Lido is a liquid staking solution built on Ethereum. Launched in December 2020, Lido has established itself as a mainstay DeFi project. Lido prides itself on its approach to transparency and security, and Lido contributors strive to deliver the best-in-class staking solution to users.
Amongst other things, this translates to:
Open-source development work & continuous review of all code.
Committee of elected, best-in-class validators to minimise slashing risk.
Use of non-custodial staking service to mitigate counter-party risk.
Use of DAO for governance decisions to manage risk factors.
Lido audits can be found in more detail here.
Risks of staking with Lido
The Lido DAO is driven to mitigate above risks and eliminate them entirely to the extent possible. Despite this, a number of potential risks still exist when staking ETH using Lido:
Smart contract security
There is an inherent risk that Lido could contain a smart contract vulnerability or bug. The Lido code is open-sourced, audited and covered by an extensive bug bounty program to minimise this risk.
Lido is built atop experimental technology under active development, and there is no guarantee that ETH has been developed error-free. Any vulnerabilities inherent to ETH brings with it slashing risk, as well as stETH fluctuation risk.
The value of stETH is built around the staking rewards associated with the Ethereum beacon chain. If ETH fails to reach required levels of adoption we could experience significant fluctuations in the value of ETH and stETH.
ETH validators risk staking penalties, with up to 100% of staked funds at risk if validators fail. To minimise this risk, Lido stakes across multiple professional and reputable node operators with heterogeneous setups, with additional mitigation in the form of insurance that is paid from Lido fees.
stETH price risk
Users risk an exchange price of stETH which is lower than inherent value due to withdrawal restrictions on Lido, making arbitrage and market-making impossible.