Skip to content

[EPIC] Lido V3 Release #1584

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
tamtamchik wants to merge 3,291 commits into
base: master
Choose a base branch
from
Open

[EPIC] Lido V3 Release #1584

tamtamchik wants to merge 3,291 commits into from
+61,310 −11,993

Conversation

@tamtamchik
Copy link
Member

@tamtamchik tamtamchik commented Dec 2, 2025

folkyatina and others added 30 commits October 29, 2025 10:51
@folkyatina
Merge pull request #1533 from lidofinance/feat/audit-8
3366c94 
[VAULTS] Audit fixes 7
@folkyatina @tamtamchik
Merge pull request #1535 from lidofinance/fix/revert-on-burn-on-pause
7aaf6a9 
fix: burning external shares with paused staking
@folkyatina
fix(NodeOperatorFee): charge fee quarantined value
138921e
@folkyatina
fix(VaultHub): pause VaultHub implementation
68b4b28
@tamtamchik
feat: pause VaultHub implementation
59f1185
@tamtamchik
chore: after review
513fb10
@folkyatina
fix(Dashboard): disable fee accrual by default on disconnect
0802c17
@folkyatina
test: fix unit tests
a6273f8
@folkyatina
test: restore integration tests
f06ed84
@folkyatina
feat(LazyOracle): add totalValueReminder to quarantine logic and upda…
3503873 
…te related functions
@folkyatina
fix(LazyOracle): fix typo
c2d6f7c
@folkyatina
fix(NodeOperatorFee): after review polish
77b58ba
@folkyatina
test: extract and improve quarantine tests
6547709
@folkyatina
chore: remove a bit of dead code
cfdc077
@folkyatina
fix(Dashboard): remove _currentSettledGrowth param from connect methods
3c7b1ae
@folkyatina
fix(OperatorGrid): final solution of the wrong shortfall problem
4717e16
@tamtamchik
test: fix vault hub creation
c4f1389
@tamtamchik
Merge pull request #1537 from lidofinance/fix/pause-vault-hub-impl
713f3c8 
feat: pause VaultHub implementation
@folkyatina
fix(LazyOracle): small fixes after review
1b8f838
@folkyatina
fix(LazyOracle): case with slashing after quarantine start
95ade9c
@folkyatina
test(VaultHub): add a test for shortfall on last numbers from Certora
34665a9
@folkyatina
Merge pull request #1538 from lidofinance/fix/no-fee-revamp-2
f453de4 
[VAULTS] Fix/no-fee-revamp-2
@folkyatina
Merge pull request #1540 from lidofinance/fix/shortfall-again
33006a9 
[VAULTS] Final fix for the wrong shortfall problem
@folkyatina
test: fix a test
ebf1a00
@folkyatina
Merge pull request #1541 from lidofinance/feat/audit-9
3807a31 
[VAULTS] Audit fixes 8
@tamtamchik
feat: hoodi patch 2
d4fc0d5
@folkyatina
chore: add workflow for hoodi tests
084d93e
@folkyatina
chore: change the name of the workflow
39c5825
@folkyatina
chore: fix naming
8e866ab
@folkyatina
test: add HOODI prefix handling to env
5382c1e
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 7, 2025
View reviewed changes
contracts/0.4.24/Lido.sol
Comment on lines +1251 to +1253
function _getTotalAndExternalShares() internal view returns (uint256, uint256) {
return TOTAL_AND_EXTERNAL_SHARES_POSITION.getLowAndHighUint128();
}

Check warning

Code scanning / Slither

Unused return Medium

Lido._getTotalAndExternalShares() ignores return value by TOTAL_AND_EXTERNAL_SHARES_POSITION.getLowAndHighUint128()
contracts/0.4.24/Lido.sol
Comment on lines +1271 to +1273
function _getBufferedEtherAndDepositedValidators() internal view returns (uint256, uint256) {
return BUFFERED_ETHER_AND_DEPOSITED_VALIDATORS_POSITION.getLowAndHighUint128();
}

