Lido
Verified Creator
The easiest way to stake.
0 Following
790 Followers
490 Liked
36 Shared
All
Videos
[Security Disclosure] A vulnerability was reported and mitigated related to the Lido CSM and the permissionless verifier contract used to verify validator withdrawals.
The vulnerability was not exploited, and no CSM Node Operators were affected. stETH holders were not affected in any way.
As part of the remediation, a fix was implemented via Oracle mitigation (disabling bond burn) and DAO vote 190.
A bug bounty was paid to a whitehat who responsibly disclosed the issue via the Lido × Immunefi program.
Full details and can be found on the Lido research forum:
The vulnerability was not exploited, and no CSM Node Operators were affected. stETH holders were not affected in any way.
As part of the remediation, a fix was implemented via Oracle mitigation (disabling bond burn) and DAO vote 190.
A bug bounty was paid to a whitehat who responsibly disclosed the issue via the Lido × Immunefi program.
Full details and can be found on the Lido research forum:
The Lido CSM v2 Testnet is here.
http://csm.testnet.fi
↓
http://csm.testnet.fi
↓
Introducing the Dual Governance Bug Bounty Comp 🐛
In collaboration with @immunefi, bug hunters can now benefit from a $100,000 bonus reward, on top of the original $2m max bounty, for submissions related to Lido Dual Governance.
Full overview here:
https://immunefi.com/audit-competition/lido-bug-bounty-competition/information/
In collaboration with @immunefi, bug hunters can now benefit from a $100,000 bonus reward, on top of the original $2m max bounty, for submissions related to Lido Dual Governance.
Full overview here:
https://immunefi.com/audit-competition/lido-bug-bounty-competition/information/
Institutional staking, simplified 🏦
@caladanxyz now accepts stETH as collateral for institutional OTC trading.
Institutional clients can now use stETH for options and structured products - all while retaining staking rewards and liquidity.
More here: https://blog.lido.fi/caladan-integrates-steth-as-institutional-otc-collateral/
@caladanxyz now accepts stETH as collateral for institutional OTC trading.
Institutional clients can now use stETH for options and structured products - all while retaining staking rewards and liquidity.
More here: https://blog.lido.fi/caladan-integrates-steth-as-institutional-otc-collateral/
Lido DAO Governance: July
July votes are live, including two key initiatives - CSM v2 and Triggerable Withdrawals - pushing Lido towards more decentralized and permissionless staking.
Snapshot: July 21 → 28, 4 PM UTC
Aragon: July 23 → 28, 09:44 AM UTC
https://t.co/hBJ2MofyKC
👇
July votes are live, including two key initiatives - CSM v2 and Triggerable Withdrawals - pushing Lido towards more decentralized and permissionless staking.
Snapshot: July 21 → 28, 4 PM UTC
Aragon: July 23 → 28, 09:44 AM UTC
https://t.co/hBJ2MofyKC
👇
Introducing the newest Lido withdrawal aggregator: @JumperExchange ⚡
Skip the Ethereum withdrawal queues with instant swaps between stETH/wstETH and ETH using Jumper Exchange.
👇
Skip the Ethereum withdrawal queues with instant swaps between stETH/wstETH and ETH using Jumper Exchange.
👇
[Security Disclosure] A griefing vulnerability was responsibly reported via Immunefi, affecting the RageQuit mechanism in Lido’s Dual Governance (DG) system.
User funds are not affected. The vulnerability has not been exploited and a set of mitigations are in place.
Thanks to the “training wheels” phase of DG rollout and the readiness of the Emergency Committee to intervene if needed, Lido contributors are equipped to fully neutralize any potential abuse.
Next steps:
• Emergency Committee is on standby to intervene if needed
• A fix is being proposed, tested, and audited
• DG testnet bounty
• Onchain vote to ship fix
• Fix fully enacted
Lido contributors are grateful to the anonymous whitehat for the high-quality report and to Immunefi for supporting responsible disclosure.
Details and updates can be found on forum:
User funds are not affected. The vulnerability has not been exploited and a set of mitigations are in place.
Thanks to the “training wheels” phase of DG rollout and the readiness of the Emergency Committee to intervene if needed, Lido contributors are equipped to fully neutralize any potential abuse.
Next steps:
• Emergency Committee is on standby to intervene if needed
• A fix is being proposed, tested, and audited
• DG testnet bounty
• Onchain vote to ship fix
• Fix fully enacted
Lido contributors are grateful to the anonymous whitehat for the high-quality report and to Immunefi for supporting responsible disclosure.
