.svg){kind=icon}
.svg)
.svg)
.svg)
.svg)
.svg)
.svg){kind=icon}
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
This team focuses on applied audits, correctness checks, code reviews, L1/L2 risk, and more.
Now hiring!
•
Large DeFi protocols rarely fail because of obvious bugs. After multiple audits and years of production use, the remaining risks tend to appear in edge cases, contract interactions, and assumptions that only surface under specific conditions.
To explore those scenarios, the Lido team conducted a series of adversarial AI security competitions on AgentArena, an adversarial AI auditing platform where multiple independent agents analyze the same codebase in parallel.
Lido operates one of the most widely used liquid staking infrastructures in DeFi. Its smart contracts have undergone extensive audits and sustained real-world use, placing them among the most mature codebases in the ecosystem.
Three competitive AI auditing bounty competitions were conducted on AgentArena. Submissions were evaluated by an AI arbiter to assess relevance, severity, and duplication, then reviewed by experienced human auditors who filtered false positives and validated technical accuracy.
Across the three competitions, the analysis surfaced:
These findings focused primarily on edge cases, invariant assumptions, and opportunities to strengthen contract logic.
One of the most significant Medium severity findings involved slippage protection logic across interacting contracts. The analysis showed that protections enforced in one contract could be capped by constraints in another contract, causing slippage safeguards to become ineffective under certain adverse rate changes.
The issue was surfaced during the final competition after improvements were made to the contextual documentation provided to the analysis agents. This highlighted how clearly defined system assumptions and architectural intent can materially influence the effectiveness of adversarial analysis.
All findings were validated by human auditors before being shared with the Lido team.
“Overall, the validated findings were comparable in quality to those identified by experienced human auditors and were genuinely useful to our own internal reviewers.”
Gregory S., Lido Audit Committee
Finding medium-severity issues in a codebase this mature required a different approach. Adversarial AI analysis is one layer. Manual audits, formal verification, and continuous tooling are the others. Nethermind does all of them.
.svg)
Building blocks for the decentralized future
Nethermind © 2026
