Summary Value Secured Activity Liveness Milestones & Incidents Risk summary Risk analysis Rollup stage Data availability State validation Operator Withdrawals Permissions Smart contracts

Taiko Alethia

Badges

About

Taiko Alethia is an Ethereum-equivalent rollup on the Ethereum network. Taiko combines based sequencing and a multi-proof system through SP1, RISC0 and TEEs.

Value securedTVS

$141.16 M3.12%

Canonically BridgedCanonical

$42.29 M

Natively MintedNative

$0.00

Externally BridgedExternal

$98.86 M

View TVS Breakdown

Tokens

Past day UOPS

13.0112.4%

Gas token

ETH

Type

Other

Purpose

Universal

Chain ID

167000

Sequencer failureState validationData availabilityExit windowProposer failure

Explore more in Discovery UI

Badges

About

Taiko Alethia is an Ethereum-equivalent rollup on the Ethereum network. Taiko combines based sequencing and a multi-proof system through SP1, RISC0 and TEEs.

Taiko Alethia

Milestones & Incidents

Why is the project listed in others?

The proof system isn't fully functional

Consequence: projects without a proper proof system fully rely on single entities to safely update the state. A malicious proposer can finalize an invalid state, which can cause loss of funds.

Learn more about the recategorisation here.

Value Secured

2024 Jun 26 — 2025 Jun 26

View TVS breakdown

Total value securedTotal

$141.16 M3.12%

Canonically BridgedCanonically Bridged ValueCanonical

$42.29 M14.9%

Natively MintedNatively Minted TokensNative

$0.000.00%

Externally BridgedExternally Bridged ValueExternal

$98.86 M3.00%

View TVS breakdown

Activity

Liveness

The chart illustrates how "live" the project's operators are by displaying how frequently they submit transactions of the selected type and if these intervals deviate from their typical schedule.

2025 May 27 — Jun 26

30D avg. tx data subs. interval

52 seconds

30D avg. state updates interval

7 minutes

Past 30 days anomalies

Milestones & Incidents

Plonky3 vulnerability patch

2025 Jun 4th

SP1 verifier is patched to fix critical vulnerability in Plonky3 proof system (SP1 dependency).

Learn more

Taiko Pacaya Hardfork

2025 May 21st

Taiko Pacaya hardfork replaces the contestable rollup design with a batch based protocol.

Learn more

Risk summary

Funds can be stolen if

a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL),
a malicious block is proven by compromised SGX instances.

Risk analysis

Sequencer failureState validationData availabilityExit windowProposer failure

Sequencer failure

Self sequence

The system uses a based (or L1-sequenced) rollup sequencing mechanism, meaning that users can propose L2 blocks directly on the Taiko L1 contract. Proposers are required to also prove blocks within 2h, or forfeit half of their liveness bond (125.0 TAIKO).

State validation

Multi-proofs

A multi-proof system is used. There are four verifiers available: SGX (Geth), SGX (Reth), SP1 and RISC0. Two of them must be used to prove a block, and SGX (Geth) is mandatory. A block can be proved without providing a ZK proof as SGX (Geth) + SGX (Reth) is a valid combination.

Data availability

Onchain

All of the data needed for proof construction is published on Ethereum L1.

Exit window

None

There is no window for users to exit in case of an unwanted upgrade since contracts are instantly upgradable.

Proposer failure

Self propose

Anyone can be a Proposer and propose new roots to the L1 bridge. Provers are required to submit two valid proofs for blocks, one of which must be SGX (Geth), and the other can be either SGX (Reth), SP1, or RISC0. If the proposer fails to prove the block within the proving window, they forfeit half of their liveness bond.

Rollup stage

Taiko Alethia is not even a

Stage 0

project.

Learn more about Rollup stages

Please keep in mind that these stages do not reflect rollup security, this is an opinionated assessment of rollup maturity based on subjective criteria, created with a goal of incentivizing projects to push toward better decentralization. Each team may have taken different paths to achieve this goal.

Data availability

All data required for proofs is published on chain

All the data that is used to construct the system state is published on chain in the form of blobs. This ensures that it will be available for enough time.

Learn more about the DA layer here:

Ethereum

State validation

Validity proofs

Taiko uses a multi-proof system to validate state transitions. The system requires two proofs among four available verifiers: SGX (Geth), SGX (Reth), SP1, and RISC0. The use of SGX (Geth) is mandatory, while the other three can be used interchangeably. This means that a block can be proven without providing a ZK proof if SGX (Geth) and SGX (Reth) are used together. Batch proposers are required to stake a liveness bond of 125.0 TAIKO, half of which is forfeited if they fail to prove the block within the proving window of 2h. The multi-proof system allows to detect bugs in the verifiers if they produce different results for the same block. If such a bug is detected, the system gets automatically paused.

Funds can be stolen if a malicious block is proven by compromised SGX instances.

TaikoL1.sol - Etherscan source code, liveness bond

Operator

The system uses a based sequencing mechanism

The system uses a based (or L1-sequenced) sequencing mechanism. Anyone can sequence Taiko L2 blocks by proposing them directly on the TaikoL1 contract. The proposer of a block is assigned the designated prover role, and will be the only entity allowed to provide a proof for the block during the 2h proving window. Currently, proving a block requires the block proposer to run a SGX instance with Geth, plus either SGX (Reth), SP1, or RISC0 to prove the block. Unless the block proposer proves the block within the proving window, it will forfeit half of its liveness bond to the TaikoL1 smart contract.

