • The attacker drained roughly $1.7 million by forging withdrawal proofs and moving approximately 1.99 million TAIKO tokens to the MEXC exchange.
  • Taiko's Security Council activated a multisig to pause withdrawals and halt block production immediately after the attack was detected.

§ 03 Strategic Context

  • This incident underscores the vulnerabilities in rollup architectures where the security of asset withdrawals depends on the integrity of bridge prover infrastructures.
  • The attack follows a trend of significant losses across cross-chain bridges, raising concerns about access control and security measures within the infrastructure layer.

§ 04 Strategic Implications

  • Immediate market consequences include a loss of user trust in Taiko's bridge and potential impacts on TAIKO token liquidity and trading activity.
  • Long-term implications may involve increased scrutiny and regulatory attention on bridge security protocols and the need for enhanced security measures in DeFi.

§ 05 Risks & Constraints

  • Regulatory risks may arise from the incident, especially concerning user asset protection and operational security in DeFi platforms.
  • There exists ongoing competition among Layer 2 solutions, and security incidents can lead to a shift in user preference toward more secure alternatives.

§ 06 Watchlist / Forward Signals

  • A full post-mortem report from Taiko is anticipated, detailing the attack and recovery process, which will be critical for restoring user confidence.
  • The activation of recovery upgrades and the reopening of the bridge will signal the effectiveness of Taiko's response to the incident and its future operational security.
§ 07

Frequently Asked Questions

What caused the loss of $1.7 million for Taiko Bridge?

The loss was caused by an exposed SGX signing key on GitHub, which allowed an attacker to exploit the vulnerability.

Who was responsible for the attack on Taiko Bridge?

The attacker exploited the vulnerability created by the exposed private key, draining approximately $1.7 million.

How did the attacker manage to steal the funds?

The attacker forged withdrawal proofs and moved approximately 1.99 million TAIKO tokens to the MEXC exchange.

What actions did Taiko take after the attack was detected?

Taiko's Security Council activated a multisig to pause withdrawals and halt block production immediately after detecting the attack.

§ 08

Related Articles