Lido
MITHRILLiquid Staking · Ethereum · $15B+ TVL · 20 contracts
Public risk assessment — scores are produced with the same methodology as monitored protocols
Security Profile
88
85
92
80
88
93
44
88
90
48
88
85
92
80
88
93
44
88
90
48
Audit History
Bug Bounty Program
Assessment
Dominant liquid staking protocol, 66 months live, no critical exploits. D4 compositional risk (external validator deps, wide DeFi integration) and D2 rebasing complexity prevent top tier.
Dimension Breakdown
How scores work →- Role-based ACL via Aragon framework
- Curated node operator registry with staking limits
- Pause/resume capabilities on critical functions
- Slight centralization in node operator curation
- Rebasing token model adds complexity vs exchange-rate
- Withdrawal queue handles unstaking flow
- Slashing risk passed through to stETH holders
- $15B+ TVL validated through multiple market cycles
- Internal oracle for stETH/ETH exchange rate
- No external price feed dependency for core function
- Oracle committee reports validator balances
- Rate update bounded by sanity checks
- Live since December 2020 (66 months)
- Survived all major market events
- $15B+ TVL, largest liquid staking protocol
- Active since ETH Beacon Chain launch
- Z-factor: 0.917
- LDO token voting via Aragon
- Dual governance mechanism in development
- Easy Track for routine proposals
- Gate Seal for emergency pausing
- Score derived from continuous adversarial security research
- Professional operations team
- Excellent monitoring infrastructure
- Multiple keeper/oracle operator redundancy
- Published incident response procedures
- Staking Router routes to multiple modules (DVT, CSM)
- Extensive DeFi integration (Curve, Aave, MakerDAO)
- wstETH wrapper adds composition interface
- Multiple external validator dependencies
- Appears in 3 cross-protocol cascade chain(s)
- Failure cascades to 12 downstream protocol(s)
- Member of 3 dependency cluster(s)
- Score: 48/100 (higher = more isolated from systemic risk)
- Source: cross_protocol_composition.json dependency analysis
- Standard OpenZeppelin libraries
- Modern Solidity versions
- Verified contracts on Etherscan
- Well-maintained dependency set
Risk Drivers
Primary risk factors driving this score, ordered by severity.
Adversarial Risk Signals
Observable security posture indicators. These signals reflect publicly verifiable information and responsible disclosure outcomes. No specific vulnerability details are exposed.
Score History & Verification
Score provenance tracking begins with the next reassessment.
On-Chain Data
- Protocol Slug
- "lido"
- Oracle
- BRORegistry (Base)
- Evidence
- IPFS (pinned)
- Staleness Threshold
- 24 hours
registry.getScore("lido")Reduce exploitable risk
BlackHart Monitoring provides continuous adversarial analysis, vulnerability detection, remediation support, and verified reassessment when your risk posture improves.