BlockSec Phalcon released a preliminary analysis of a Taiko security incident, saying the likely root cause was exposure of an SGX enclave signing key for Taiko’s multi-prover component, Raiko, on GitHub. According to Foresight News, the attacker used the exposed key to register a malicious, attacker-controlled SGX instance, bypass the proof verification mechanism, and forge state and signal proofs.

BlockSec Phalcon said the attacker then used a forged source signal to mark a false cross-chain message as RETRIABLE and called retryMessage to extract canonical L1 assets from the ERC20Vault.