Lido Internal Security Audit
Commit-Boost (with PBS module)APMC
Participant | Comments | Vote (Y/N) |
Gabriella | Adopting Commit-Boost (PBS module) is a practical step toward long-term protocol goals, which has already showed reliability and performance on mainnet with near 10% of validators adopting the sidecar, including a number of Lido’s operators. | Yes |
Ivan | - | Yes |
Drew | Vote yes, we have been testing Commit-Boost + PBS for months across many NO in and outside of Lido’s curated set. The code related to Commit-Boost + PBS was largely audited by SigmaPrime. Last over 10% of the network has been running Commit-Boost for months to weeks (depending on the NO) without reporting any issues. | Yes |
Fredrik | I’m positive towards commit-boost, my concern is about the impact an issue in commit-boost could have on the network given the size of Lido operators on the network.
Before deployment my advice would be to:
1. Verify the changes made between the Sigma Prime audit and now to ensure nothing major have changed that could have a negative impact on how it will be used by Lido.
2. Ensure that commit-boost is part of the Ethereum testing program (I have asked the ethpandaops team to include commit-boost in kurtosis, devnets and testnets moving forward).
3. It should not be necessary to run commit-boost-cli to generate the relevant docker files, there should be example docker files to modify and ability to run directly from Docker. | Yes (with some suggestions) |
Vish | Commit boost has been used by Chorus One on most of its non Lido nodes for the last few months. We have found it to be highly stable and commit-boost to meaningfully extends validator agency, drastically reduces the risk surface of multiple sidecars, and improve performance across the board. | Yes |
Sébastien | Commit-boost PBS has been thoroughly used in production environments at scale both in testnets and mainnet. In PBS-only mode there is no security implication as no key is required: it can be used in a similar fashion to mev-boost which is familiar to operators. Some features around multiplexing can help at scale. | Yes |
Justin (non-voting) | - |