Lido避免了重大安全漏洞作為比特幣Defi Blossoms

以太坊最大的液體堆積協議Lido避免了九個Oracle鑰匙之一的重大安全事件。

Lido, Ethereum’s largest liquid staking protocol, escaped a major security incident after one of its nine oracle keys was compromised in what appears to be a low-impact but serious breach involving validator operator Chorus One.

以太坊最大的液體飼養協議Lido逃脫了一次重大安全事件，因為它的九個Oracle鑰匙之一被妥協了，這似乎是一種低影響但嚴重的違規行為，涉及驗證器操作員合唱。

The compromised key was tied to a hot wallet used for oracle reporting, and the breach led to the theft of just 1.46 ETH ($4,200) in gas fees, according to a new post from Lido. No user funds were affected, and no broader compromise was detected.

據利多多（Lido）的新帖子稱，折衷的鑰匙與用於甲骨文報告的熱錢包有關，違規行為導致盜竊1.46 ETH（4,200美元）的汽油費。沒有影響用戶資金，也沒有檢測到更廣泛的妥協。

“[The technical issues] have now been resolved, and the reporting node is back online and operating normally,” a spokesperson for Lido said in an email to CoinDesk.

裡多（Lido）發言人在給科德斯克（Coindesk）的一封電子郵件中說：“ [技術問題]現在已經解決，報告節點又回到了在線並正常運行。”

The breach was first detected on Tuesday, when Lido noticed an anomaly in one of its oracle nodes, which are used to aggregate data about the Ethereum blockchain and report it to external services. The anomaly ultimately led to the compromise of one of the nine oracle keys used by Lido.

違規行為是在周二發現的，當時Lido注意到其中一個Oracle節點的異常，該節點用於匯總有關以太坊區塊鏈的數據並將其報告給外部服務。異常最終導致了Lido使用的九個甲骨文鍵之一的妥協。

The breach was quickly contained, and no user funds or other Lido services were affected. However, it highlights the ongoing challenges faced by blockchain protocols in securing their systems against cyberattacks.

違規行為很快被包含，並且沒有影響用戶資金或其他Lido服務。但是，它突出了區塊鏈協議在確保其係統免受網絡攻擊方面面臨的持續挑戰。

"We are grateful for the swift response of the Chorus One team in patching the vulnerability and preventing further exploitation," said Vijay Anant, CEO of Lido. "This incident serves as a reminder of the importance of robust security practices and the collaborative efforts needed to maintain the stability and integrity of the Ethereum ecosystem."

Lido首席執行官Vijay Anant說：“我們感謝合唱團的迅速反應，以修補脆弱性並防止進一步的剝削。” “這一事件提醒人們強大的安全實踐的重要性以及維持以太坊生態系統穩定性和完整性所需的協作努力。”

The incident is still under investigation, but initial findings suggest that it may be linked to a known vulnerability in Chorus One's validator software. The vulnerability could allow an attacker to gain control of a validator node and use it to carry out malicious activities, such as stealing funds or disrupting the network.

該事件仍在調查中，但最初的發現表明，它可能與合唱驗證器軟件中的已知漏洞有關。該漏洞可以使攻擊者能夠控制驗證器節點並使用它進行惡意活動，例如竊取資金或破壞網絡。

"This vulnerability has been patched, and we are working to ensure that all of our validators are updated with the latest security patches," a spokesperson for Chorus One said. "We apologize for any inconvenience this has caused to Lido and its users."

合唱團發言人說：“這種漏洞已經修補，我們正在努力確保所有驗證者都使用最新的安全補丁進行了更新。” “對於利多及其用戶造成的任何不便，我們深表歉意。”

The breach comes at a time when Ethereum is facing increasing pressure to scale and secure its network. The introduction of Pectra last week brought the biggest changes to the blockchain in more than a year.

在以太坊正面臨著擴大規模和確保其網絡的壓力越來越大的時候。上週引入Pectra，在一年多的時間內為區塊鏈帶來了最大的變化。

Pectra, which stands for "Paris Edition C++ Ractra," is the latest in a series of planned upgrades to the Ethereum network. It is named after the city where the latest meeting of the Ethereum core developers took place.

