Negative Rebase Protection Now Live

Following a successful LDO token holders’ vote, Lido DAO contributors have deployed LIP-23: the Negative Rebase Sanity Check with pluggable Second Opinion system.

This new layer provides additional safeguards through strict verification of AccountingOracle reports, with planned integration for trustless oracle data providers, anticipating an emerging solution from Succinct Labs, being funded through LEGO grant, based on SP1 zkVM.

The Problem

As stETH has become increasingly integrated across DeFi protocols, with billions in TVL dependent on its stability, the importance of robust and reliable Oracles has grown proportionally. The Lido protocol relies on an Oracle committee to report external data to the protocol including validator balances on the Consensus Layer, which directly affects stETH token value through rebasing. This critical mechanism requires state-of-the-art protection – a compromised AccountingOracle reporting incorrect balances could trigger significant negative rebases, potentially causing cascading liquidations in DeFi protocols where stETH is used as collateral and creating broader market turbulence.

The Solution: ZK-Verified Oracle Protection

Contributors to the Lido protocol have deployed a comprehensive system that introduces strict mathematical limits on negative rebases while establishing a framework for pluggable external balance-reporting trustless oracles. This supports the upcoming Succinct SP1 solution, which is currently being tested on Sepolia testnet and Mainnet (isolated from the protocol). This dual approach ensures that any changes to user balances are both limited in scope and trustlessly verified.

The system achieves this through multiple layers of protection:

1. Stricter Sanity Check Parameters

The system changes the AccountingOracle sanity check parameters from a 5% daily limit on Consensus Layer validator balance and withdrawal vault balance decrease to a maximum of ~3.4% over an 18-day window (equivalent to 1.101 ETH decrease per validator). For more details on the technical implementation, see ‘LIP-23: Negative rebase sanity check with second opinion’.

This precise calibration minimises potential losses of user assets while still allowing for normal validator operations and necessary penalties reports to arrive.

2. Trustless Verification

Succinct Labs' ZK Oracle implementation on SP1 zkVM provides trustless verification by independently calculating validator balances and generating zero-knowledge proofs. This cryptographic solution serves as a "second opinion" to verify AccountingOracle reports containing negative rebase incurring data.

3. Smart Contract Safeguards

The system enforces carefully calibrated parameters through smart contracts:

Maximum initial slashing penalty of 1 ETH per validator, ensuring proportional responses to misbehavior
Inactivity penalty of 0.101 ETH, reflecting standard consensus layer penalties
Error tolerance limit of 0.5% for validator balance reporting, precisely tuned to prevent manipulation while allowing for normal operations

This implementation delivers key benefits to stETH holders and DeFi users: stronger protection against negative rebases through mathematical limits and enhanced stability for stETH positions across DeFi applications - all while requiring no changes to how users interact with the protocol. Trustless verification of Oracle reports through zero-knowledge proofs will be implemented as the next step.

Rigorous Process

The deployment follows a two-stage process:

Stage 1: Negative Rebase Protection (Currently Live on Mainnet)

Extensive testing of the Negative rebase protection system on Sepolia and Mainnet
Comprehensive technical security audits by Chainsecurity and MixBytes.
Final review and approval through Lido DAO Vote #180
Negative rebase protection system deployed and enabled on Mainnet

Stage 2: Second Opinion Integration (Possible future)

Extensive testing of the ZK prover on Sepolia and Mainnet
Thorough verification of all ZK proof generation and validation processes
Three weeks of parallel testing of the ZK Oracle against Lido protocol’s traditional Oracle
Comprehensive technical security audits
DAO vote for activation

How It Works

Stage 1: Negative Rebase Protection (Currently Live on Mainnet)

When the Oracle committee submits a report that would result in a negative rebase:

The system verifies the report against strict mathematical limits
Reports with abnormal data are automatically rejected
LDO token holder’s vote is required to resolve exceptional cases
The system ensures all rebases stay within the limits defined by the protocol parameters

Stage 2: Second Opinion Integration (Upcoming)

When second opinion capabilities are activated:

Instead of automatic rejection, abnormal reports will trigger second opinion verification
Reports can proceed if validated by the second opinion provider
Enhanced trust minimization through independent verification

Rigorous Security Process

Error Tolerance and Attack Prevention

The 0.5% error tolerance limit was carefully calibrated based on current protocol TVL and validator economics. At current TVL levels (~10 million ETH), an attack would require activating approximately 1,500 validators – making manipulation both extremely costly and ultimately unprofitable.

Furthermore, with triggerable withdrawals soon available on Ethereum through EIP-7002, such an attack becomes even more impractical as forged validators could be forced to exit.

ZK Oracle Performance

At the moment of writing, Succinct Labs' ZK Oracle implementation on SP1 achieves quite a significant efficiency on Mainnet test runs:

Processes verification of ~1.6M validators
Completes verification in approximately 40-50 minutes
Requires about 400k gas for on-chain verification

More details will be provided on the Lido research forum later.

Looking Ahead

This deployment represents a significant milestone to contributors' ongoing commitment to protocol development and protection. The integration of Succinct Labs' ZK Oracle built on SP1 zkVM technology should demonstrate how advanced cryptography enhances liquid staking protocols.

The next major step will be the integration of Succinct Labs' ZK Oracle on SP1 zkVM technology as a second opinion verifier. This integration will require its own process including a separate LDO token holder vote after comprehensive testing, technical security audits, and several months of parallel running alongside existing systems before it can be connected to the SanityChecker contract.

Resources

Note: This post describes technical improvements to the Lido protocol's infrastructure. This information is provided for transparency and educational purposes.