Check warning

Code scanning / Slither

Unused return Medium

Lido._getBufferedEtherAndDepositedValidators() ignores return value by BUFFERED_ETHER_AND_DEPOSITED_VALIDATORS_POSITION.getLowAndHighUint128()
contracts/0.4.24/Lido.sol
Comment on lines +1285 to +1287
function _getClBalanceAndClValidators() internal view returns (uint256, uint256) {
return CL_BALANCE_AND_CL_VALIDATORS_POSITION.getLowAndHighUint128();
}

Check warning

Code scanning / Slither

Unused return Medium

Lido._getClBalanceAndClValidators() ignores return value by CL_BALANCE_AND_CL_VALIDATORS_POSITION.getLowAndHighUint128()
contracts/0.8.25/vaults/StakingVault.sol
Comment on lines +382 to +410
function triggerValidatorWithdrawals(
bytes calldata _pubkeys,
uint64[] calldata _amountsInGwei,
address _excessRefundRecipient
) external payable onlyOwner {
if (msg.value == 0) revert ZeroArgument("msg.value");
if (_pubkeys.length == 0) revert ZeroArgument("_pubkeys");
if (_pubkeys.length % PUBLIC_KEY_LENGTH != 0) revert InvalidPubkeysLength();
if (_excessRefundRecipient == address(0)) revert ZeroArgument("_excessRefundRecipient");

uint256 feePerRequest = TriggerableWithdrawals.getWithdrawalRequestFee();
uint256 totalFee = (_pubkeys.length / PUBLIC_KEY_LENGTH) * feePerRequest;
if (msg.value < totalFee) revert InsufficientValidatorWithdrawalFee(msg.value, totalFee);

// If amounts array is empty, trigger full withdrawals, otherwise use amount-driven withdrawal types
if (_amountsInGwei.length == 0) {
TriggerableWithdrawals.addFullWithdrawalRequests(_pubkeys, feePerRequest);
} else {
TriggerableWithdrawals.addWithdrawalRequests(_pubkeys, _amountsInGwei, feePerRequest);
}

uint256 excess = msg.value - totalFee;
if (excess > 0) {
(bool success, ) = _excessRefundRecipient.call{value: excess}("");
if (!success) revert TransferFailed(_excessRefundRecipient, excess);
}

emit ValidatorWithdrawalsTriggered(_pubkeys, _amountsInGwei, excess, _excessRefundRecipient);
}

Check warning

Code scanning / Slither

Divide before multiply Medium

StakingVault.triggerValidatorWithdrawals(bytes,uint64[],address) performs a multiplication on the result of a division:
- totalFee = (_pubkeys.length / PUBLIC_KEY_LENGTH) * feePerRequest
contracts/0.8.25/vaults/StakingVault.sol
Comment on lines +421 to +443
function ejectValidators(bytes calldata _pubkeys, address _refundRecipient) external payable {
if (msg.value == 0) revert ZeroArgument("msg.value");
if (_pubkeys.length == 0) revert ZeroArgument("_pubkeys");
if (_pubkeys.length % PUBLIC_KEY_LENGTH != 0) revert InvalidPubkeysLength();
if (msg.sender != _storage().nodeOperator) revert SenderNotNodeOperator();

// If the refund recipient is not set, use the sender as the refund recipient
if (_refundRecipient == address(0)) _refundRecipient = msg.sender;

uint256 feePerRequest = TriggerableWithdrawals.getWithdrawalRequestFee();
uint256 totalFee = (_pubkeys.length / PUBLIC_KEY_LENGTH) * feePerRequest;
if (msg.value < totalFee) revert InsufficientValidatorWithdrawalFee(msg.value, totalFee);

