Lido (LDO)

From CryptoWiki

(Redirected from StETH)

One of the main projects focused on liquid staking derivatives (LSDs) of staked ETH. Lido was the first liquid staking provider, they pioneered and popularized liquid staking in 2020 when Ethereum’s Beacon chain went live. You deposit ETH over on Lido’s staking page and receive stETH which is a receipt token from Lido that represents your staked ETH, aka the LSD.

Basics

"Lido says it will provide staking services for ETH holders so they can contribute to the Eth2 PoS blockchain; it will also issue bETH tokens—1-to-1 representations of staked ETH—so users can continue using DeFi protocols."

History

Audits & Exploits

  • Bug bounty program can be found here (7-7-2021). Bounty is 100k. Update (11-4-2022): "Lido offer three separate Immunefi bug bounties for three different chain deployments. All three offer rewards up to $2m, totaling $6m. Their mainnet program can be found here"
  • Lido V2 got audited by 9 well known firms, yet all audits were able to find new bugs, highlighting that having 'an audit' is not a silver bullet.
  • Scored 97% on DAOmeter (21-2-2023), scored low on Voting (no staking, no custom tools and delegates are not compensated) and Treasury (no custom tooling and no dedicated team), and a bit low on Community (no off and onboarding process) and Security (Lido uses uses the emergency brakes multi-sig for the Easy Track).
  • Scored 92% on DeFi Safety (11-4-2022):

There is full coverage of Lido's most major deployed contracts by software function documentation. However, there are clearly a few missing as per their "Deployed Contracts" page. Lido's last code coverage test was run around 7 days ago at the time of writing this review, and can be found here (must be signed in to GitHub to view). The average result is 82% coverage. Lido has not undergone formal verification. Most issues underlined by the audit reports were fixed by the Lido team.

  • Previously scored a 84% (7-7-2021): "Sigma Prime has done a Lido.fi security assessment in December 2020. Quantstamp has done a Lido.fi audit in December 2020. MixBytes has done a Lido.fi audit in April and May 2021. Lido.fi was launched December 20th 2021."
  • Had done three audits (7-5-2021).

Bugs/Exploits

  • Lido stMATIC staking withdrawals were paused for two weeks in March 2023 due to a bug.
  • From Blockthreat (16-3-2022):

"Lido patched a front-end code injection vulnerability after it was responsibly disclosed by United Glboal Whitehat Security Team."

"Staking pool vulnerability impacting Lido and Rocket Pool, deposit can be frontrun putting funds at risk, flagged by StakeWise, raised in Eth Research in late 2019."

Governance

Admin Keys

"Lido's admin control information is easily found and readily available in their docs. Lido uses an upgradeable proxy structure that allows their immutable smart contracts to update the state of these proxies. Since the implementation/logic/code that holds user funds is effectively immutable, and all upgrades are surface level parameter changes that must be voted on, we consider Lido as immutable and non-custodial - 100%. These details can be found here and here. All possible smart contract change capabilities of the Lido software is detailed here. A detailed list of parameters that can be voted upon by the DAO can be found in their Aragorn DAO interface. A timelock is identified here, but is not extensively detailed. The Lido timelock enforces a 72h lockup period."

"Lido.fi uses Aragon as a DAO framework that the base themselves off of. In their docs, they provide operator frameworks. Pause Control documentation explained, but no evidence of regular tests."

"Lido DAO conducted a vote to upgrade the Lido withdrawal credentials to an upgradeable smart contract to eliminate the risk of collusion amongst withdrawal key signatories"

  • From their blog (27-7-2021):

"Lido validators are controlled by a 6-of-11 multisig of reputable Ethereum builders. We have since transitioned custody to a smart contract, but this cannot extend to existing deposits yet."

"While Lido is non-custodial, the protocol is not yet fully trustless. Due to the limited functionality ETH 2.0 staking at the time of the Lido’s launch deposits made into the protocol before July 15th, about 81% of deposits are not non-custodial. Rather, the withdrawal key (the private key that controls the ability to withdraw staked funds) for these assets is controlled by a 6/11 multisig scheme, with prominent DeFi community members and entities as signers."

DAO

"Ownership of the Lido contracts lie within the LidoDAO, and this is fully detailed here as well as here."

"Lido is managed by the Lido DAO. The DAO members govern Lido to ensure its efficiency and stability. Besides technical development, the Lido DAO’s mandate is to promote Lido and recruit new users, node operators, and validators with educational content, promotional campaigns, and affiliate marketing."

