Taiko is the first based rollup on Ethereum, pioneering a new approach to Layer 2 scaling that preserves Ethereum's core values of decentralization, censorship resistance, and liveness. Unlike traditional rollups that rely on centralized sequencers, Taiko uses based sequencing where Ethereum validators directly sequence L2 blocks, maintaining complete decentralization across the stack. As groundbreaking architecture entered uncharted territory, Taiko required security expertise embedded from the earliest design phases.

The Challenge

Building the first based rollup introduced security challenges that no audit firm had encountered before. Taiko wasn't just implementing known patterns, they were inventing new mechanisms that would define an entirely new category of Layer 2 solutions.

The protocol faced unprecedented requirements:

  • Pioneering Unproven Architecture: Based sequencing, decentralized preconfirmations, and multi-proof validation systems had never been implemented at production scale. Without established security patterns or prior art, every design decision carried unknown risks that wouldn't surface until deep architectural analysis.
  • Security Before Code Exists: Traditional audits find vulnerabilities in finished code, but Taiko needed to validate security assumptions during protocol design, before implementation locked in architectural flaws that would be expensive or impossible to fix later.
  • Rapid Innovation Without Compromising Decentralization: Taiko's roadmap includes shipping preconfirmations, launching Gwyneth (a synchronously composable booster rollup), all while maintaining the decentralization guarantees that define based rollups. Each innovation needed security validation without slowing development velocity.

Taiko required a security partner who could collaborate during protocol design, validate novel mechanisms before implementation, and support continuous innovation as the first based rollup evolved.

OpenZeppelin's Solution

Design-Phase Security Partnership

Since early 2025, OpenZeppelin has partnered with Taiko as an embedded security advisor, working directly with their engineering team from protocol design through production releases. This design-first approach enables security validation when architectural decisions have maximum impact, before code is written.

Our collaboration began during Taiko's early research into based rollup mechanics, decentralized sequencing, and preconfirmation systems, providing security guidance that shaped the protocol's foundations.

Applied Research for Based Rollup Innovation

Taiko's pioneering based sequencing required specialized research to validate novel mechanisms where no established patterns existed. OpenZeppelin's research team collaborated with Taiko to develop and formalize new primitives for based rollups, including published research on preemptive provable assertions that enable L2 users to rely on assertions about future state.

This research-driven collaboration validated the security of innovative systems and contributed foundational work to the broader Ethereum research community, giving Taiko confidence to ship features that other Layer 2s had considered too risky.

Comprehensive Audit Coverage Across Protocol Evolution

OpenZeppelin audited multiple versions of the Taiko protocol as it evolved through major upgrades. These audits uncovered critical and high severity vulnerabilities that enabled Taiko to strengthen the protocol's security before key releases.

"Security starts on day one. Working with OpenZeppelin has helped us design and ship the most secure and decentralized version of Taiko possible. Their researchers supported us during protocol design and their audits found high severity issues that allowed us to ship upgrades safely."

Gustavo Gonzalez
Engineering Director, Taiko

The Results

Comprehensive Security Coverage

113 total issues identified across 3 audits since early 2025, securing every critical component of Taiko's based rollup architecture:

  • 13 Critical and High severity vulnerabilities
  • Multiple medium and low severity issues preventing potential exploits
  • Design-phase validation preventing architectural vulnerabilities before implementation

Enabled Confident Innovation

OpenZeppelin's design-phase partnership enabled Taiko to pioneer based rollup technology while maintaining strong security guarantees. Early involvement during protocol design identified systemic issues when changes were straightforward, while applied research validated novel mechanisms and contributed foundational work to the broader Ethereum ecosystem.

"Having OpenZeppelin involved throughout the lifecycle, from early design discussions through production audits, gave us the confidence to pioneer based rollups. It's not just about finding bugs as OpenZeppelin is a partner who understands what we're building and helps us get it right from day one."

Gustavo Gonzalez
Engineering Director, Taiko

Our ongoing partnership continues to support Taiko's ambitious roadmap, including Gwyneth's upcoming launch, fully decentralized preconfirmations, and continued innovation in based sequencing technology.

OpenZeppelin's design-phase security partnership has been fundamental to Taiko's success as Ethereum's first based rollup. Through early design reviews, applied research on novel mechanisms, and 3 comprehensive audits, we've secured Taiko's pioneering architecture from initial concept through production, identifying 113 issues including 13 critical and high vulnerabilities while enabling the protocol to innovate with confidence.