Lido避免了重大安全漏洞作为比特币Defi Blossoms

以太坊最大的液体堆积协议Lido避免了九个Oracle钥匙之一的重大安全事件。

Lido, Ethereum’s largest liquid staking protocol, escaped a major security incident after one of its nine oracle keys was compromised in what appears to be a low-impact but serious breach involving validator operator Chorus One.

以太坊最大的液体饲养协议Lido逃脱了一次重大安全事件，因为它的九个Oracle钥匙之一被妥协了，这似乎是一种低影响但严重的违规行为，涉及验证器操作员合唱。

The compromised key was tied to a hot wallet used for oracle reporting, and the breach led to the theft of just 1.46 ETH ($4,200) in gas fees, according to a new post from Lido. No user funds were affected, and no broader compromise was detected.

据利多多（Lido）的新帖子称，折衷的钥匙与用于甲骨文报告的热钱包有关，违规行为导致盗窃1.46 ETH（4,200美元）的汽油费。没有影响用户资金，也没有检测到更广泛的妥协。

“[The technical issues] have now been resolved, and the reporting node is back online and operating normally,” a spokesperson for Lido said in an email to CoinDesk.

里多（Lido）发言人在给科德斯克（Coindesk）的一封电子邮件中说：“ [技术问题]现在已经解决，报告节点又回到了在线并正常运行。”

The breach was first detected on Tuesday, when Lido noticed an anomaly in one of its oracle nodes, which are used to aggregate data about the Ethereum blockchain and report it to external services. The anomaly ultimately led to the compromise of one of the nine oracle keys used by Lido.

违规行为是在周二发现的，当时Lido注意到其中一个Oracle节点的异常，该节点用于汇总有关以太坊区块链的数据并将其报告给外部服务。异常最终导致了Lido使用的九个甲骨文键之一的妥协。

The breach was quickly contained, and no user funds or other Lido services were affected. However, it highlights the ongoing challenges faced by blockchain protocols in securing their systems against cyberattacks.

违规行为很快被包含，并且没有影响用户资金或其他Lido服务。但是，它突出了区块链协议在确保其系统免受网络攻击方面面临的持续挑战。

"We are grateful for the swift response of the Chorus One team in patching the vulnerability and preventing further exploitation," said Vijay Anant, CEO of Lido. "This incident serves as a reminder of the importance of robust security practices and the collaborative efforts needed to maintain the stability and integrity of the Ethereum ecosystem."

Lido首席执行官Vijay Anant说：“我们感谢合唱团的迅速反应，以修补脆弱性并防止进一步的剥削。” “这一事件提醒人们强大的安全实践的重要性以及维持以太坊生态系统稳定性和完整性所需的协作努力。”

The incident is still under investigation, but initial findings suggest that it may be linked to a known vulnerability in Chorus One's validator software. The vulnerability could allow an attacker to gain control of a validator node and use it to carry out malicious activities, such as stealing funds or disrupting the network.

该事件仍在调查中，但最初的发现表明，它可能与合唱验证器软件中的已知漏洞有关。该漏洞可以使攻击者能够控制验证器节点并使用它进行恶意活动，例如窃取资金或破坏网络。

"This vulnerability has been patched, and we are working to ensure that all of our validators are updated with the latest security patches," a spokesperson for Chorus One said. "We apologize for any inconvenience this has caused to Lido and its users."

合唱团发言人说：“这种漏洞已经修补，我们正在努力确保所有验证者都使用最新的安全补丁进行了更新。” “对于利多及其用户造成的任何不便，我们深表歉意。”

The breach comes at a time when Ethereum is facing increasing pressure to scale and secure its network. The introduction of Pectra last week brought the biggest changes to the blockchain in more than a year.

在以太坊正面临着扩大规模和确保其网络的压力越来越大的时候。上周引入Pectra，在一年多的时间内为区块链带来了最大的变化。

Pectra, which stands for "Paris Edition C++ Ractra," is the latest in a series of planned upgrades to the Ethereum network. It is named after the city where the latest meeting of the Ethereum core developers took place.

