Taiko's bridge exploit on Ethereum.

On June 22, an attacker drained about $1.7 million from Taiko, an Ethereum layer-2 network, then the team halted block production across the chain.

A bridge moves tokens between two chains. It locks your deposit on one side and releases the matching amount on the other, but only after a proof confirms the deposit really happened. Taiko built those proofs inside Intel SGX, a sealed part of a chip that signs "this is genuine" with a key that is never supposed to leave the hardware.

That signing key was sitting in a public GitHub repository. With it, the attacker signed proofs for deposits that never existed, and the bridge paid out real funds against them.

The cryptography worked. The enclave worked. The trust they produced was only as good as a key left in the open.