InfStones, a blockchain infrastructure provider and one of the key node operators for liquid staking protocol Lido Finance, will look to address a recent vulnerability issue by rotating its validator keys. The platform is expected to take the security step by temporarily withdrawing its Ethereum validators from Lido.
The move follows the discovery of a security threat connected to the open-source library Tailon in July, which was disclosed by researchers at blockchain security platform dWallet Labs. This chain of vulnerabilities at InfStones put over $1 billion worth of assets at risk.
Lido Finance acknowledged the vulnerability, noting the potential for an impact on 25 of InfStones servers. Their security team is working with the node operator to assess the scope and potential impact.
Although there is currently no indication of key leakage or compromise, InfStones has decided to transition to new keys. To maintain operations and stability of the liquid staking protocol, InfStone will redirect staked Ether (ETH) to Lido for re-staking.
Lido is the largest liquid staking platform on Ethereum, with more than $18 billion in total value locked (TVL) as of November 23. To ensure the security of users’ assets, InfStones is taking the necessary security measure of rotating its validator keys.