Introducing the Node Operator Risk Standard (NORS) 🎉

Is liquid staking safe?

Comparing the risks of liquid staking participating to other DeFi opportunities.

Is liquid staking safe?

Participating in crypto, including liquid staking, always involves some level of risk. However, the risks associated with direct liquid staking protocols are different from those in other forms of decentralized finance (DeFi) activities.

Liquid Collective is optimized for security to protect from both malicious and incompetent actors. From contract design to organizational structure, Liquid Collective’s focus on mitigating risk is a core differentiator for the protocol.


Liquid staking vs other DeFi options

When participating on the blockchain, the most vulnerable time is when a user’s ETH is sitting in a private smart contract. The longer it sits, the more potential risk. While 2023 saw lower absolute value lost to hacks, significant losses were experienced, particularly by DeFi lenders and crypto bridges. As noted by Lucas Outumuro, Head of Research at IntoTheBlock, “In terms of the underlying causes [of DeFi hacks], most of the economic exploits have been due to poor mechanism design. Most of the technical attacks have been due to smart contract bugs and inadequate private key management.”

When lending via a DeFi protocol or bridging tokens between chains, a user’s ETH remains susceptible to attack for an extended period of time. With liquid staking, an individual user’s ETH sits in a smart contract for a limited time before it is automatically deposited to Ethereum’s deposit contract, a significantly more secure contract. The Ethereum deposit contract is intensely scrutinized due to the value stored and is considered secure due to the number of years it has been used and the amount of peer review it has experienced.


Liquid Collective is designed with security in mind

ETH staked using the Liquid Collective protocol goes into the River smart contract, which orchestrates the delegation of ETH to validators via Ethereum’s core deposit contract. Liquid Collective has carefully considered every aspect of the smart contract design to enhance security.

  • An Allowlist to interact with the Liquid Collective smart contract requires participants to be KYC’d, resulting in a significantly smaller set of actors that can touch the contract
  • A proxy firewall to filter calls to the contract and ensure only callers with the appropriate role can get through
  • Audits by independent security firms including Halborn and Spearbit before any protocol feature has been deployed to mainnet
  • Public code for all to peer review and for straightforward scrutiny by all participating enterprises
  • Operators (Node Operators, Platforms) all undergo compliance/Know Your Business (KYB) checks
  • Collaboration with existing liquid staking technology providers to leverage their battle-tested code


Liquid Collective mitigates for all risk types

It is important to note that there is always risk to liquid staking participation. Liquid Collective has mitigation plans if an issue were to arise.

Slashing risk, where validators may be penalized for failing to perform their job efficiently, can result from validator downtime and from a double signing event. Liquid Collective conducts counterparty checks on the protocol’s active validator set. Liquid Collective leverages the support of security-focused Node Operators that institute best practices, including multi-cloud, multi-region infrastructure, technical support teams, and security posturing (including double-sign protection).

In the event that a slashing event occurs the protocol provides a robust Slashing Coverage Program, including Nexus Mutual cover, provided to every LsETH holder via the LsETH user agreement.


Liquid Collective x Obol report providing a holistic view of today’s staking diversity and correlation risks on Ethereum, plus recent proposals and upcoming changes that may shift network dynamics.

Obol Labs x Liquid Collective: Ethereum’s Correlation Risks

Explore the critical aspects of correlation risk factors in ETH staking, including client, operator, and geographic diversity, along with mitigation strategies to enhance network security and resilience, in our report.

View Report


A hack, where the minting functionality for LsETH is compromised, is another potential risk. Protocol activity, such as LsETH supply updates, is monitored and analyzed to pinpoint any anomalies. In the case one occurs, a first incident response plan is executed to remedy the issue, which may result in pausing the protocol to temporarily disable all types of activities. All such preventive measures are reported transparently.

To learn more about security considerations for liquid staking protocols, read our post on ETH liquid staking with Liquid Collective.

Your subscription could not be saved. Please try again.
Thank you for subscribing!

Sign up for the newsletter

Follow @liquid_col for updates