Pectra代表“巴黎版C ++ ractra”，是一系列计划升级以太坊网络的最新消息。它以以太坊核心开发人员最新会议的城市命名。

The Pectra upgrade introduced several key changes, including:

Pectra升级引入了几个关键更改，包括：

Easier staking for institutions

机构更容易占有

Improved wallet accessibility

改进的钱包可访问性

Increased transaction efficiency

提高交易效率

Developers have already begun planning for the next upgrade, known as Fusaka, and have thus far agreed to include an Ethereum Improvement Proposal (EIP) called "PeerDAS" that could help the network support larger "blobs" of transaction data.

开发人员已经开始计划下一次升级（称为Fusaka），迄今已同意包括一个名为“ Peerdas”的以太坊改进建议（EIP），该提案可以帮助网络支持交易数据的更大的“ Blobs”。

The next meeting of the Ethereum core developers is scheduled for December in Tokyo, where they will continue to discuss and develop plans for the Fusaka upgrade.

以太坊核心开发商的下一次会议定于12月在东京举行，他们将继续讨论和制定Fusaka升级计划。

The Pectra upgrade was successfully deployed on March 7, paving the way for the next stage of the Ethereum network's evolution.calendaroutput:

Pectra升级于3月7日成功部署，为以太坊网络的进化铺平了道路。

DeFi protocols on the Bitcoin blockchain may still be in the infancy relative to Ethereum, but they are becoming safer and cheaper, crypto analytics firm Messari said in a new report.

加密分析公司Messari在一份新报告中说，关于比特币区块链的DEFI协议可能仍处于婴儿期，但它们变得更安全，更便宜。

A central participant is Rootstock, one of the oldest Bitcoin layer-2 projects, crypto analytics firm Messari said in its “State of Rootstock” report on Tuesday.

Crypto Analytics公司Messari在周二的“ State of Rootstock”报告中说，中央参与者是Rootstock，这是最古老的比特币层项目之一。

Rootstock is now secured by 81% of Bitcoin’s total hashrate, meaning miners that account for amount the hashrate are also approving transactions on the layer 2. The figure was just 56% before the the onboarding of Foundry and Spiderpool, the world’s largest and sixth-largest mining pools, respectively, in February.

现在，砧木是比特币总哈希岩的81％确保的，这意味着矿工的数量也批准了第2层上的交易。该数字分别在全球最大和第六大开采池的铸造厂和Spiderpool的入门之前仅56％。

“The integration of the major mining pools has brought significant contributions to Rootstock’s security and stability,” Messari researchers wrote.

Messari研究人员写道：“主要采矿池的整合为Rootstock的安全和稳定带来了重大贡献。”

After the integration of the mining pools, the probability of a successful 51% attack on Rootstock has decreased to less than 1%, they added. A 51% attack occurs when a group of miners gains control of more than half of the network's hashrate and can use it to double-spend coins, censor transactions and ultimately take over the network.

他们补充说，在集成采矿池之后，对砧木成功攻击成功的可能性已减少到不到1％。当一组矿工获得了一半以上网络的哈希酸盐的控制权并可以使用它来双重启动硬币，审查交易并最终接管网络时，就会发生51％的攻击。

“While not impossible, the prospect of a successful 51% attack on Rootstock is now slim and would require a coordinated effort from several of the largest mining pools to opt out of providing their hashrate to Rootstock.”

“虽然并非不可能，但成功对砧木的51％攻击的前景现在很苗条，需要从几个最大的采矿池中进行协调的努力，才能选择退出其桥梁到Rootstock。”

The researchers went on to note that the high level of hashrate support for Rootstock may also be attributed to the project’s low transaction fees. On average, a transaction on Rootstock costs around $0.03 in gas fees, compared to $1 to $2 for an Ethereum transaction during times of high network activity.

研究人员继续指出，对砧木的高度桥梁支持也可能归因于该项目的低交易费用。平均而言，砧木交易的价格约为0.03美元，而在高网络活动期间，以太坊交易的价格为1至2美元。

“These low transaction fees are a significant advantage for Rootstock, as they make it an attractive option for

“这些低交易费用是Rootstock的重要优势，因为它们使其成为有吸引力的选择