Lido Dodges Disaster: Oracle Key Breach Leaves User Funds Untouched

Lido’s security team just pulled off a high-wire act—a rogue oracle key breach could’ve been catastrophic, but zero user funds were siphoned. Talk about a close call for the DeFi darling.

How it happened: An attacker compromised an oracle operator’s key, potentially allowing fake data injections. But Lido’s multi-layered defenses (and maybe some luck) kept the vaults locked tight.

The irony? This happens while traditional banks lose $100M+ to ’authorized’ wire fraud weekly—but sure, crypto’s the risky asset class.

Stakers unaffected, says Lido

For context, oracles provide external data to blockchains, including price feeds, validator status, balances, and staking rewards.

On the 10th of May, an attacker drained 1.46 ethereum [ETH] from an outdated Lido oracle address from 2021, supported by Chorus One.

Such a compromise could lead to false data and added vulnerabilities.

However, on the 11th of May, Lido stated in an X (formerly Twitter) post that stakers were not affected.

“Stakers are not affected. The protocol remains secure and fully operational. The oracle system is robust by design, with a 5/9 quorum, and all other participants remain safe.” 

Here, it is worth noting that Lido has 9 oracle operators to ensure reliability, as they operate based on a quorum.

Since only one oracle was compromised, the team assured that the rest of the system WOULD function smoothly as they conduct further incident assessment. 

However, Lido’s strategic advisor, Hasu, clarified that the Lido protocol fund can’t be stolen through oracles. 

“The oracle is not a multisig, it can’t steal funds from the protocol, only trigger stETH to rebase a very small amount into either direction. And even that requires 5/9 signers, not 1/9.”

Unsurprisingly, market participants appeared cautious with the native token’s LDO after the oracle hack.

Per Santiment, the weighted sentiment (red) dropped sharply into negative territory after the update. 

Source: Santiment

Despite the negative sentiment, Social Volume (market interest) was still elevated. Simply put, LDO recovery could extend if the hack incident remains limited, as the team stated. 

Source: LDO/USDT, TradingView

On the price front, after a +50% rally last week, LDO reclaimed $1 (yellow), a crucial leaderboard, to the $1.4-$1.5 zone in past rallies.

If the trend repeats, the next target would be the overhead supply zone at $1.5. 

On the contrary, a breach below $1 could embolden sellers to drag the altcoin to the 50- Exponential Moving Average (EMA).