Taiko pledged to ensure that no users will lose funds following the June 21st security compromise of its chain state verification mechanism. The team revealed that the bridged assets are currently undercollateralized, but pledged to fully recollateralize the bridge before it reopens, ensuring all user balances are backed 1:1.

According to Ledger CTO Charles Guillemet, the root cause was a critical credential leak. The private key used to sign all of Taiko's SGX enclaves was accidentally committed to the public Raiko GitHub repository, exposing the trust model. Using the leaked RSA key, the attacker derived the corresponding signer identifier, signed a malicious enclave, and registered as a trusted prover.

The Taiko team contained the exploit and identified the proof-validation flaw before working with its board to secure user assets. Taiko’s CEO has filed an official report with Singapore authorities to pursue the exploiters. The team expects to share exact timelines soon alongside a comprehensive technical post-mortem.

Disclaimer: Content is for informational and educational purposes only and does not constitute financial, investment, legal, or other professional advice. No representations or warranties are made as to accuracy, completeness, or timeliness. Use of this content is at your own risk, and you should consult a qualified professional before making decisions. No fiduciary or advisory relationship is created