Lido DAO

This proposal is a followup to the previous vote (in December 2023) regarding InfStones resuming active participation in the Lido Node Operator set (link to the vote), which ended with a lack of quorum for any option and generally leaning towards the operator re-activating but with some voters opining that additional time was required.

In the time since, InfStones have worked with a third party information security consultant (https://carbidesecure.com/) to perform penetration testing on their infra, specifically targeting the issues identified in the original infrastructure vulnerability disclosure. The executive summary of the pentest has been provided to the DAO (https://research.lido.fi/t/lido-on-ethereum-node-operator-infstones-platform-vulnerability-investigation-november-22-2023/6001/23), and the detailed report was provided to DAO contributors who requested access, as well as a SOC 2 Type I report. Follow-up questions were submitted by contributors and responses were received. Currently, contributors feel that there is no reason to believe that the relevant infrastructure vulnerabilities are still present, nor that any other known vulnerabilities have not been adequately remediated and/or resolved.

A summary of events follows below:

On Nov 22, Lido DAO contributors were made aware of two platform vulnerabilities in the validator infrastructure of one of the Curated Set Node Operators (InfStones) that utilize the Lido on Ethereum Protocol.

As a result of the mutual understanding of the potential implications of the vulnerabilities, the Node Operator volunteered to exit the validators out of an abundance of caution. The stake for the 10,001 validators that they were operating completed flowing back through the Lido on Ethereum Protocol through the Lido Withdrawal Vault and was automatically allocated to pending withdrawals at the time or other node operators.

InfStones has posted a response on the Lido research forums indicating their understanding and approach regarding the infrastructure vulnerabilities; and has stated that the relevant gaps have been remediated. Additionally, InfStones have set up a bug bounty program that covers their infrastructure, and have also completed a SOC 2 Type I audit using an external third party, and have now also completed a pen-test with a third party, with the results to be shared with the DAO.

As a result, InfStones is looking to ask the DAO the following:

Is the DAO satisfied that the Node Operator has appropriately remediated the issues in their infra such that InfStones can resume active participation in the Curated Operator Set?

Voting Instructions

This is a single-option vote.

• If you believe that the Node Operator has shown enough evidence that the vulnerability has been remediated and can resume submitting keys in a guarded fashion, vote “For”.
• If you believe that the Node Operator should be removed from the Node Operator set, vote “Against”.

Next Steps

• If the “For” option reaches quorum, then the Node Operator will resume key submission at their convenience and raise their validator limit in a guarded manner.
• If the “Against” option reaches quorum, a separate on-chain vote will be required to deactivate the Node Operator.