Taiko Security Incident Linked to Exposed Raiko SGX Signature Key on GitHub

2026-06-22 13:55

BlockSec Phalcon reports that the recent security incident involving Taiko likely originated from the exposure of the SGX enclave signature key for its multi-verifier component, Raiko. The key was found publicly accessible on GitHub, creating a critical vulnerability in the system's integrity.

Attackers exploited this exposed credential to register maliciously controlled SGX instances, effectively bypassing standard verification mechanisms. By forging status and signature proofs, they manipulated the protocol to mark false cross-chain messages as 'RETRIABLE'. This manipulation allowed the invocation of the 'retryMessage' function, enabling the extraction of specified L1 assets from the ERC20Vault.

Disclaimer: Views are the author's own and do not represent the platform. Do not reproduce without permission. Content is for reference only, not investment advice. Trade at your own risk.

Trending News

THORChain resumes operations after $10.7M exploit and 1-month security overhaul

Franklin Templeton acquires 250 Digital to launch Franklin Crypto with $1.8B target by 2025

SOL drops to $71 as $13.66M long liquidations override $140M tokenized stock record

Russian Cosmos satellites maneuver within 500 meters of ICEYE-X36 signaling new commercial space warfare risks

STRC discount widens to 13% with yield hitting 12.9% as Bitcoin drops 40% and weekly buying shrinks to $100M

Ethereum Glamsterdam upgrade targets 200M gas limit with ePBS and BAL for parallel execution

Ripple secures preliminary MiCA CASP approval unlocking access to 30 EU markets

Ripple secures preliminary MiCA CASP license ahead of July 1 EU regulatory deadline

CFTC proposes 24/7 energy perpetual contracts after Hyperliquid captures $2.45B in oil trading volume

7.5M USDT drained from Jaredfromsubway.eth in single block exploiting dangling authorization vulnerability