Lido node operator InfStones agrees to rotate validator keys after vulnerability disclosure
On November 23, one of the core node operators of Lido Finance, InfStones, will temporarily withdraw its Ethereum validator from the liquidity staking protocol and implement key rotation to address a major vulnerability disclosed by dWallet Labs security researchers.
It is reported that the vulnerability is related to the open-source library Tailon, which was reported to InfStones in July 2023 and has now been resolved. Nevertheless, this incident led to preventive security measures being taken. Lido Finance confirmed that the vulnerability is related to potential root-level access affecting 25 InfStones validator servers, but there is no evidence that this issue resulted in any key leakage or exploitation.
Previously, dWallet Labs claimed in its security report that this vulnerability could trigger security risks and affect ETH staked on Lido through InfStones nodes. Therefore, the company recommended rotating validator keys for all nodes that may be exposed to this vulnerability.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
241127: Trump’s Crypto Plan: SEC’s Role Diminishes as CFTC Steps In
Donald Trump's administration is reportedly considering shifting crypto regulation to the Commodity Futures Trading Commission (CFTC), potentially reducing the Securities and Exchange Commission's (SEC) role. The move could grant the CFTC oversight of crypto spot markets and exchanges for digital a
Goldman Sachs warns Trump tariff proposals could fuel inflation
Japanese listed company Remixpoint plans to buy another $3.27 million worth of Bitcoin