Lido node operator InfStones agrees to rotate validator keys after vulnerability disclosure
Quick Take
- Lido operator InfStones is expected to take precautionary measures after a vulnerability disclosure.
- The Tailon library-linked vulnerability, discovered in July 2023 by dWallet Labs, has been addressed.
- Lido Finance clarified there is no evidence of key leakage or exploit.
InfStones, a key node operator for Lido Finance, is set to temporarily withdraw its Ethereum validators from the liquid staking protocol and implement key rotations in response to a significant vulnerability revealed by dWallet Labs’ security researchers.
The vulnerability, linked to the open-source library Tailon, was reported to InfStones in July 2023 and has since been resolved. Nonetheless, this event has led to the adoption of preventative security measures.
As the largest liquid staking protocol on Ethereum, Lido oversees 9.23 million ether, with a market value exceeding $19 billion. The protocol enables users to deposit ETH and participate in network staking through validator nodes, which in turn issue a derivative token to users as a representation of their staked deposit. A network of contributors, known as operators, is responsible for running these ETH validator nodes, providing the requisite IT infrastructure and servers necessary for their operation.
Lido Finance confirmed the vulnerability was related to potential root-level access that impacted 25 of InfStones’ validator servers. Lido clarified, however, that there’s no evidence of any key leakage or exploitation as a result of this issue.
"To clarify: There is currently no indication of key leakage or compromise, and the vulnerability may not affect validators related the Lido protocol," it said.
InfStones' response
InfStones said the issue flagged by dWallet only affected a small part of its infrastructure, with less than 0.1% of its systems via a specific network port on its network that had the issue. As such it implied the affected validator nodes was a small number.
“The instances (servers) identified in production constitute a fraction below 0.1% of the live nodes we have launched to date. We found that outside traffic, through a port 55555 opened for Tailon, could imitate viewer privileges and access a portion of the development and testing data,” InfStones said.
Despite the absence of a confirmed key compromise, InfStones has proactively agreed to exit its validators and transition to new keys, pending governance’s approval, Lido Finance added. The ether that was previously staked on the potentially affected validators is planned to be redirected into the Lido protocol for re-staking, ensuring its continuity and stability.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