TriggerableWithdrawals.addFullWithdrawalRequests(_pubkeys, feePerRequest);

uint256 excess = msg.value - totalFee;
if (excess > 0) {
(bool success, ) = _refundRecipient.call{value: excess}("");
if (!success) revert TransferFailed(_refundRecipient, excess);
}

emit ValidatorEjectionsTriggered(_pubkeys, excess, _refundRecipient);
}

Check warning

Code scanning / Slither

Divide before multiply Medium

StakingVault.ejectValidators(bytes,address) performs a multiplication on the result of a division:
- totalFee = (_pubkeys.length / PUBLIC_KEY_LENGTH) * feePerRequest
contracts/0.8.25/vaults/dashboard/Dashboard.sol
Comment on lines +691 to +698
function _burnWstETH(uint256 _amountOfWstETH) internal {
SafeERC20.safeTransferFrom(WSTETH, msg.sender, address(this), _amountOfWstETH);
uint256 unwrappedStETH = WSTETH.unwrap(_amountOfWstETH);
uint256 unwrappedShares = _getSharesByPooledEth(unwrappedStETH);

STETH.transferShares(address(VAULT_HUB), unwrappedShares);
_burnShares(unwrappedShares);
}

Check warning

Code scanning / Slither

Unused return Medium

Dashboard._burnWstETH(uint256) ignores return value by STETH.transferShares(address(VAULT_HUB),unwrappedShares)
contracts/0.8.9/Accounting.sol
) internal {
_sanityChecks(_contracts, _report, _pre, _update);

uint256 lastWithdrawalRequestToFinalize;

Check warning

Code scanning / Slither

Uninitialized local variables Medium

Accounting._applyOracleReportContext(Accounting.Contracts,ReportValues,Accounting.PreReportState,Accounting.CalculatedValues).lastWithdrawalRequestToFinalize is a local variable never initialized
contracts/0.8.9/Burner.sol
if (_token == address(LIDO)) revert StETHRecoveryWrongFunc();

emit ERC721Recovered(msg.sender, _token, _tokenId);
IERC721(_token).transferFrom(address(this), LOCATOR.treasury(), _tokenId);

Check warning

Code scanning / Slither

Token Approve Warning Medium

Burner recoverERC721 parameter from is not related to msg.sender IERC721(_token).transferFrom(address(this),LOCATOR.treasury(),_tokenId)
contracts/openzeppelin/5.2/upgradeable/access/extensions/AccessControlEnumerableUpgradeable.sol
Comment on lines +97 to +104
function _revokeRole(bytes32 role, address account) internal virtual override returns (bool) {
AccessControlEnumerableStorage storage $ = _getAccessControlEnumerableStorage();
bool revoked = super._revokeRole(role, account);
if (revoked) {
$._roleMembers[role].remove(account);
}
return revoked;
}

Check warning

Code scanning / Slither

Unused return Medium

AccessControlEnumerableUpgradeable._revokeRole(bytes32,address) ignores return value by $._roleMembers[role].remove(account)
@github-actions
Copy link

