Lido node operator InfStones agrees to rotate validator keys after vulnerability disclosure
On November 23, one of the core node operators of Lido Finance, InfStones, will temporarily withdraw its Ethereum validator from the liquidity staking protocol and implement key rotation to address a major vulnerability disclosed by dWallet Labs security researchers.
It is reported that the vulnerability is related to the open-source library Tailon, which was reported to InfStones in July 2023 and has now been resolved. Nevertheless, this incident led to preventive security measures being taken. Lido Finance confirmed that the vulnerability is related to potential root-level access affecting 25 InfStones validator servers, but there is no evidence that this issue resulted in any key leakage or exploitation.
Previously, dWallet Labs claimed in its security report that this vulnerability could trigger security risks and affect ETH staked on Lido through InfStones nodes. Therefore, the company recommended rotating validator keys for all nodes that may be exposed to this vulnerability.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Azuki Founder: Azuki World Bible to be released soon
Uniswap front-end transaction revenue exceeds $130 million