{"id":8247,"date":"2022-09-22T15:54:26","date_gmt":"2022-09-22T19:54:26","guid":{"rendered":"http:\/\/cryptocornercafe.com\/cafe\/?p=8247"},"modified":"2022-09-22T15:54:26","modified_gmt":"2022-09-22T19:54:26","slug":"lido-gets-all-clear-signal-from-blockchain-auditing-experts-statemind","status":"publish","type":"post","link":"http:\/\/cryptocornercafe.com\/cafe\/2022\/09\/22\/lido-gets-all-clear-signal-from-blockchain-auditing-experts-statemind\/","title":{"rendered":"Lido Gets All-Clear Signal From Blockchain Auditing Experts Statemind"},"content":{"rendered":"

The firm behind the recent success story<\/a>, where $350M in damages were prevented from hitting the Avalanche blockchain, has released an in-depth audit report of the popular Ethereum liquidity staking solution, Lido.\u00a0<\/p>\n

The report has ultimately given Lido an all-clear signal, noting that no significant vulnerabilities were discovered. Here is what newcomer blockchain auditing firm Statemind did find in their Lido report.\u00a0<\/p>\n

Lido Tasks Statemind With Keeping Billions At Stake Secure<\/p>\n

Lido<\/a> is designed to provide liquidity for staked assets with daily rewards and no lock up periods. Lido staking solutions are available for Ethereum, Solana, Polygon, Terra, Kusama, and Polkadot. \u00a0When staking Lido you mint staked tokens which are issued 1:1 to your initial stake. With Lido, your staked tokens can be used across the DeFi ecosystem as collateral, for lending, yield farming, and more.<\/p>\n

As Lido expands its stronghold over liquid crypto staking solutions, the need for the underlying code to be squeaky clean and without any potential complications becomes imperative. Billions of dollars in value are at stake across millions of users. Lido has tasked blockchain auditing firm Statemind with reviewing its code and ensuring no critical vulnerabilities exist \u2014 and if they do, snuff them out before they become an issue.\u00a0<\/p>\n

Statemind Makes Huge Splash At Launch, Saving Avalanche $350M<\/p>\n

Statemind did just this but outside of its regular clientele, while simultaneously making a huge splash<\/a> across the cryptocurrency development community. A proactive review of several top blockchains revealed that Avalanche and associated chains were exposed to a critical vulnerability. Estimated damages top over $350M that Statemind was able to save.\u00a0<\/p>\n

In the more reactive Lido research prompted by the client themselves, Statemind, fortunately, discovered zero critical, high, or medium-severity bugs. Only informational bugs were found, which are easily patched and pose no threat, said Statemind.\u00a0<\/p>\n

New Audit Report<\/p>\n

Statemind has completed a full Audit of @LidoFinance<\/a> MEV-boost relay allowlist.<\/p>\n

No Critical Vulnerabilities Found<\/p>\n

Read our full report here: https:\/\/t.co\/GthoW7Osd7<\/a><\/p>\n

\u2014 Statemind (@statemindio) September 21, 2022<\/a><\/p>\n\n

The Results And Recommendations Of The Lido Audit Report<\/p>\n

Statemind further outlined the results of the MEV-Boost relay allowlist project and Lido audit in a nine-page report<\/a>. According to the report, the on-chain relay allowlist is \u201cused by Node Operators participating in the Lido protocol after the ETH Merge to extract MEV.\u201d Node Operators use the contract to ensure up-to-date software configuration at all times.\u00a0\u00a0<\/p>\n

\u201cKey recommendations involve checking the number of relays right after the msg.sender check, removing the zero address check for msg.sender, checking if the token address is a contract in the function _safe_erc20_transfer, and utilizing mapping that maps URI to index of relay in the array,\u201d Statemind explained in a blog post.\u00a0<\/p>\n

What You Need To Know About Statemind Blockchain Safety Audits\u00a0<\/p>\n

Lido is just one of many of Statemind\u2019s clients, which also include 1INCH and Yearn.Finance.\u00a0Statemind is a brand new blockchain security auditing firm with over 100,000 LoC of Solidity and Vyper experience combined. Thus far, Statemind audits have secured over $10B in TVL, and the examples above have only added to this rapidly-growing number. To learn more, visit Statemind.io<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"

