Taiko bridge repair testing begins after $1.7M exploit

Taiko initiated testing of its repair plan on June 26, five days after an attacker drained roughly $1.7 million from the protocol's Ethereum bridge. The bridge remains offline with no restart date set; the team has pledged it will not reopen until all bridged assets are fully recollateralized on a 1:1 basis.

On June 25, Taiko issued a formal commitment: "no user will lose funds because of this incident. The bridge is currently undercollateralized, and we will fully recollateralize it before it reopens." The team also filed formal reports with Singapore authorities and said it was cooperating with the investigation.

The exploit occurred June 21. A Raiko SGX enclave signing key had been left publicly accessible on GitHub; the attacker used it to enroll unauthorized provers and submit forged withdrawal proofs. Fake withdrawal requests were accepted on Ethereum L1 without matching deposit events on Taiko's chain, letting the attacker drain the ERC-20 Vault of roughly 870 ETH and 2 million TAIKO tokens. Taiko halted block production and froze withdrawals by approximately 2 a.m. ET on June 22.

A restart date depends on completing safety verification and full collateral restoration; no timeline has been stated publicly. The TAIKO token is down more than 20% since the incident.

Taiko warned users against unsolicited outreach linked to the incident: "We'll never DM you first, and there's no claim or refund site." All official updates are posted to verified Taiko channels only.