How Does Lido Work?

stETH: rebasing liquid staking token for ETH with daily reward accrual

Users deposit ETH and receive stETH, which rebases daily to reflect staking rewards. Dominant liquid staking token with ~60% market share and deep DeFi integrations.

wstETH: non-rebasing wrapper for DeFi composability

Wrapped stETH uses an exchange-rate model instead of rebasing, making it compatible with DeFi protocols that don't support rebasing tokens. Most DeFi integrations use wstETH.

Multi-module operator set with curated and permissionless tiers

683+ active node operators across multiple modules: curated (professional operators), SimpleDVT (distributed validator technology clusters), and Community Staking Module (permissionless solo stakers with bond). Significantly more decentralized than the original ~30 whitelisted operators.

Unstaking queue with turbo and bunker modes

Post-Shapella, Lido supports withdrawals through a queue system. Turbo mode processes quickly in normal conditions; bunker mode activates during mass slashing to protect the protocol.

LDO governance with stETH holder veto power via dual governance (live July 2025)

LDO token governs protocol parameters and operator onboarding. Dual governance launched on mainnet in July 2025, granting stETH holders veto power over LDO governance decisions via scaled timelocks (5-45 day freeze at 1% opposition, rage quit at 10%). This is a significant governance upgrade that mitigates the risk of LDO whale governance capture.

Oracle committee reporting consensus layer balances to execution layer

Oracle committee of trusted members reports beacon chain validator balances. These reports drive the stETH rebase. In May 2025, a Chorus One oracle key was compromised and 1.46 ETH was stolen (no user funds affected), demonstrating that oracle key compromise is a real attack vector.

Protocol-level coverage fund for validator slashing losses

Lido maintains a coverage fund to compensate stETH holders in case of operator slashing. Fund adequacy is tested through Lido's risk committee assessments.

wstETH bridged to L2s via canonical bridges

wstETH is available on Arbitrum, Optimism, Base, Polygon, ZKsync, and other L2s. In March 2026, Lido identified a potential smart contract weakness in the ZKsync wstETH bridge endpoint contract. No funds were exploited. New wstETH deposits to ZKsync were paused as a precaution; existing wstETH on ZKsync can be withdrawn. A fix has been prepared and will be deployed via a governance vote in late March 2026. This is a bridge contract issue, not a core stETH/wstETH protocol risk.

A single protocol controlling 28%+ of staked ETH approaches the 33% threshold for consensus interference. Coordinated operator failure or governance capture could threaten Ethereum's liveness.

stETH/wstETH is widely used as collateral in Aave, Maker, and other protocols. A depeg event (as seen in June 2022) triggers cascading liquidations across DeFi, amplifying market stress.

During a mass slashing event, the bunker mode withdrawal queue delays user exits. While the operator set has expanded to 683+ operators across multiple modules, correlated slashing risk remains elevated during systemic events.

A compromised oracle committee could report inflated validator balances, artificially increasing stETH supply and diluting existing holders. Multi-sig protection mitigates but doesn't eliminate risk.

LDO token governance controls which operators are whitelisted. A governance attack (via token accumulation) could onboard malicious operators. The stETH veto mechanism partially mitigates this.