Ethereum $2,560.83 Lido, one of the largest liquid stinging protocols of the ecosystem, quickly took control of an important security incident at the weekend. Lido guarantees more than 25 percent of ETH, which is the total stacked on Ethereum, and therefore has a systemic vital role. The incident began with a violation of the security of one of the nine Oracle keys in the protocol.
The development of the event
The violation took place as a result of an unauthorized access to an Oracle switch connected to a confirmatory operator operated by Chorus One. This switch was created in 2021 and should protect less than existing security standards. The switch was reported to belong to a hot wallet connected to an Oracle reporting process and the usual usual fee worth only $ 1.46 (about $ 4,200) was stolen.
In an X shipment, Chorus One made a closer look at the address and revealed unauthorized access to an Oracle special key created in 2021 ”.
User funds are safe
After the incident, the presence of any user was not damaged and a wider security violation was not detected. Lido uses a majority of votes of 5 to 9 in the Oracle system. Thanks to this mechanism, even if one or two keys are seized, the general safety of the system is preserved.
Lido and Chorus One announced that the event did not threaten the general security of the protocol with their shares on the X platform. The timely detection of the violation caught prevented the possible damage.
FAST MEASURES AND TECHNICAL DETAILS
After the violation, Lido took action urgently and launched an emergency DAO vote to change the problematic Oracle key. In three different contracts – accounting Oracle, verifiers output bus Oracle and CS fee Oracle – as the voting is used, a new, safer key was put into place in all these contracts.
In addition, some other Oracle operators at the time of the incident, Ethereum’s latest pectra update due to a small PrySM error due to unexpected knot problems. These problems led to a delay of Oracle reports for a short time.
The newly created 0x285F address was replaced by the 0x140b address with violated security. The vote on the chain was approved and entered the 48 -hour objection process.
Lido team, after the incident, security protocols will be reviewed, especially in the old keys will be taken and safety standards will rise further, he said.
This incident in Lido reveals that the decentralized financial protocols are frequently tested against security weaknesses. The rapid detection of technical teams and the effectiveness of the security processes made the damage limited. Even if some of the Oracle switches are in danger, the multiple approval mechanism in the system makes a significant contribution to the safety of user assets. Such events remind that protocols should constantly improve their security structures.
Responsibility Rejection: The information contained in this article does not contain investment advice. Investors should be aware that crypto currencies carry high volatility and thus risk and carry out their operations in line with their own research.
