Taiko's network was attacked and lost over 1.7 million US dollars, suspected to be due to GitHub leaking keys

BlockSec monitoring shows that the Taiko network was attacked and lost over $1.7 million due to the Raiko SGX enclave signature key exposed on GitHub. The exposed key allows attackers to register controlled SGX instances and sign proofs, resulting in fraudulent state proofs being passed. The attacker uses a forged source signal to register a fake bridge message and calls retyMessage to release L1 assets from ERC20Vault.