"The project has implemented a skeleton upgradable smart contract for making new withdrawals and new deposits fully non-custodial. The project is still seeking an optimal solution to become a trustless node operator. In a blog post outlining next steps, the Lido team identified three points where users currently still need to trust the company. These include deposits, withdrawals and becoming a node operator."

"Lido governance has lived up to this need for active management, as since December 2020 there have been 83 proposals being put to a formal on-chain vote through Aragon, the platform used to handle DAO operations.

Of these proposals, 70 have passed, with 13 either failing to reach a quorum or being outright rejected. By DeFi standards, Lido has also seen pretty good voter engagement, with an average turnout of 55.9 million tokens per vote, or 5.59% of the total supply. However, a deeper look at some voting metrics suggests that concerns surrounding centralized governance may be warranted. For instance, 79 of the 83 votes were unanimous, in that all tokens voted the same way. Furthermore, 22 proposals received an identical turnout. As an example, seven proposals had a total vote count of exactly 52,718,000 million."

Treasury

  • Treasury balance grew from $1.4M in Q1 2023 to $5.24M in Q1 2024.
  • From Unchained (26-7-2022):

"Currently, Lido DAO holds the vast majority of its $285 million treasury in volatile assets ($247 million in LDO and $30 million in ETH). Lido DAO was looking to secure two years of runway for the team in stablecoins to prepare for a prolonged bear market by selling 20 million LDO tokens, with 10 million being sold outright to Dragonfly."

  • There is a proposal to sell "10,000 ETH of Treasury funds to DAI. This should cover about two years for 50-people team & ops expenses of the protocol maintenance budget." (3-6-2022)

Token

Launch

Token allocation

"Lido has a total supply of 1 billion tokens. At launch, 36% was allocated to the DAO treasury, a combined 35% to team members (This includes founders, initial protocol developers, and future employees), 22% to investors, and 6.5% to staking validators and the withdrawal key signers.

These latter three groups tokens have a one-year lockup, followed by a one-year vesting period.

As we can see, this means that 63.5% of the total supply was allocated to protocol insiders. Because of this, it’s reasonable to say that control over Lido is still highly concentrated. In addition, the impending expiry of the lockup period poses the risk of placing perpetual downward pressure on the price of LDO due to sales from these parties. While the effect of this may not be felt as strongly during a bull run, it could potentially exacerbate declines should the market turn bearish. Only 2.8% of the total LDO supply is circulating in the open market."

Utility

"The sole, albeit incredibly important, purpose of LDO is governance over the protocol. There are currently no direct mechanisms to drive value to the token, such as buybacks or a staking mechanism that locks up supply, meaning that LDO is more akin to a traditional, growth-stage equity."

Coin Distribution

  • Paradigm has exactly 7% of the token supply, presumably from when they led a Lido raise, due to it's old holding position (30-3-2023).
  • Ownership of Lido’s governance token is relatively concentrated. The top 9 addresses hold ~46% of governance power, and a small number of addresses typically dominate proposals (17-9-2022).
  • From Unchained (26-7-2022):

"Yesterday, Lido DAO voted “No” on a proposal that would’ve seen 10 million LDO tokens accounting for 1% of the token’s total supply (worth roughly $14.5 million) sold to Dragonfly Capital. Overall, the voting ended with 43 million LDO, or 66%, of tokens voting no and 21 million LDO tokens, or 33%, voting yes. Interestingly, while 609 users voted, 20.6 million of the ~21 million LDO votes that voted “Yes” came from just two entities."

Technology

"With 1,243 commits and 68 branches, Lido's main software repository is liquid gold."

Implementations

How it works

"The stETH token balance is based on the amount of ether deposited in Lido with associated total rewards and slashing penalties. Since the beacon chain is a separate network, Lido smart contracts cannot get direct access to its data. Communication between the Ethereum 1.0 part of the system and the beacon network is performed by the Lido DAO appointed oracles. They monitor node operators’ beacon chain accounts and submit corresponding data to Lido’s Ethereum 1.0 smart contracts. On every update submitted by oracle, the system recalculates the stETH token ratio. If the overall staking rewards are greater than the slashing penalties, the system registers a profit. In this case, the stETH token balances will increase and Lido would apply a 10% fee. The fee is applied by minting stETH tokens corresponding to 10% of Lido's profit. The minted stETH tokens are distributed between the node operators and the DAO’s treasury account. Node operators’ part of the fee is distributed proportionally to the corresponding active validation keys on the beacon chain.

