Taiko urged users to withdraw all assets after $1.7 million protocol breach

Ethereum Layer 2 network Taiko has confirmed a breach impacting its chain state verification mechanism, prompting the project to urge users to withdraw all assets held in its cross-chain bridges. In a security alert published Sunday, the Taiko team stated that the fundamental security assumptions behind all bridges on the network could no longer be trusted.Security alert and immediate impactPossible cause of the exploitBroader security concerns The Taiko team announced it is working alongside the Security Council and ecosystem partners to contain the impact of the incident, suspend vulnerable systems, and pursue both technical and legal responses. The statement called for users to immediately withdraw funds from all active bridges operating on the Taiko network.The Taiko team strongly advised users to withdraw their assets from all network bridges without delay.Taiko is recognized as an Ethereum-compatible Layer 2 solution leveraging zero-knowledge rollup technology to process transactions more efficiently. Co-founded by Daniel Wang, the network launched its mainnet in May 2024.Possible cause of the exploitTaiko has not yet disclosed the exact cause of the breach or the total extent of the losses. However, blockchain security firm BlockSec Phalcon has estimated that losses exceed $1.7 million. According to preliminary analysis, the exploit likely originated from a Raiko SGX enclave signing key that was accessible to the public on GitHub. Mini glossary: SGX is a hardware security technology developed by Intel that allows certain code to run in an isolated, secure environment. An enclave signing key is used to confirm that a secure enclave is legitimate and authorized.BlockSec Phalcon explained that because the enclave signing key was publicly accessible, the SGX attestation trust model may have been compromised, potentially enabling attackers to register SGX instances under their own control with the system.BlockSec’s assessment suggests that attackers used compromised validator instances to produce fraudulent proofs accepted by Taiko’s verification contracts. With the help of a fake signal, a spoofed bridge message was then recorded, allowing Ethereum-based assets to be withdrawn from the protocol’s ERC20Vault structure.Broader security concernsThis incident has reignited debate about the resilience of proof verification infrastructure across Layer 2 networks. Notably, in the Taiko case, all network bridges—not just a single one—were found to have compromised security assumptions.The Taiko breach comes on the heels of a series of major hacks in the crypto sector. In April, $292 million was stolen from KelpDAO’s cross-chain bridge; in May, unauthorized minting of eBTC on Echo Protocol Monad resulted in losses around $816,000; and earlier this month, the Solana-based Raydium exchange lost $1.34 million after old liquidity pools were exploited.ProtocolDateDisclosed amountIncident typeTaikoAnnounced SundayOver $1.7 millionChain state verification breachKelpDAOApril$292 millionCross-chain bridge exploitEcho ProtocolMayUnauthorized minting of $77 million in eBTC, around $816,000 in lossesUnauthorized eBTC mintRaydiumBeginning of the month$1.34 millionExploit of old liquidity poolsAccording to sector data, total losses from decentralized finance protocols in the first five months of the year surpassed $840 million. The Taiko incident is likely to intensify calls for more stringent audits of bridge security and verification frameworks throughout the industry.Disclaimer: The information contained in this article does not constitute investment advice. Investors should be aware that cryptocurrencies carry high volatility and therefore risk, and should conduct their own research.