Lido
Tier 1lido
Liquid StakingLiquid staking for Ethereum and Polygon. Daily staking rewards, no lock ups.
Audits
5
reports collected
Findings
71
across all audits
Last Updated
5/21/2026
Analyzed
Analysis Overview
Protocol Overview
Code Security
Economic Security
Team & Transparency
Governance
Cross-Analysis
Executive Summary
Executive Summary: Lido
Safety Rating: YELLOW_GREEN
Overall Score: 6.9/10 | Confidence: 0.70 | Data Completeness: 0.50 "Lido's composite risk profile reflects a mature, battle-tested protocol operating at systemic scale ($18.86B TVL, tier 1 classification) with meaningful security investments (5 audits, formal verification, fuzzing)"
Scores by Dimension
| Dimension | Score | Key Finding |
|---|---|---|
| Code Security | 7.5/10 | Two critical findings (PinnedBeaconProxy and quarantine bypass) were identified and fixed before V3 production; high audit quality with formal verification on CircuitBreaker "Score: 7.5/10" |
| Economic Security | 7.0/10 | $18.86B TVL makes Lido systemically important for Ethereum; vault isolation limits flash loan risk but cross-vault debt socialization creates residual contagion "Score: 7.0/10" |
| Team Transparency | 6.5/10 | Strong security transparency via 5 professional audits with documented remediation, but no team information or social media data available in workspace "Score: 6.5/10" |
| Governance | 5.0/10 | Hybrid DAO model with immutable ADMIN and single-pauser design creates liveness gaps; trust-based role model without on-chain accountability "Score: 5.0/10" |
| Track Record | 7.5/10 | 5 audits with 88% fix rate (38/43 findings resolved); operating since 2020 with tier-1 protocol status and professional engagement with tier-1 auditors "The available audit data shows Lido V3 underwent extensive security review" |
What This Protocol Does
Lido is a liquid staking protocol that enables users to stake Ethereum and receive stETH tokens that accrue daily staking rewards with no lock-up periods. Lido V3 introduces isolated staking vaults where any user can deploy and control their own vault, with ETH staked to validators whose withdrawal credentials point back to the vault. "Lido is a liquid staking protocol that enables users to stake Ethereum (ETH) and other assets to earn staking rewards while maintaining liquidity"
Key Strengths
- Tier-1 auditor engagement: 10-week Consensys Diligence review plus Cyfrin audits covering circuit breaker, vault middleware, and formal verification demonstrate serious security investment "Tier 1 auditor engagement (Consensys Diligence, 10+5 weeks)"
- High audit fix rate: 38 of 43 findings from the primary Consensys audit were fixed; remaining 4 are acknowledged design decisions rather than vulnerabilities "39 of 43 findings are marked Fixed or Partially Addressed"
- Vault ossification option: StakingVault supports ossification, allowing vault owners to lock implementation permanently once satisfied for progressive decentralization "StakingVault supports ossification, allowing vault owners to lock implementation permanently"
- Formal verification: Certora Prover verified 38/41 properties on CircuitBreaker, providing mathematical guarantees on critical emergency mechanisms "41 properties verified using Certora Prover; 38/41 verified"
- Full ETH backing: stETH maintains a direct 1:1 ETH backing claim, avoiding reflexive minting/burning spirals that plague algorithmic protocols "stETH maintains a direct 1:1 ETH backing claim"
Key Risks
- Cross-vault debt socialization: The
socializeVaultDebtmechanism in VaultHub creates inherent economic coupling where healthy vaults absorb liabilities from defaulted ones, creating adverse selection risk "The `socializeVaultDebt` mechanism in VaultHub creates inherent cross-vault economic coupling" - Governance centralization: Immutable ADMIN with sole authority over pauser assignment and no transfer mechanism creates single point of failure "No admin transfer mechanism — ADMIN is immutable"
- Heartbeat liveness gap: CircuitBreaker's single-pauser design means zero emergency pause coverage between heartbeat expiry and admin re-registration "between heartbeat expiry and admin re-registration, the pausable contract has zero emergency pause coverage"
- stETH composability risk: stETH integrated across hundreds of DeFi protocols creates contagion pathways for both stETH inflation and depeg scenarios "stETH is integrated across hundreds of DeFi protocols"
- Oracle complexity: Permissionless
updateVaultDatacombined with multi-layer oracle architecture introduces residual surface for manipulation "The LazyOracle's permissionless `updateVaultData` means oracle integrity relies entirely on upstream HashConsensus report correctness"
Critical Findings
- Quarantine bypass + DAO Agent compromise (Vector 1): A compound attack combining residual oracle freshness bypass and DAO Agent control over pauser assignment could enable uncollateralized stETH inflation at scale "Bypassing Quarantine and Reusing Same Report Allows Minting Uncollateralized stETH Critical"
- V3 audit "delay production" recommendation: Consensys explicitly recommended delaying V3 production deployment; the core V3 vault system had not been live at audit time "We recommend delaying production deployment and ensuring continued engagement with the bug bounty program"
- No team information available: Workspace lacks any team composition, legal structure, or key member backgrounds—standard for DeFi but limits accountability assessment "No team information available in the current data workspace"
Recommendation
Lido is suitable for risk-tolerant users seeking Ethereum staking yield who understand that they are interacting with a systemically important DeFi protocol carrying governance and oracle complexity risks. The protocol demonstrates strong security investment through multi-round audits and formal verification, and its $18.86B TVL reflects institutional trust. However, users with low risk tolerance should note the governance weaknesses (immutable ADMIN, single-pauser design) and the CircuitBreaker liveness gaps that create documented emergency response windows. The cross-vault debt socialization model means vault owners are not fully isolated from systemic risk despite the marketed isolation architecture. Users concerned about governance risk should wait for the V3 code to operate under extended live conditions and for governance documentation (timelock duration, LDO distribution) to be made publicly available.
Report Sections
- Protocol Overview
- Code Security
- Economic Security
- Social & Team
- Governance
- Cross-Risk Analysis