<\/p>\n

The firm behind the recent success story<\/a>, where $350M in damages were prevented from hitting the Avalanche blockchain, has released an in-depth audit report of the popular Ethereum liquidity staking solution, Lido.\u00a0<\/p>\n

The report has ultimately given Lido an all-clear signal, noting that no significant vulnerabilities were discovered. Here is what newcomer blockchain auditing firm Statemind did find in their Lido report.\u00a0<\/p>\n

Lido Tasks Statemind With Keeping Billions At Stake Secure<\/p>\n

Lido<\/a> is designed to provide liquidity for staked assets with daily rewards and no lock up periods. Lido staking solutions are available for Ethereum, Solana, Polygon, Terra, Kusama, and Polkadot. \u00a0When staking Lido you mint staked tokens which are issued 1:1 to your initial stake. With Lido, your staked tokens can be used across the DeFi ecosystem as collateral, for lending, yield farming, and more.<\/p>\n

As Lido expands its stronghold over liquid crypto staking solutions, the need for the underlying code to be squeaky clean and without any potential complications becomes imperative. Billions of dollars in value are at stake across millions of users. Lido has tasked blockchain auditing firm Statemind with reviewing its code and ensuring no critical vulnerabilities exist \u2014 and if they do, snuff them out before they become an issue.\u00a0<\/p>\n

Statemind Makes Huge Splash At Launch, Saving Avalanche $350M<\/p>\n

Statemind did just this but outside of its regular clientele, while simultaneously making a huge splash<\/a> across the cryptocurrency development community. A proactive review of several top blockchains revealed that Avalanche and associated chains were exposed to a critical vulnerability. Estimated damages top over $350M that Statemind was able to save.\u00a0<\/p>\n

In the more reactive Lido research prompted by the client themselves, Statemind, fortunately, discovered zero critical, high, or medium-severity bugs. Only informational bugs were found, which are easily patched and pose no threat, said Statemind.\u00a0<\/p>\n

New Audit Report<\/p>\n

Statemind has completed a full Audit of @LidoFinance<\/a> MEV-boost relay allowlist.<\/p>\n

No Critical Vulnerabilities Found<\/p>\n

Read our full report here: https:\/\/t.co\/GthoW7Osd7<\/a><\/p>\n

\u2014 Statemind (@statemindio) September 21, 2022<\/a><\/p>\n

The Results And Recommendations Of The Lido Audit Report<\/p>\n

Statemind further outlined the results of the MEV-Boost relay allowlist project and Lido audit in a nine-page report<\/a>. According to the report, the on-chain relay allowlist is \u201cused by Node Operators participating in the Lido protocol after the ETH Merge to extract MEV.\u201d Node Operators use the contract to ensure up-to-date software configuration at all times.\u00a0\u00a0<\/p>\n

\u201cKey recommendations involve checking the number of relays right after the msg.sender check, removing the zero address check for msg.sender, checking if the token address is a contract in the function _safe_erc20_transfer, and utilizing mapping that maps URI to index of relay in the array,\u201d Statemind explained in a blog post.\u00a0<\/p>\n

What You Need To Know About Statemind Blockchain Safety Audits\u00a0<\/p>\n

Lido is just one of many of Statemind\u2019s clients, which also include 1INCH and Yearn.Finance.\u00a0Statemind is a brand new blockchain security auditing firm with over 100,000 LoC of Solidity and Vyper experience combined. Thus far, Statemind audits have secured over $10B in TVL, and the examples above have only added to this rapidly-growing number. To learn more, visit Statemind.io<\/a>.<\/p>\n

<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[82],"tags":[],"class_list":["post-8247","post","type-post","status-publish","format-standard","hentry","category-blockchain"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/posts\/8247","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/comments?post=8247"}],"version-history":[{"count":0,"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/posts\/8247\/revisions"}],"wp:attachment":[{"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/media?parent=8247"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/categories?post=8247"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/tags?post=8247"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}