github-actions bot commented Dec 7, 2025
edited
Loading

badge

Hardhat Unit Tests Coverage Summary

Filename                                                                Stmts    Miss  Cover    Missing
--------------------------------------------------------------------  -------  ------  -------  -----------------------------------------------------------------------------------------------------------
contracts/0.4.24/Lido.sol                                                 281      11  96.09%   825-844, 940-952
contracts/0.4.24/StETH.sol                                                 80       0  100.00%
contracts/0.4.24/StETHPermit.sol                                           15       0  100.00%
contracts/0.4.24/lib/Packed64x4.sol                                         5       0  100.00%
contracts/0.4.24/lib/SigningKeys.sol                                       36       0  100.00%
contracts/0.4.24/lib/StakeLimitUtils.sol                                   41       0  100.00%
contracts/0.4.24/nos/NodeOperatorsRegistry.sol                            435       0  100.00%
contracts/0.4.24/utils/Pausable.sol                                         9       0  100.00%
contracts/0.4.24/utils/UnstructuredStorageExt.sol                          14       0  100.00%
contracts/0.4.24/utils/Versioned.sol                                        5       0  100.00%
contracts/0.6.12/WstETH.sol                                                17       0  100.00%
contracts/0.8.25/ValidatorExitDelayVerifier.sol                            75       0  100.00%
contracts/0.8.25/utils/AccessControlConfirmable.sol                         2       0  100.00%
contracts/0.8.25/utils/Confirmable2Addresses.sol                            5       0  100.00%
contracts/0.8.25/utils/Confirmations.sol                                   37       0  100.00%
contracts/0.8.25/utils/PausableUntilWithRoles.sol                           3       0  100.00%
contracts/0.8.25/vaults/LazyOracle.sol                                    134      18  86.57%   203-209, 248, 276-279, 436, 449, 467, 515, 556-558, 650, 658
contracts/0.8.25/vaults/OperatorGrid.sol                                  196       1  99.49%   203
contracts/0.8.25/vaults/PinnedBeaconProxy.sol                               6       0  100.00%
contracts/0.8.25/vaults/StakingVault.sol                                  111      14  87.39%   307-341
contracts/0.8.25/vaults/ValidatorConsolidationRequests.sol                 48       3  93.75%   183, 187, 199
contracts/0.8.25/vaults/VaultFactory.sol                                   34       0  100.00%
contracts/0.8.25/vaults/VaultHub.sol                                      425      76  82.12%   257-266, 281-287, 342-366, 383, 552-553, 595-688, 997-999, 1087-1091, 1147, 1202-1209, 1495-1496, 1511-1521
contracts/0.8.25/vaults/dashboard/Dashboard.sol                           137       8  94.16%   183-201, 327, 636-649
contracts/0.8.25/vaults/dashboard/NodeOperatorFee.sol                      70       0  100.00%
contracts/0.8.25/vaults/dashboard/Permissions.sol                          47       2  95.74%   321-330
contracts/0.8.25/vaults/interfaces/IPinnedBeaconProxy.sol                   0       0  100.00%
contracts/0.8.25/vaults/interfaces/IPredepositGuarantee.sol                 0       0  100.00%
contracts/0.8.25/vaults/interfaces/IStakingVault.sol                        0       0  100.00%
contracts/0.8.25/vaults/interfaces/IVaultFactory.sol                        0       0  100.00%
contracts/0.8.25/vaults/lib/PinnedBeaconUtils.sol                           5       0  100.00%
contracts/0.8.25/vaults/lib/RecoverTokens.sol                               5       0  100.00%
contracts/0.8.25/vaults/lib/RefSlotCache.sol                               36       0  100.00%
contracts/0.8.25/vaults/predeposit_guarantee/CLProofVerifier.sol           16       1  93.75%   214
contracts/0.8.25/vaults/predeposit_guarantee/MeIfNobodyElse.sol             3       0  100.00%
contracts/0.8.25/vaults/predeposit_guarantee/PredepositGuarantee.sol      213      12  94.37%   482-502, 531, 670, 677, 699
contracts/0.8.9/Accounting.sol                                             96       2  97.92%   349-350
contracts/0.8.9/BeaconChainDepositor.sol                                   21       2  90.48%   48, 51
contracts/0.8.9/Burner.sol                                                 92       0  100.00%
contracts/0.8.9/DepositSecurityModule.sol                                 128       0  100.00%
contracts/0.8.9/EIP712StETH.sol                                            16       0  100.00%
contracts/0.8.9/LidoExecutionLayerRewardsVault.sol                         16       0  100.00%
contracts/0.8.9/LidoLocator.sol                                            26       0  100.00%
contracts/0.8.9/OracleDaemonConfig.sol                                     28       0  100.00%
contracts/0.8.9/StakingRouter.sol                                         305       0  100.00%
contracts/0.8.9/TokenRateNotifier.sol                                      36      36  0.00%    35-130
contracts/0.8.9/TriggerableWithdrawalsGateway.sol                          54       1  98.15%   271
contracts/0.8.9/WithdrawalQueue.sol                                        88       0  100.00%
contracts/0.8.9/WithdrawalQueueBase.sol                                   146       0  100.00%
contracts/0.8.9/WithdrawalQueueERC721.sol                                  89       0  100.00%
contracts/0.8.9/WithdrawalVault.sol                                        32       0  100.00%
contracts/0.8.9/WithdrawalVaultEIP7002.sol                                 21       0  100.00%
contracts/0.8.9/lib/ExitLimitUtils.sol                                     35       0  100.00%
contracts/0.8.9/lib/Math.sol                                                4       0  100.00%
contracts/0.8.9/lib/PositiveTokenRebaseLimiter.sol                         22       0  100.00%
contracts/0.8.9/lib/UnstructuredRefStorage.sol                              2       0  100.00%
contracts/0.8.9/oracle/AccountingOracle.sol                               174       0  100.00%
contracts/0.8.9/oracle/BaseOracle.sol                                      89       1  98.88%   401
contracts/0.8.9/oracle/HashConsensus.sol                                  263       1  99.62%   1005
contracts/0.8.9/oracle/ValidatorsExitBus.sol                              138      10  92.75%   458-471, 541
contracts/0.8.9/oracle/ValidatorsExitBusOracle.sol                         52       1  98.08%   217
contracts/0.8.9/proxy/OssifiableProxy.sol                                  17       0  100.00%
contracts/0.8.9/proxy/WithdrawalsManagerProxy.sol                          60       0  100.00%
contracts/0.8.9/sanity_checks/OracleReportSanityChecker.sol               232      12  94.83%   307-309, 600-605, 800-835, 956
contracts/0.8.9/utils/DummyEmptyContract.sol                                0       0  100.00%
contracts/0.8.9/utils/PausableUntil.sol                                    31       0  100.00%
contracts/0.8.9/utils/Versioned.sol                                        11       0  100.00%
contracts/0.8.9/utils/access/AccessControl.sol                             23       0  100.00%
contracts/0.8.9/utils/access/AccessControlEnumerable.sol                    9       0  100.00%
contracts/common/utils/PausableUntil.sol                                   29       0  100.00%
TOTAL                                                                    4931     212  95.70%