Details and updates can be found on forum:
[Security Disclosure] A griefing vulnerability was responsibly reported via Immunefi, affecting the RageQuit mechanism in Lido’s Dual Governance (DG) system.
The issue could have delayed ETH withdrawals during a RageQuit state, but no user funds were ever at risk.
Thanks to the “training wheels” phase of DG rollout and the readiness of the Emergency Committee to intervene if needed, Lido contributors are equipped to fully neutralize any potential abuse.
Next steps:
• Emergency Committee is on standby to intervene if needed
• A fix is being proposed, tested, and audited
• DG testnet bounty
• Onchain vote to ship fix
• Fix fully enacted
Lido contributors are grateful to the anonymous whitehat for the high-quality report and to Immunefi for supporting responsible disclosure.
Details and updates can be found on forum:
The issue could have delayed ETH withdrawals during a RageQuit state, but no user funds were ever at risk.
Thanks to the “training wheels” phase of DG rollout and the readiness of the Emergency Committee to intervene if needed, Lido contributors are equipped to fully neutralize any potential abuse.
Next steps:
• Emergency Committee is on standby to intervene if needed
• A fix is being proposed, tested, and audited
• DG testnet bounty
• Onchain vote to ship fix
• Fix fully enacted
Lido contributors are grateful to the anonymous whitehat for the high-quality report and to Immunefi for supporting responsible disclosure.
Details and updates can be found on forum:
[Security Disclosure] A griefing vulnerability was responsibly reported via Immunefi, affecting the RageQuit mechanism in Lido’s Dual Governance (DG) system.
The issue could have delayed ETH withdrawals during a RageQuit state, but no user funds were ever at risk.
Thanks to the “training wheels” phase of DG rollout and the readiness of the Emergency Committee to intervene if needed, Lido contributors are equipped to fully neutralize any potential abuse.
Next steps:
• Emergency Committee is on standby to intervene if needed
• A fix is being proposed, tested, and audited
• DG testnet bounty
• Onchain vote to ship fix
• Fix fully enacted
Lido contributors are grateful to the anonymous whitehat for the high-quality report and to Immunefi for supporting responsible disclosure.
Incident details and updates can be found on forum:
The issue could have delayed ETH withdrawals during a RageQuit state, but no user funds were ever at risk.
Thanks to the “training wheels” phase of DG rollout and the readiness of the Emergency Committee to intervene if needed, Lido contributors are equipped to fully neutralize any potential abuse.
Next steps:
• Emergency Committee is on standby to intervene if needed
• A fix is being proposed, tested, and audited
• DG testnet bounty
• Onchain vote to ship fix
• Fix fully enacted
Lido contributors are grateful to the anonymous whitehat for the high-quality report and to Immunefi for supporting responsible disclosure.
Incident details and updates can be found on forum:
As contributors to Lido, the objective is to advocate for a future that maximizes long-term value for the Ethereum ecosystem.
With that in mind, Lido contributors recommend the following potential headliners for Glamsterdam.
Execution Layer
• EIP-7928 (Block-level Access Lists): a straightforward, high-leverage improvement to transaction execution. Minimal complexity, real scalability gains.
Consensus Layer
Slot pipelining is essential. Lido protocol support two viable paths:
• EIP-7886 (Delayed Execution): simpler, more predictable to implement and monitor
• EIP-7732 (ePBS): more efficient and mature, but more complex and operationally demanding
Credible Neutrality
• EIP-7805 (FOCIL) brings censorship resistance into the protocol. It’s not just a feature - it’s the foundation.
Read the full recommendation:
With that in mind, Lido contributors recommend the following potential headliners for Glamsterdam.
Execution Layer
• EIP-7928 (Block-level Access Lists): a straightforward, high-leverage improvement to transaction execution. Minimal complexity, real scalability gains.
Consensus Layer
Slot pipelining is essential. Lido protocol support two viable paths:
• EIP-7886 (Delayed Execution): simpler, more predictable to implement and monitor
• EIP-7732 (ePBS): more efficient and mature, but more complex and operationally demanding
Credible Neutrality
• EIP-7805 (FOCIL) brings censorship resistance into the protocol. It’s not just a feature - it’s the foundation.
Read the full recommendation:
Login to explore more contents