BTC 
ETH 
USDT 
BNB 
SOL 
USDC 
XRP 
TON 
DOGE 
ADA 
Users of the stake SOL on Lido are fearing the worst-case scenario after a vulnerability has locked up $24 million in deposits.
A bug in Lido's Solana protocol code is preventing withdrawals. Lido sunset its Solana protocol in February, removing its web interface. But the protocol still holds $24 million worth of SOL. Now the more than 31,000 wallets holding stSOL are stuck in limbo. DLNEWS reported.…
— Wu Blockchain (@WuBlockchain) April 3, 2024
Lido is a liquid staking protocol – it allows users to stake tokens and receive representative tokens for use in other DeFi protocols. With over $31 billion in deposits, Lido is the largest protocol in DeFi.
However, Lido’s Solana version, allowing users to stake SOL and receive stSOL, is not as popular as Solana’s dominant liquid staking protocols, Marinade and Jito. In October, Lido announced plans to sunset the Solana version and shut down the website allowing holders of stSOL to swap their tokens for SOL.
When Lido shut down the website in February, users still held over 112,000 stSOL with a market value over $24 million.
Aside from the lack of an easy withdrawal method, a new bug found in Lido’s smart contracts is also preventing stSOL holders from withdrawing funds.
Now, over 31,000 wallets holding stSOL are stuck in limbo.
Lido has not responded to requests for comment.
Lido shuts down stake SOL website
When Lido shut down the website for the Solana version in February, they required remaining depositors to interact directly with the protocol code to retrieve tokens – a challenging and risky task for those with limited technical knowledge.
Despite warning stSOL holders nearly 5 months before the web interface was removed, many missed the deadline.
User Thehaddon said in the Lido Discord:
I’m really disappointed. I’m not a programmer, and without an official web interface, I have no way to do this.
The web interface has been removed, and this isn’t the only thing preventing stSOL holders from accessing their tokens.
A bug in the codebase affecting the smart contract logic of the protocol is also hindering withdrawals, Pavel Pavlov, a product lead at P2P, said in a Discord post on March 30.
P2P is the company tasked with operating Lido’s Solana protocol before it was shut down.
The contract changes are quite complex and time-consuming, unfortunately with no estimated completion time.
Related: MEW – Another Memecoin on Solana Impresses Investors
LDO chart after this announcement
After this incident was discovered, the LDO/USDT pair price didn’t experience anything severe, currently trading at 2.6 (down 8% from yesterday due to market volatility).
