Lido oracle key compromise — was $23B really at risk?

By: protos|2025/05/12 13:15:06
0
Share
copy
Eyebrows were raised across the crypto community yesterday following Lido’s announcement of a compromised oracle key and the emergency vote to replace it.While some commentators called the incident “alarming,” especially given recent, high-profile hacks, others stressed that fears were overblown.Lido’s message reassured users that it “remains secure and fully operational” whilst underlining that all other signers of the “five of nine” oracle were secure. Emergency Lido DAO vote announcement: rotate single Lido Oracle related to compromised Chorus One oracle private key.Stakers are not affected. The protocol remains secure and fully operational. The oracle system is robust by design, with a 5/9 quorum, and all other...— Lido (@LidoFinance) May 11, 2025Read more: Radiant Capital’s $50M crypto hack underlines DeFi’s multisig dependenceLido is the decentralized finance (DeFi) sector’s second-largest protocol, worth $23 billion, according to DeFiLlama data.It allows users to deposit ether (ETH) to earn proof-of-stake yields, issuing a liquid wrapper for use elsewhere, e.g., as collateral to borrow other crypto assets.The realization that one of the keyholders to an important part of Lido’s infrastructure led to worries over the security underlying the protocol.This hacker was also ridiculed for blowing their opportunity, giving the game away by draining a mere 1.46 ETH (around $3,800 at the time) sitting in the address to be used for gas fees.Well-organized and long-running multisig compromise efforts have led to enormous heists in recent months.Indeed, the largest ever crypto hack hit ByBit for $1.5 billion in February, and $50 million was stolen from Radiant Capital in October.Both incidents have been linked to North Korea’s Lazarus Group via the TraderTraitor malware used, and an undercover security researcher who blew his own cover in March.Read more: Crypto exchange Bybit hacked for over $1.4 billionLido contributors say fears may have been overblownStrategic Advisor Hasu posted a rebuttal to those speculating on the danger posed by the compromised key, explaining that “The oracle isn’t a multi-sig. It doesn’t custody funds and cannot drain the protocol. No user deposits were ever at risk.”The oracle reports raw data from Ethereum’s underlying Beacon Chain, and requires a threshold of five of nine participants to make any changes.Even if five addresses were compromised, would-be attackers would only be able to make minimal changes to certain parameters thanks to Lido’s so-called “sanity checks.”Lido co-founder Vasiliy Shapovalov pointed to incremental changes that were made to limit the potential impact of this scenario in 2022 and 2024, adding, “Risk mitigation is not an afterthought or reaction but part of the design process.”While the address in this case wasn’t on a traditional multi-sig with access to underlying funds, it still serves as a wake-up call for a sector that should already be well aware of the threats lurking around every corner.A couple of great threads on what is the actual impact of Lido's oracle participant compromise and what it could be, worst case (https://t.co/M4NOQBmJdL, https://t.co/7mue1jQx3V, https://t.co/0GX0vCn3iU)What I want to highlight is potential impact was mitigated in spring 2022... https://t.co/mf4Cm5TxOc— Vasiliy Shapovalov (@_vshapovalov) May 11, 2025A Lido forum post outlined the immediate security checks that were carried out in response, confirming that no other compromises had been found in oracle addresses or the underlying software.The operator of the compromised address, Chorus One, is reviewing its infrastructure for further signs of compromise and has promised to share a post-mortem report once the investigation is complete.Got a tip? Send us an email securely via Protos Leaks. For more informed news, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.The post Lido oracle key compromise — was $23B really at risk? appeared first on Protos.

-- Price

--

You may also like

Should You Buy Bitcoin Now? What the Data Says After a 50% Pullback

Should you buy Bitcoin now? Explore Bitcoin's nearly 50% pullback, ETF outflows, on-chain data, Strategy's BTC sale, and historical trends to assess whether July 2026 is a buying opportunity.

Founder of Baixing.com: I believe half of the statement that large language models devour everything

The internet has been shouting for so many years about devouring everything. Has it really devoured everything now? Is it the internet that devours everything, or is it the large models that devour everything? Both are devouring, and nothing is left?

A "legal" robbery? Attackers emptied the BonkDAO treasury by buying tickets

Handing over the keys to the vault to a public vote where "anyone can spend money to participate," without sufficient oversight mechanisms, even the most legitimate governance ideals may turn into the most convenient tools for attackers.

How has Binance's stock business performed in the 30 days since its launch?

Emerging market buying supported the first wave of demand.

WEEX P2P now supports BDT & LKR—Merchant Recruitment Now Open

To make crypto deposits easier, WEEX has officially launched its P2P trading platform and continues to expand fiat support. We're excited to announce that the Bangladeshi Taka (BDT) and Sri Lankan Rupee (LKR) are now available on WEEX P2P!

Morning News | SK Hynix officially launches the marketing promotion process for its U.S. stock listing; the Central Cyberspace Administration announces the results of the first phase of rectifying AI application chaos, with over 14,000 non-compliant pr...

July 6 Market Important Events Overview

Contents

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com