Chorus One: The impact of the Lido oracle hacking incident is limited and customer funds are not affected

PA一线｜2025-05-12 7:15

PANews reported on May 12 that Chorus One, a oracle service provider, posted on the X platform that on May 10, a hot wallet managed by Chorus One for voting in the Lido oracle was accessed by an unauthorized entity, resulting in the transfer of 1.46 ETH. Currently, the wallet is undergoing a DAO vote to remove it from the oracle set and replace it with a newly generated, secure and reliable new address. Preliminary investigation results show that this is an isolated incident with limited impact. The affected hot wallet dates back to 2021 and was designed to maintain only a low balance and be used exclusively for the operation of the Lido oracle. Therefore, it does not follow the same strict security standards adopted by other keys managed by Chorus One. Currently, the Lido oracle key is securely stored in the HashiCorp Vault and strict access control is implemented in accordance with the principle of least privilege. A comprehensive review of the entire infrastructure has been conducted and no signs of a wider intrusion have been found. It is confident that no customer funds or validator infrastructure have been affected, and it is believed that the scope of the impact of this incident has been controlled.

According to previous news, Lido DAO launched an emergency proposal to replace the oracle node that was suspected of leaking private keys .

Original Link

Author ：PA一线
This article reflects the opinions of PANews's columnist and does not represent the stance of PANews. PANews does not assume legal responsibility. The article and opinions do not constitute investment advice.
Image Source ： PA一线 If there is any infringement, please contact the author to remove it.