Slashing penalties negatively impact stETH token balances. To compensate for this negative impact, part of the Lido fee is transferred to the slashing insurance provider who protects against reasonably-sized slashing events. The Lido DAO governance must intervene in case of massive slashings. Withdrawals will be available once transfers are implemented in Ethereum 2.0 (scheduled as Phase 2). Once Ethereum 2.0 transfers are rolled out, the Lido DAO would upgrade Lido to implement the feature. Before that point, rewards restaking is not available either."

"After a user clicks “deposit” on Lido’s interface, their tokens are sent to the protocol’s staking contracts. These contracts pool together all user funds and then distribute them to DAO-selected node operators, of which there are currently nine, in increments of 32 ETH. These node operators are the entities responsible for managing and maintaining validators, meaning they’re the ones doing the actual staking.

Node operators do not have access to user funds, but instead a public validation key that allows them to validate transactions with another user's stake. This means that Lido is non-custodial."

Fees

"Currently, 90% of the earnings from staking go to depositors, while the DAO has a 10% cut of rewards. Currently, this fee is allocated at 50/50 split between node operators and slashing insurance. Since its launch in December 2020, Lido has generated $3.02 million in protocol revenue, about $4.53 million when annualized."

Upgrades

"The V2 upgrade is centred around two major focal points, the Staking Router and Withdrawals.

In actual terms the Staking Router is a controller contract that will allow Lido to evolve into an extensible protocol via a modular infrastructure that node operators, stakers and developers can plug into. The router will be made up of various modules that will be treated as sets of validator pools that can act as potential supply for the protocol, either on the staking or node operator side. Each module is independent, and will therefore be responsible for managing an internal operator registry, storing validator keys, and allocating stake and rewards between the operators that participate in the module. It’s worth noting here that modules can be made up of a single node operator type (DVT cluster, DAOs, solo stakers) or a blend.

Lido’s V2 announcement lays out two withdrawal modes, Turbo and Bunker. Turbo will be the default mode, in which withdrawal requests are fulfilled quickly, using all available ETH from user deposits and rewards. While withdrawal times are uncertain and will depend on various factors, it is expected that they’ll range between one and a few hours.

Bunker mode is merely an ‘in case of emergency’ mode, which prevents sophisticated actors gaining an unfair advantage in the event of a mass withdrawal crisis. This can be thought of as a transaction order randomiser, mitigating the extent to which these sophisticated actors can manipulate preferential treatment."

Staking

"Those with less than 32 ETH will also be able to pool with other users to stake on Eth2, allowing even small holders to do their part in securing the network. Lido also says it will keep track of staking rewards being earned on the Eth2 blockchain and generate new bETH accordingly on the existing Ethereum chain, allowing staking users to capture staking rewards without delay."

Interoperability

Other Details

"Lido Finance purchased $200 million worth of cover from Unslashed Finance for its stETH (ETH 2.0 staking) to cover the risk of slashing penalties. Slashing refers to penalties exerted towards the Proof of Stake (PoS) network’s validator when the validators fail to maintain the network consistently."

Oracle Method

"Lido's oracle sources, dependent contracts, and software functions are all explained here. The refresh rates/timeframes of the oracle data feeds are documented here.

Lido details their oracle's capabilities to "remove the ability to significantly change the price in a single block" here. Lido effectively does this by using "daemon oracles: that report to their overarching LidoOracle contract. This architecture effectively removes incentives from attempting sandwich/front running attacks by increasing the amount of data sources that would need to be exploited, which therefore makes it computationally intensive and expensive. Lido applies the same architecture they use for mitigating sandwich attacks via oracles to their flash loan mitigation strategy."

Compliance

Their Other Projects

Simple DVT

"In May, Lido announced that its first batch of Simple DVT (Distributed Validator Technology) validators were active. The original proposal, launched last October, outlined the addition of a "Simple DVT" module to the Lido protocol, employing DVT through Obol Network and SSV Network to enhance the resilience, security, and decentralization of Ethereum staking.

It enables ETH stakers to retain custody of their funds while selecting operators to create and manage to validate key shares. DVT is advantageous for both groups of operators working together—such as home validators or staking services—and individual operators seeking to add redundancy to their setups. In both scenarios, the validator's private key is split across multiple machines and does not need to be online for signing or even fully assembled, which safeguards it against theft.

