Lido DAO contributors were informed about a security vulnerability affecting an active Node Operator, InfStones, using the Lido on Ethereum protocol. Discussions with the affected Node Operator and security researcher, dWallet Labs, led to conclusions about the vulnerability. The vulnerability, linked to the Tailon library, was discovered in July 2023 by dWallet Labs. Lido Finance stated that there is no evidence of key leakage or exploit. A security firm reported vulnerabilities compromising staked assets worth $1 billion.
Security Firm Says It Found Vulnerabilities Which Compromised Staked Assets Worth $1Billion #validators #nodes https://t.co/tvvLW8rB4Z
Lido operator InfStones is expected to take precautionary measures after a vulnerability disclosure. The Tailon library-linked vulnerability, discovered in July 2023 by dWallet Labs, has been addressed. Lido Finance clarified there is no evidence of key leakage or exploit.… https://t.co/tuRe8UMsoI
Following discussions with the affected Node Operator (InfStones) and the relevant security researcher (dWallet Labs), Lido DAO contributors have come to the following conclusions regarding the previously mentioned vulnerability.
Lido discovered a security vulnerability in Ethereum protocol, involving Node Operator InfStones https://t.co/sH5tfXKfaV
Over the course of the last 24 hours, Lido DAO contributors were made aware of an earlier platform vulnerability affecting an active Node Operator using the Lido on Ethereum protocol (InfStones). More information here: https://t.co/WeIVeVBpCp