TaikoL1.sol - Etherscan source code, proposeBatch function

Users can force any transaction

The system is designed to allow users to propose L2 blocks directly on L1. Note that this would require the user to run two of the available proving systems, or forfeit half the liveness bond of 125.0 TAIKO. Moreover, users can submit a blob containing a standalone transaction by calling the storeForcedInclusion() function on the ForcedInclusionStore contract. This forced transaction mechanism allows users to submit a transaction without running a prover. This mechanism ensures that at least one forced transaction from the queue is processed every 255 batches. However, if many transactions (k) are added to the queue, an individual transaction could experience a worst-case delay of up to k * 255 batches while waiting for its turn.

Withdrawals

Regular exit

The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is finalized the funds become available for withdrawal on L1. Finally the user submits an L1 transaction to claim the funds. This transaction requires a merkle proof.

Permissions

A dashboard to explore contracts and permissions

Go to Disco

Explore in Disco

Ethereum

Actors:

DAO 0x9CDf…f261

The main contract of the Aragon-based DAO governance framework.

Can upgrade with no delay
- TaikoDAOController
- TaikoDAOController

TaikoDAOController 0x75Ba…CD0a

Contract that maintains ownership DAO-controlled assets and contracts. Its token weight does not count towards the DAO quorum.

Can upgrade with no delay
- Taiko Token
- QuotaManager
- MainnetERC20Vault
- MainnetSignalService
- MainnetBridge

Taiko Multisig 0x9CBe…9C7F

A Multisig with 4/6 threshold.
Can upgrade with no delay
- ForcedInclusionStore
- TaikoL1
- AutomataDcapV3Attestation
- DefaultResolver
- ProverSet
- Risc0VerifierGateway
- SgxVerifier
- AutomataDcapV3Attestation
- DefaultResolver
- SgxVerifier
- TaikoWrapper
- VerifierGateway
- SP1VerifierGateway
- L1SharedAddressManager
Can interact with AutomataDcapV3Attestation
- can update the program being verified
Can interact with DefaultResolver
- can update the contract address for a given name
Can interact with Risc0VerifierGateway
- can update the program being verified
Can interact with SgxVerifier
- can add new instances without a DCAP attestation
Can interact with AutomataDcapV3Attestation
- can update the program being verified
Can interact with DefaultResolver
- can update the contract address for a given name
Can interact with SgxVerifier
- can add new instances without a DCAP attestation
Can interact with SP1VerifierGateway
- can update the program being verified
Can interact with L1SharedAddressManager
- can update the contract address for a given name

Participants (6):

0xDC4e…8a0a 0x0aED…50B3 0x1eE4…145A 0x0F02…0438 0x7Cdd…7F91 0x3b1D…d5F1

Taiko Foundation Treasury Multisig 0x363e…B3Da

A Multisig with 4/6 threshold.

Participants (6):

0xDC4e…8a0a 0x0F02…0438 0x1eE4…145A 0xFa92…CD44 0x7Cdd…7F91 0x3b1D…d5F1

Smart contracts

A dashboard to explore contracts and permissions

Go to Disco

Explore in Disco

A diagram of the smart contract architecture

Ethereum

MainnetERC20Vault 0x9962…15Ab Implementation (Upgradable)Admin

Shared vault for Taiko chains for bridged ERC20 tokens.

Roles:
- admin: TaikoDAOController
This contract can store any token.

Can be upgraded by:

TaikoDAOController with no delay

TaikoDAOController 0xfC3C…b2D3 Implementation (Upgradable)Admin

Contract that maintains ownership DAO-controlled assets and contracts. Its token weight does not count towards the DAO quorum.

Roles:
- admin: DAO

Can be upgraded by:

DAO with no delay

ForcedInclusionStore 0x05d8…4e03 Implementation (Upgradable)Admin

Contract that allows users to enqueue forced transactions via L1. The system guarantees that at least one pending forced transaction from the queue will be processed every 255 batches. Individual transactions may face longer delays if the queue is extensive.

Roles:
- admin: Taiko Multisig

Can be upgraded by:

Taiko Multisig with no delay

TaikoL1 0x06a9…b19a Implementation #1 (Upgradable)Implementation #2 (Upgradable)Implementation #3 (Upgradable)Admin

Main contract implementing the logic for proposing and proving Taiko blocks on L1.

Roles:
- admin: Taiko Multisig

Can be upgraded by:

Taiko Multisig with no delay

SignerList 0x0F95…79c2 Implementation (Upgradable)Admin

A signer list for registering agents, similar to a Multisig.

AutomataDcapV3Attestation 0x0ffa…9261 Implementation (Upgradable)Admin

Contract managing SGX attestation certificates.

Roles:
- admin: Taiko Multisig
- owner: Taiko Multisig

Can be upgraded by:

Taiko Multisig with no delay

Taiko Token 0x10de…d800 Implementation (Upgradable)Admin

ERC20 contract implementing the TAIKO token. It defines a list of addresses designated as non-voting.

Roles:
- admin: TaikoDAOController

Can be upgraded by:

TaikoDAOController with no delay

EmergencyMultisig 0x2Aff…7ECd Implementation (Upgradable)Admin

Modular Governance contract allowing for proposing, voting on and executing encrypted proposals (e.g. for Security Council emergency proposals).

EncryptionRegistry 0x2eFD…42d1

A registry for signers (of the Security Council) to appoint agents to operate on their behalf. These agents can also register their encryption keys for encrypted emergency proposal support.

DefaultResolver 0x5A98…b33a Implementation (Upgradable)Admin

Maps contract names to contract addresses. Changes in this mapping effectively act as contract upgrades.