Summary
- Taiko announced a compromise of its chain state verification system, advising users to withdraw funds from all bridges on its network.
- BlockSec Phalcon reported estimated losses over $1.7 million, linking the breach to an exposed Raiko SGX enclave signing key.
- This incident raises concerns regarding the security of the protocol's proof verification mechanisms.
The Taiko network developers have warned users to withdraw their funds from all bridges associated with its Ethereum layer-2 solution after revealing that its chain state verification mechanism has been compromised.
In a security announcement made on Sunday, the team indicated that the security measures supporting all bridges on Taiko could no longer be trusted. They are currently working with their Security Council and ecosystem partners to manage the situation, halt affected systems where feasible, and explore both technical and legal options.
"We strongly advise all users to withdraw their funds from all bridges deployed on Taiko immediately," the team stated on X.
Taiko is an Ethereum layer-2 solution utilizing zero-knowledge rollups for enhanced transaction processing while ensuring compatibility with Ethereum. Co-founded by former Loopring CEO Daniel Wang, the network's mainnet was launched in May 2024, serving as a dedicated data storage solution for Ethereum scalability.
While Taiko did not specify the exact cause of the breach or provide a loss estimate, Blockchain security firm BlockSec Phalcon indicated that the attack resulted in losses surpassing $1.7 million. Their preliminary analysis suggested that the breach stemmed from a Raiko SGX enclave signing key that was publicly available on GitHub.
“The accessibility of the enclave signing key may have compromised the SGX prover trust model,” BlockSec Phalcon commented on X. “This exposed key could have enabled the attacker to register SGX instances controlled by them through SgxVerifier.registerInstance.”
According to BlockSec, the attackers likely exploited compromised verifier instances to create false proofs that were accepted by Taiko's verification contracts. Subsequently, they used a fraudulent signal to register a fake bridge message, prompting the release of Ethereum-based assets from the protocol's ERC20Vault.
This breach at Taiko occurs amidst a series of significant crypto-related attacks. In April, $292 million was stolen from KelpDAO's cross-chain bridge, an incident linked to North Korea's Lazarus Group. In May, Echo Protocol reported a breach involving the unauthorized minting of $77 million worth of eBTC on Monad, although the project later revised the realized losses to about $816,000. Earlier this month, the Solana-based exchange Raydium experienced a loss of $1.34 million due to exploitation of outdated liquidity pools.
Overall, DeFi protocols experienced losses exceeding $840 million in the first five months of this year.