What happened
On June 22, 2026, Taiko halted its Ethereum L2 after roughly $1.7M (USDC, ETH, and TAIKO) was drained from its bridge and ERC-20 vault. The root cause was not a Solidity bug — it was a leaked signing key.
Root cause
An RSA-3072 private key for Raiko, Taiko's multi-prover stack, had been committed as enclave-key.pem to the public taikoxyz/raiko GitHub repository. That key is the trust anchor the on-chain verifier uses to accept L2 state attestations. Once it was public, anyone could impersonate a legitimate prover.
The bridge's security reduces to a single question: did a trusted prover sign this state? With the real key in hand, the attacker could make that answer "yes" for state that never happened.
Attack steps
| # | Action |
|---|---|
| 1 | Recover the leaked enclave-key.pem from the public Raiko repo |
| 2 | Register a forged prover the on-chain verifier accepts as legitimate |
| 3 | Sign fake L2 state attestations + withdrawal proofs |
| 4 | Submit Ethereum withdrawals with no matching L2 deposits |
| 5 | Bridge contracts verify the proof as valid and release funds |
Impact
~$1.7M across USDC, ETH, and TAIKO. Taiko froze the network and warned users to withdraw. Monitoring (Blockaid) flagged the activity within minutes, but the withdrawals had already cleared.
Lessons for auditors
- A bridge is only as strong as its prover-key custody. A verifier that trusts a single signer collapses entirely if that signer's key leaks. Prefer multi-prover / threshold designs where one compromised key is insufficient.
- Secrets in source control are a live attack surface. Scan repos (and their full history) for committed keys; rotate immediately on exposure. An immutable verifier cannot "un-trust" a leaked key without a migration.
- Withdrawals must reconcile against deposits. If the contract cannot independently reject a correctly-signed-but-fabricated proof, signature validity becomes the only control — and that's fragile.