Pectra代表“巴黎版C ++ ractra”，是一系列計劃升級以太坊網絡的最新消息。它以以太坊核心開發人員最新會議的城市命名。

The Pectra upgrade introduced several key changes, including:

Pectra升級引入了幾個關鍵更改，包括：

Easier staking for institutions

機構更容易占有

Improved wallet accessibility

改進的錢包可訪問性

Increased transaction efficiency

提高交易效率

Developers have already begun planning for the next upgrade, known as Fusaka, and have thus far agreed to include an Ethereum Improvement Proposal (EIP) called "PeerDAS" that could help the network support larger "blobs" of transaction data.

開發人員已經開始計劃下一次升級（稱為Fusaka），迄今已同意包括一個名為“ Peerdas”的以太坊改進建議（EIP），該提案可以幫助網絡支持交易數據的更大的“ Blobs”。

The next meeting of the Ethereum core developers is scheduled for December in Tokyo, where they will continue to discuss and develop plans for the Fusaka upgrade.

以太坊核心開發商的下一次會議定於12月在東京舉行，他們將繼續討論和製定Fusaka升級計劃。

The Pectra upgrade was successfully deployed on March 7, paving the way for the next stage of the Ethereum network's evolution.calendaroutput:

Pectra升級於3月7日成功部署，為以太坊網絡的進化鋪平了道路。

DeFi protocols on the Bitcoin blockchain may still be in the infancy relative to Ethereum, but they are becoming safer and cheaper, crypto analytics firm Messari said in a new report.

加密分析公司Messari在一份新報告中說，關於比特幣區塊鏈的DEFI協議可能仍處於嬰儿期，但它們變得更安全，更便宜。

A central participant is Rootstock, one of the oldest Bitcoin layer-2 projects, crypto analytics firm Messari said in its “State of Rootstock” report on Tuesday.

Crypto Analytics公司Messari在周二的“ State of Rootstock”報告中說，中央參與者是Rootstock，這是最古老的比特幣層項目之一。

Rootstock is now secured by 81% of Bitcoin’s total hashrate, meaning miners that account for amount the hashrate are also approving transactions on the layer 2. The figure was just 56% before the the onboarding of Foundry and Spiderpool, the world’s largest and sixth-largest mining pools, respectively, in February.

現在，砧木是比特幣總哈希岩的81％確保的，這意味著礦工的數量也批准了第2層上的交易。該數字分別在全球最大和第六大開採池的鑄造廠和Spiderpool的入門之前僅56％。

“The integration of the major mining pools has brought significant contributions to Rootstock’s security and stability,” Messari researchers wrote.

Messari研究人員寫道：“主要採礦池的整合為Rootstock的安全和穩定帶來了重大貢獻。”

After the integration of the mining pools, the probability of a successful 51% attack on Rootstock has decreased to less than 1%, they added. A 51% attack occurs when a group of miners gains control of more than half of the network's hashrate and can use it to double-spend coins, censor transactions and ultimately take over the network.

他們補充說，在集成採礦池之後，對砧木成功攻擊成功的可能性已減少到不到1％。當一組礦工獲得了一半以上網絡的哈希酸鹽的控制權並可以使用它來雙重啟動硬幣，審查交易並最終接管網絡時，就會發生51％的攻擊。

“While not impossible, the prospect of a successful 51% attack on Rootstock is now slim and would require a coordinated effort from several of the largest mining pools to opt out of providing their hashrate to Rootstock.”

“雖然並非不可能，但成功對砧木的51％攻擊的前景現在很苗條，需要從幾個最大的採礦池中進行協調的努力，才能選擇退出其橋樑到Rootstock。”

The researchers went on to note that the high level of hashrate support for Rootstock may also be attributed to the project’s low transaction fees. On average, a transaction on Rootstock costs around $0.03 in gas fees, compared to $1 to $2 for an Ethereum transaction during times of high network activity.

研究人員繼續指出，對砧木的高度橋樑支持也可能歸因於該項目的低交易費用。平均而言，砧木交易的價格約為0.03美元，而在高網絡活動期間，以太坊交易的價格為1至2美元。

“These low transaction fees are a significant advantage for Rootstock, as they make it an attractive option for

“這些低交易費用是Rootstock的重要優勢，因為它們使其成為有吸引力的選擇