Diff against master

Filename                                                                Stmts    Miss  Cover
--------------------------------------------------------------------  -------  ------  --------
contracts/0.4.24/Lido.sol                                                 +69     +11  -3.91%
contracts/0.4.24/StETH.sol                                                 +8       0  +100.00%
contracts/0.4.24/lib/StakeLimitUtils.sol                                   +4       0  +100.00%
contracts/0.4.24/utils/UnstructuredStorageExt.sol                         +14       0  +100.00%
contracts/0.8.25/utils/AccessControlConfirmable.sol                        +2       0  +100.00%
contracts/0.8.25/utils/Confirmable2Addresses.sol                           +5       0  +100.00%
contracts/0.8.25/utils/Confirmations.sol                                  +37       0  +100.00%
contracts/0.8.25/utils/PausableUntilWithRoles.sol                          +3       0  +100.00%
contracts/0.8.25/vaults/LazyOracle.sol                                   +134     +18  +86.57%
contracts/0.8.25/vaults/OperatorGrid.sol                                 +196      +1  +99.49%
contracts/0.8.25/vaults/PinnedBeaconProxy.sol                              +6       0  +100.00%
contracts/0.8.25/vaults/StakingVault.sol                                 +111     +14  +87.39%
contracts/0.8.25/vaults/ValidatorConsolidationRequests.sol                +48      +3  +93.75%
contracts/0.8.25/vaults/VaultFactory.sol                                  +34       0  +100.00%
contracts/0.8.25/vaults/VaultHub.sol                                     +425     +76  +82.12%
contracts/0.8.25/vaults/dashboard/Dashboard.sol                          +137      +8  +94.16%
contracts/0.8.25/vaults/dashboard/NodeOperatorFee.sol                     +70       0  +100.00%
contracts/0.8.25/vaults/dashboard/Permissions.sol                         +47      +2  +95.74%
contracts/0.8.25/vaults/interfaces/IPinnedBeaconProxy.sol                   0       0  +100.00%
contracts/0.8.25/vaults/interfaces/IPredepositGuarantee.sol                 0       0  +100.00%
contracts/0.8.25/vaults/interfaces/IStakingVault.sol                        0       0  +100.00%
contracts/0.8.25/vaults/interfaces/IVaultFactory.sol                        0       0  +100.00%
contracts/0.8.25/vaults/lib/PinnedBeaconUtils.sol                          +5       0  +100.00%
contracts/0.8.25/vaults/lib/RecoverTokens.sol                              +5       0  +100.00%
contracts/0.8.25/vaults/lib/RefSlotCache.sol                              +36       0  +100.00%
contracts/0.8.25/vaults/predeposit_guarantee/CLProofVerifier.sol          +16      +1  +93.75%
contracts/0.8.25/vaults/predeposit_guarantee/MeIfNobodyElse.sol            +3       0  +100.00%
contracts/0.8.25/vaults/predeposit_guarantee/PredepositGuarantee.sol     +213     +12  +94.37%
contracts/0.8.9/Accounting.sol                                            +96      +2  +97.92%
contracts/0.8.9/Burner.sol                                                +21       0  +100.00%
contracts/0.8.9/LidoLocator.sol                                            +6       0  +100.00%
contracts/0.8.9/TokenRateNotifier.sol                                     +36     +36  +100.00%
contracts/0.8.9/oracle/AccountingOracle.sol                               -19       0  +100.00%
contracts/0.8.9/oracle/ValidatorsExitBus.sol                                0      +9  -6.53%
contracts/0.8.9/proxy/WithdrawalsManagerProxy.sol                         +60       0  +100.00%
contracts/0.8.9/sanity_checks/OracleReportSanityChecker.sol                 0     +12  -5.17%
contracts/common/utils/PausableUntil.sol                                  +29       0  +100.00%
TOTAL                                                                   +1857    +205  -1.62%

