Lido has discovered and disclosed a security vulnerability related to the RageQuit mechanism in the dual governance system, however, user funds are not affected.
The vulnerability has not been exploited, and Lido has quickly implemented effective response measures, ensuring safety with emergency steps and thorough testing before the official bug fix.
MAIN CONTENT
The rapid response process helps prevent the risk of abuse from the vulnerability.
The emergency committee actively intervenes when necessary to keep the governance system safe.
The bug bounty campaign and testing on the testnet run parallel to the voting to deploy the patch.
How did Lido discover the security vulnerability?
Information was disclosed by Lido on July 22 when a malicious vulnerability was reported through the Immunefi security reporting platform, related to the RageQuit mechanism in the dual governance system. Users were not affected in terms of assets.
The Lido development team asserts that they detected it early, leveraging the initial testing phase to mitigate exploitation risks.
How is the risk response mechanism from the vulnerability implemented?
Lido's emergency committee is always in a state of readiness to intervene, ensuring that any abusive behavior is tightly locked down. Meanwhile, the vulnerability patch is being proposed, tested, and undergoing thorough evaluation.
“Thanks to the parallel design between the vigilance of the development team and the emergency committee, we are confident that we can completely eliminate the risk of abuse from this vulnerability.”
Lido CEO, July 2024
Lido has conducted an extensive bug bounty campaign on the testnet alongside a chain vote to approve the patch. This demonstrates the project's transparent and professional governance process.
What are Lido's next steps to protect the system and the community?
The protection process includes: an emergency committee ready to respond immediately; bugs are continuously developed and tested; a bounty campaign to attract reports of new vulnerabilities; on-chain voting to approve and implement the official patch.
The simultaneous implementation of multiple steps helps maintain stability while increasing trust within the user community and investors.
“Dual governance along with strict control measures helps Lido prioritize user experience and asset protection.”
Cryptocurrency security expert, July 2024
Frequently Asked Questions
Does Lido's security vulnerability affect user balances?
No, according to an official confirmation from Lido, user assets are completely unaffected in this incident.
How does Lido prevent the risk of exploiting the vulnerability?
Lido's emergency committee is always ready to intervene, alongside developing the patch and running a bug bounty campaign on the testnet.
How is the bug fixing process carried out?
The patch is proposed, rigorously tested, voted on-chain for approval, and then officially deployed in the system.
Does Lido organize any bug reporting campaigns?
Yes, Lido conducts a bounty campaign on the testnet to timely discover and address potential vulnerabilities.
What role does dual governance play in this?
Dual governance helps to more tightly control risks, allowing for rapid and professional responses to security issues.
Source: https://tintucbitcoin.com/lido-phat-hien-loi-ragequit-dg/
Thank you for reading this article!
Please Like, Comment, and Follow TinTucBitcoin to stay updated with the latest news about the cryptocurrency market and not miss any important information!
