BlockBeats report: On June 22, according to BlockSec monitoring, the Taiko network suffered an attack resulting in losses exceeding $1.7 million. Preliminary investigations suggest the root cause may be the exposure of Raiko SGX enclave signing keys on GitHub. Raiko is Taiko’s multi-prover stack used for generating proofs for both Taiko and Ethereum blocks; thus, the exposed Raiko SGX enclave keys could directly impact Taiko’s on-chain proof verification pathway.
Because the enclave signing key is publicly accessible, the SGX attester trust model may have been compromised. The exposed key could allow an attacker to register SGX instances under their control. Once registered, these instances can sign proof public inputs accepted by the Taiko proof verifier, enabling fraudulent state/signaling proofs to pass. The attacker then registers fraudulent source signals as RETRIABLE and subsequently calls retryMessage to cause the ERC20Vault to release canonical L1 assets.