Results for commit: 77c3ed4

Minimum allowed coverage is 95%

♻️ This comment has been updated with latest results

@folkyatina folkyatina added the vaults Lido stVaults related changes label Dec 8, 2025
folkyatina and others added 24 commits December 8, 2025 13:27
@folkyatina
test: better time advancements in tests
b51d90a
@folkyatina
test: fix quarantine test
140f5b2
@folkyatina
test: another fix for the quarantine test
83292b0
@dry914
fix: update hardcoded IVaultsAdapter
5cd1c0c
@failingtwice
test: improve happy path
f0e8808
@tamtamchik
Merge pull request #1595 from lidofinance/fix/update-vault-hub-interface
dff61bb 
fix: update hardcoded IVaultsAdapter
@failingtwice
feat: redeploy V3VoteScript with correct VaultsAdapter interface
9bd414f
@failingtwice
fix: update tests for hoodi
030af4f
@folkyatina
test: better PDG cases
69e827c
@folkyatina
Merge pull request #1592 from lidofinance/node-operator-happy-path-test
3321d6d 
test: add a node operator happy path
@tamtamchik
feat: add pause to pdg
0da3f80
@tamtamchik
feat: unpause pdg for tests
2c915fa
@tamtamchik
Merge pull request #1596 from lidofinance/redeploy-v3-vote-script
8672ee1 
feat: redeploy V3VoteScript with correct VaultsAdapter interface
@tamtamchik
ci: fix update tests
933ebbc
@failingtwice
test: test recover tokens
c0034fc
@tamtamchik
Merge pull request #1599 from lidofinance/feat/update-voting
b8d51cc 
feat: add pause to pdg
@failingtwice
feat: add rejection tests
45f609c
@failingtwice
feat: redeploy V3VoteScript with PDG pause on start
238af02
@failingtwice
feat: improve tests
dbb1611
@folkyatina
Merge pull request #1594 from lidofinance/test/better-tests
6ff1d86 
PDG test improvements
@folkyatina
test: adjust default RR to 50_00 if not
636e4dd
@folkyatina
Merge pull request #1603 from lidofinance/fix/hoodi-tests
ec1dc8d 
Make Hoodi green again
@folkyatina
Merge pull request #1601 from lidofinance/test/recover-tokens
f4f6e60 
test: test recover tokens
@tamtamchik
Merge pull request #1602 from lidofinance/redeploy-vote-script-with-p…
77c3ed4 
…dg-pause

feat: redeploy V3VoteScript with PDG pause on start
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

vaults Lido stVaults related changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@tamtamchik @folkyatina @arwer13 @dry914 @failingtwice