Lido, a prominent liquid staking protocol on the Ethereum network, encountered a major security incident recently but managed to handle it effectively. As a significant player, overseeing more than 25% of staked ETH on Ethereum, Lido is crucial to maintaining network integrity. The incident originated from the breach of one of its nine oracle keys.
What Led to the Oracle Breach?
The breach involved unauthorized access to an oracle key managed by Chorus One, an operator within Lido’s ecosystem. This key, created in 2021, lacked the robust security features of current standards. It was within a hot wallet involved in an oracle reporting process, with 1.46 ETH (around $4,200) stolen in gas fees.
Was the Breach a Threat to User Funds?
Lido confirmed that no user funds were compromised during this incident. Its 5-out-of-9 voting majority protocol within the oracle system preserved overall security, even in the event of individual key breaches. This framework ensures resilience against similar threats.
Both Lido and Chorus One announced on platform X that the incident was swiftly addressed, and there was no risk to users or the network’s security. The proactive response minimized potential damage.
Response Measures and Technical Aspects
Reacting to the breach, Lido rapidly launched an emergency DAO vote to substitute the compromised oracle key. The key was integrated into three contracts: the Accounting Oracle, the Validators Exit Bus Oracle, and the CS Fee Oracle. The vote introduced a new, more secure key for these contracts.
Simultaneously, other oracle operators encountered a brief disruption caused by a minor bug in Prysm, linked to Ethereum’s recent Pectra update, delaying oracle report processes. The vote to replace the breached address 0x140B with 0x285f was successfully approved, allowing a 48-hour contestation period.
Following the breach, Lido plans to reassess and improve its security protocols, especially concerning older keys, to enhance overall security standards.
Key outcomes from the incident include:
- Chorus One’s swift detection of unauthorized key access.
- Effective use of a 5-out-of-9 voting mechanism to maintain security.
- Prompt initiation of a DAO vote to replace vulnerable oracle keys.
Lido’s incident underscores the need for decentralized finance protocols to address security vulnerabilities constantly. The rapid response from technical teams and robust security protocols limited the impact, showcasing the importance of evolving security measures to protect user assets effectively.
Disclaimer: The information contained in this article does not constitute investment advice. Investors should be aware that cryptocurrencies carry high volatility and therefore risk, and should conduct their own research.
Source: https://en.bitcoinhaber.net/lido-protects-network-after-oracle-breach