This redundancy allows operators to conduct system maintenance without downtime risks. DVT creates a cooperative, multi-party system for validators, distributing the operational duties across multiple node operators. This setup enhances validator resilience by mitigating single points of failure and reducing downtime risks and promotes broader decentralization across infrastructure, geographic locations, and client diversity. Furthermore, using Distributed Key Generation (DKG) in DVT adds an additional layer of security against external threats.

The Simple DVT Module (sDVTm), implemented following a record-setting Aragon vote in February 2024, is the second mainnet module of the Lido protocol. This module marks the first time solo and community stakers can participate in validator operations within the Lido framework, utilizing the foundational architecture of the Curated Operator Module and incorporating DVT solutions from Obol and SSV Network. Initially, the sDVTm is limited to 0.5% of total Lido stakes, with provisions for expansion through a DAO vote, aiming to integrate 250 new Node Operators into the system.

The Simple DVT Module has undergone extensive testing throughout its development, surpassing all minimum performance benchmarks in the third Obol testnet. This led to the mainnet onboarding of the first cohort of 12 clusters. Additionally, the SSV Network's third testnet is nearing completion, promising further enhancements and integrations based on its outcomes. The module allows multiple node operators to manage separate nodes to achieve consensus and fulfill validator duties collectively."

Roadmap

  • Can be found [Insert link here].

Revenue

  • From Onchain Times (16-7-2024):

"The liquid staking giant comes in at 7th highest revenue generating protocol. Lido has generated $59M in revenue YTD across the two chains it operates in: Ethereum L1 and Polygon PoS. Lido’s revenue flow comes from a 10% fee on user’s staking rewards, which is subsequently split 50:50 between node operators and the Lido DAO treasury. Total profitability to Lido DAO YTD comes up to $22.5M after reducing the 5% of staking rewards paid to node operators, and LDO incentives paid out to CEX/DEX liquidity pools."

  • Grew from $13.4M to $28.7M in a year (Q1 2024).

Usage

  • Lido, the largest liquid staking protocol on the Ethereum network, is now (29-6-2022) responsible for almost 32% of Beacon Chain’s validators.
  • From Our Network (1-4-2022):

"Lido has exceeded 2.9m ETH Staked in ETH2. Total ETH staked in ETH2 exceeded 10m this past month. Though the overall rate of additional ETH being staked started to slow down at the end of last year, the share of ETH2 staking activity attributed to Lido grew in the same time frame (crossing the 25% mark). Lido’s share of the total amount of ETH staked spiked significantly in March 2022, partly due to anticipation of the coming merge but also new usage of stETH by individuals and smart contracts (eg. AAVE listing)."

"over 9,500 addresses have deposited funds into Lido. Despite this strong overall growth, a deeper look into user metrics raises some areas of concern. A substantial portion of staked funds has come from a small number of large holders. More than 325,000 ETH (44%) can be attributed to just 14 users that have deposited more than 10,000 ETH, while an additional 231,000 (35%) can be attributed to an additional 67 users that have deposited between 1000-10,000 ETH. This means that 0.69% of depositors account for 79% of deposits, suggesting that Lido’s customer base, and therefore sources of revenue, are highly concentrated and dependent on this small group of holders."

Projects that use or built on it

Competition

Pros and Cons

Pros

  • Is growing towards a DAO (4-2021).
  • Has gained wide support and therefore has great liquidity (6-2021).

Cons

  • Had investment from bankrupt Alameda Research/FTX, which came out (11-11-2022) during the FTX crash. This could mean fall-out risk. The investment turned out to be $3.6M in tokens.
  • Has high concentration of tokens in whale hands (7-2022), see Coin Distribution.
  • Is as of now still permissioned (4-2021). Has changed largely (2022), see Governance.

Team, Funding, Partners

Team

"It is spearheaded by team members from P2P Validator, including CTO Vasiliy Shapovalov and CEO Jordan Fish."

"According to a recent provisional budget, Lido has one of the larger teams in DeFi, with roughly 83 full-time contributors racking up a burn rate of nearly $29 million a year."

Funding

"Raised $2 million from investors like ParaFi Capital, Semantic Ventures, and more."

Terra, KR1, Stakefish, and Staking Facilities, among others. Angel investors, including Rune Christensen of MakerDAO, Stani Kulechov of Aave, and Kain Warwick of Synthetix, also participated in the round.

Partners