Lido Investigates Oracle Key Compromise, DAO Proposes Emergency Key Rotation
In Brief
Founder of DefiLlama noted that a security breach had occurred involving one of the addresses linked to Lido’s oracle multisignature wallet, from which the attackers withdrew 1.4 ETH.
Founder of the decentralized finance (DeFi) total value locked (TVL) tracking platform DefiLlama, 0xngmi noted on social media platform X that a security breach had occurred involving one of the addresses associated with Lido’s oracle multi-signature wallet.
The attackers withdrew approximately 1.4 ETH from the compromised address, an action that revealed the unauthorized access. In light of the incident, it was proposed that holding small amounts of easily traceable tokens in multisig wallets could serve as a basic early warning mechanism, potentially signaling any unauthorized activity.
On May 10th, Lido reported that one of its oracle addresses operated by Chorus One was compromised and its ETH balance was withdrawn. The incident came to light after a Lido contributor investigated a low-balance alert, leading to the identification of unusual activity involving a key linked to the Lido Oracle operated by Chorus One. This key, which had been in use since its creation in 2021, was emptied overnight. Although the precise cause of the breach has not been determined, initial assessments suggest it may have resulted from a past private key leak, rather than an active or ongoing infrastructure failure.
Following the discovery, Lido contributors reached out to Chorus One for confirmation and began a formal investigation.
In response to the incident, Lido DAO proposed an emergency measure to rotate the compromised oracle key used in several critical contracts, including the HashConsensus components of the Accounting Oracle, Validators Exit Bus Oracle, and CS Fee Oracle. A community vote on this proposal is currently underway and will continue until May 16th.
According to Lido, the staking protocol remains secure and fully operational. No impact has been observed on user funds or the broader system. The oracle architecture, which requires a minimum quorum of five out of nine participants, remains intact. All other oracle nodes have been examined with no indication of compromise, and there is no evidence suggesting a wider security issue affecting Chorus One.
Lido Protocol Enhances Liquid Staking With Oracle Infrastructure For Secure And Flexible Asset Management
The Lido protocol allows participants to stake digital assets without requiring them to lock their holdings or operate their own validator nodes. In return, users receive liquid staking tokens, which serve as representations of their staked assets and accumulate staking rewards over time. These tokens can be used within decentralized finance ecosystems for various purposes, such as lending, trading, or collateralization, offering flexibility while the original assets remain staked.
A key component of Lido’s architecture is its oracle system, which plays a central role in maintaining the accuracy of data between Ethereum’s consensus and execution layers. This system includes both on-chain smart contracts and off-chain operations managed by selected entities. Among the smart contracts involved, the AccountingOracle collects input from off-chain sources on validator balances, operational metrics, and vault funds, supporting functions like balance updates, withdrawals, and reward distributions. The ValidatorsExitBus component tracks data related to validators opting to exit voluntarily, helping coordinate the transition and withdrawal processes.
Each oracle operator in the Lido ecosystem is assigned a unique Ethereum address, which grants the ability to submit data to these contracts. These inputs are essential for maintaining up-to-date and secure operations across the staking infrastructure.
Disclaimer
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.
About The Author
Alisa, a dedicated journalist at the MPost, specializes in cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.
More articles
Alisa, a dedicated journalist at the MPost, specializes in cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a keen eye for emerging trends and technologies, she delivers comprehensive coverage to inform and engage readers in the ever-evolving landscape of digital finance.
