Ethereum staking protocol Lido acted quickly to neutralize a potential security threat after discovering that one of its oracle keys had been compromised over the weekend.
The key in question was managed by validator operator Chorus One. Oracle keys are crucial for feeding external data to blockchain protocols, and any compromise can pose serious risks to the system’s integrity.
In this incident, the attacker managed to drain 1.46 ETH (worth approximately $3,675) from a hot wallet used for Oracle voting. Hot wallets, being connected to the Internet, are more vulnerable to breaches than cold storage.
Lido Protocol Remains Secure Despite Breach
Despite the breach, Lido confirmed that the core protocol remains secure and fully functional.
The swift response ensured that the attacker’s access was limited, and any further risk to users or funds was effectively contained. The incident highlights the importance of decentralized validator operations and robust key management in safeguarding staking infrastructure.
Lido, which is the largest liquid staking protocol on Ethereum, relies on a network of validators to maintain decentralization and security. By promptly addressing the issue and maintaining transparency, Lido reinforced its commitment to the safety and resilience of its staking ecosystem.
No user funds or staked assets were affected beyond the small amount taken from the oracle wallet.
Also Read: Lido DAO ($LDO) Market Cap Surges 26% In Five Days As Bullish Sentiment Hits 9-Month High
Lido and Chorus One Act Swiftly After Oracle Key Compromise
After more research showed that one of Lido’s oracle keys had been acquired by an unauthorized entity, Lido contributors and Chorus One moved quickly to neutralize the threat.
The compromised key was connected to a wallet used to sign Oracle reports that was made in 2021. According to Chorus One, this wallet was not protected by the same strict guidelines that were used for the rest of their infrastructure.
Although it contributed to oracle operations, the fundamental protocol was not at risk. To ensure that no more harm could be done, the teams moved swiftly to revoke the compromised key.
Their well-coordinated reaction informed users that the compromise had been successfully managed and contributed to the stability of the protocol.
Also Read: Arbitrum DAO’s 7,500 ETH Investment Plan in Lido, Aave, and Fluid Faces Backlash
Lido Launches Emergency DAO Vote to Replace Compromised Oracle Key
Lido quickly started an emergency DAO vote in response to the breach in order to rotate the compromised oracle key across three important contracts: the Consensus Layer (CS) Fee Oracle, Validators Exit Bus Oracle, and Accounting Oracle.
As soon as the occurrence was confirmed, the voting started. It will be open for 72 hours, after which there will be a 48-hour period for objections.
To stop similar situations in the future, a new replacement key has already been created and is being safely stored using improved security methods.
Lido reaffirmed its dedication to protocol safety and decentralized decision-making while reducing interference with staking operations by enlisting the DAO and enhancing security measures.
Also Read: PEPE Whale Faces $3.6M Loss After Selling 2.25M Lido DAO ($2.18M), Retains 1.35M $LDO Holdings