Nethermind is asking for the migration of around 7400 validators in the Curated Set from their infrastructure to Twinstake’s infrastructure.
Twinstake is partly owned by Nethermind, and is a specialized staking provider. The idea is that both parties can focus on their core competencies: Nethermind can focus on client development and protocol research, and Twinstake on operating the validators.
While I do think there is value in keeping Nethermind engaged, I understand their efforts to streamline their work. Moreover, Nethermind still retains DVT infrastructure on the SDVTM.
After one of the key upgrades for Lido DAO, Dual Governance, an anonymous white hat has reported a griefing vulnerability. A griefing attack or vulnerability is one where the attacker doesn’t necessarily gain anything directly, but it somehow breaks or stalls the normal functioning of the mechanism being attacked.
The vulnerability requires more than 10% of stETH to want to RageQuit, which basically means that the Lido DAO has already done something crazy and a lot of stETH wants out of the system before this crazy thing comes into effect. This is unlikely, but if it were to happen, a function that is supposed to be called once and that extens the period that allows for Rage Quitting (exiting the protocol) could be called more than once, and hence extending that period potentially forever, causing a state of gridlock where the LDO proposal wouldn’t pass, nor the Rage Quitters could withdraw their ETH. If this would have happened, a solution (a protocol upgrade with the Tiebreaker committee) could be found, but delays and some chaos would have happened.
The fix has been audited and this vote implements it.
Excited about moving the stVaults forward. The committee is a great bootstrapping mechanism for a new part of the protocol that might need adjusting and overseeing. I also trust the members of the committee, but if they took decisions that me or other governance participants disagreed on, a new vote can be put forth to change the committee’s role, its configuration or dissolve it entirely.
What are we doing here? Buying LDO back? Why is this a good thing? Let’s analyse this:
It basically means that:
Generates demand for LDO
“change the respective share over governance rights” is a bit misleading or maybe I’m not understanding. It’s true that if someone sells, they will have less governance (duh), but it’s not clear not enforceable who will be selling and how this new configuration of the governance change and whether it will be positive. The only thing we know is that the treasury will have more LDO.
It also hints at “future ‘value distribution’ proposals”, which is nice because we regularly get proposals in the governance to “distribute value among tokenholders”, but aren’t quite completely thought out.
To me, the key here is to keep the simplicity of the original Lido pool while at the same time providing flexibility to the operators and builders that would need more functionality, choice, and composability.
Upgrade to CSM v2 and increase CSM stake share limit from 3% to 5%, as per Snapshot decision. Items 1.34-1.59. Audit & deployment verification by: Statemind | Ackee.
Activate Triggerable Withdrawals, as per Snapshot decision. Items 1.1-1.33, 1.60-1.66, 2-4. Audit & deployment verification by Statemind | Audit by Ackee.
Update the reward address and name for Node Operator ID 25 Nethermind, as per Snapshot decision. Items 1.67, 1.68.
Rotate Deposit Security Committee address for Kiln. Requested on the forum. Items 1.69, 1.70.
All these issues have either been approved by snapshot vote before or are a consequence of the Kiln’s security issue.
The proposal makes sense and has the goal to look at bridging as a key piece of the ecosystem building process and less as a partnership play.
I support the idea, so do the key members implicated, and to my understanding enough safeguards are put in place to support this function.
Like our June proposal: Pol Lanski Delegate Thread - #19 by Lanski , which aimed at adapt the policy to the reality of Ethereum in regards to Block Proposals, this new version of the Standard Node Operator Protocol takes into account changes to the protocol and the Staking Router in regards to the Validator Exits, mainly officially accounting for EL Triggerable Withdrawals.
I’m glad to see how this has evolved. From an initial proposal that didn’t have broad contributor support, Lido Labs has reached out to contributors and found a better proposal with more support.
Kudos to everyone involved.
Adjusting the budget to what corresponds to the reality is the responsible thing to do. How many times we’ve seen in big corporates people spending the budget quickly at the end of the period just so in the next budgeting exercise their share wouldn’t be reduced? We can be better than this perverse behaviour, and we are.
Regarding the discussion on whether to disburse grants in LDO, my opinion as a grantee is that it’s much better to receive in stables to plan costs and then a smaller bonus in LDO to encourage governance participation, but I wouldn’t like a full-LDO grant as much.
I agree with the proposal, but also worth noting @Stefa2k 's comments on the transparency of the process.
I know publicly doing all this transparency work might seem like a big lift, but since it will have to be done again when someone asks what were the criteria… why not just do it from the get go?
This sets the strategy for 2026. And in terms of strategy, too many cooks spoil the broth! I think the GOOSE-3 is a solid exercise, although I had some comments to offer.
These comments can be found here:
The TL;DR is
I also recommend reading @KimonSh 's thoughtful response to my comments, particularly in regards to Node Operator set decentralization and his optimistic view on what stVaults bring to the table.
I LOVE that Lido’s main problem is that it’s too stable and safe. This is the purpose of a DAO-led infrastructure project. If the whole team were to disappear, we (LDO holders) could upgrade the contracts in maintenance mode and it would keep going forever with the necessary tweaks around protocol upgrades.
That said, I’m also in for exploring how to leverage this stable base we have to grow and make the most decentralized staking protocol the base for decentralized finance too.
No matter how many audits, how many eyes are in a project, the fact that the backend (the smart contracts) of blockchain projects is exposed for anyone to validate and trust, it also means that bad actors can be permanently scanning, testing, probing and finding ways to exploit such smart contracts.
In our industry, white hats have a history of having rescued millions and millions from the hands of hackers. They put their skills at work either proactively or as an incident response team to help users and ultimately the reputation of our industry, and sometimes they have to get dirty and do the same things the hackers do.
The Safe Harbor Agreement recognises them, their importance in our industry, and welcomes them in advance, offering safe harbor within a framework published by SEAL, a good representative of such white hat hacker groups.
While I hope there are no incidents ever, I’m happy to know that if white hackers jump in to protect Lido, they are also protected by this agreement.