Lido CSM

The Community Staking Module (CSM) is the Lido protocol’s first module with permissionless entry, allowing any node operator to operate validators by providing an ETH-based bond as security collateral

Workflow breakdown

Recall that running bonded validators via the Lido CSM does not require setting up a separate service on your hardware.

Instead, you simply tweak the parameters of the following steps of the native solo staking setup.

  1. Configure a separate validator client (and/or beacon node) while setting the fee_recipient flag to the Lido Execution Layer Rewards Vault on Holesky : 0xE73a3602b99f1f913e72F8bdcBC235e206794Ac8 and import the newly generated CSM keystores

  2. On your MEV-Boost service, Do not set the-min-bid flag (or set 0) and set the -relay flags only to the list of designated MEV relays for Lido CSM on Holesky (refer to "Key settings to note" section)

  3. Upload the newly generated deposit data file pertaining to your CSM keystores onto the Lido CSM Widget and provide the required bond amount in ETH/stETH/wstETH

  4. Wait for your CSM validator keys to be deposited by Lido and make sure your node remains online in the meantime!

DO NOT DEPOSIT 32 ETH using the deposit data file generated this way as the Lido CSM will make the deposit for you. Doing so will result in a loss of funds.

*Step-by-step guide in the following sub-sections

Get Support

Join here: https://discord.com/invite/lido

Instructions

  • Select the Rules channel and react

  • Select the cs-get-started channel and react with both emojis

  • Drop your questions in the csm-testnet channel

How CSM works

As an overview, the Lido CSM deposits valid validator keys uploaded by node operators if the minimum bond required has also been provided.

"Valid validator keys" in this case refers to validator keystores generated while setting the withdrawalAddress field to the Lido CSM contract.

Rewards

Solo stakers receive rewards from 2 sources:

  1. Bond rebase: staking rewards generated from the bonded tokens ((w)stETH)--e.g., 90% * ETH PoS staking yield * total ETH bond provided

  2. Node Operator rewards: a 7% share of rewards from the active validator keys deposited by the Lido Protocol with possible reductions for bad performance--e.g., 7% * ETH PoS staking yield * total validator keys deposited (32 ETH each) - poor performance penalties

Note: The share of rewards % above apply only on CSM Holesky testnet. The values for mainnet may differ and will be set upon the mainnet launch by DAO vote

Further, CSM operators will enjoy 2 additional rewards features described in more detail here:

  • Rewards smoothing across all Lido modules (e.g., block proposer rewards, sync committee rewards)

  • Rewards socialisation among validators whose performance exceeds a certain threshold and underperforming validators will receive no node operator rewards for the given frame

Bond mechanics

Providing the CSM bond

The required bond amounts can be provided by anyone, although it will most likely come from the node operator using the CSM (CSM operator) themselves.

Bond decrease

The bond provided serves as a deterrence against dishonest behaviours and poor performance by the node operator. e.g.,

  1. MEV theft: If detected, a fine will be imposed by burning part of the node operator's bond and an amount of bond equivalent to the stolen amount will be locked until it is made whole.

  2. Slashing events: Slashing penalties will be deducted from the bond amount and burnt

  3. Sustained poor performance: If the effective balance of any validators fall below 32 ETH, the shortfall will be deducted from the bond amount and burnt

These events will cause the net bond balance of the CSM operator to fall below the required threshold.

In this scenario, the CSM node operator will cease to accrue rewards on their validator keys deposited by Lido CSM until:

  • The CSM node operator tops up the shortage

  • New rewards generated by the CSM node operator fills up the shortage--e.g., All new rewards will be used to replenish the bond shortage until it is back to the required level

Bond increase

On the other hand, because the bond is provided in stETH (which rebases in quantity), the bond balance of CSM operators will increase over time, above the required threshold.

Excess bond balance, together with accrued rewards, will be claimable by CSM operators from the CSM Web App.

More details on bond mechanics here.

Rewards Address & Manager Address

There are 2 main addresses used by CSM operators.

  1. Rewards Address: This is the address that all accrued rewards and excess bond amounts will go to when claimed. Rewards Addresses can change Manager Addresses but Rewards Addresses can only be changed by itself.

  2. Manager Address: This is the address that can trigger the claiming of all accrued rewards and excess bond amounts to the Rewards Address. The Manager Address can also upload/remove new/existing deposit data files. The Manager Address cannot change the Rewards Address.

Upon creation of a Node Operator these addresses are set equal, but they can be changed afterwards.

It is recommended to use different addresses for security reasons. A hot wallet may be used for the Manager address to simplify daily operations, while a cold wallet is preferable for the Rewards address to enhance security. Node Operators are solely responsible for the security of the private keys related to these addresses.

For example, CSM operators with their hot wallet addresses included in the Early Adoption list can change their Rewards Address to a more secure address

More details on Rewards vs Manager addresses here.

Key settings to note

These settings are part of the expectations for all node operators participating in the CSM. Read more here.

Keystore generation--Withdrawal address

  • During the validator key generation step, generate a number of validator keystores along with the deposit data file while setting the withdrawalAddress field to the Lido Withdrawal Vault on Holesky: 0xF0179dEC45a37423EAD4FaD5fCb136197872EAd9

DO NOT DEPOSIT 32 ETH using the deposit data file generated this way as the Lido CSM will make the deposit for you. Doing so will result in a loss of funds.

You will then upload your deposit data file in the next section. Make sure you complete the remaining steps on this page before that.

Validator Client Setup--Fee Recipient Address

For existing solo stakers, you can spin up a new validator client service specifically for your CSM validator keys so that you can retain your own fee_recipient address for your solo staking keys. Refer to this sub-section.

MEV-Boost Setup--Relay endpoints

  • Do not set the -min-bid flag or set it to 0

  • During the MEV-Boost setup step, set the -relay flags only to the list of designated MEV relays for Lido CSM on Holesky below.

Designated MEV Relay List

Note: Ultra Sound and Aestus relays do not censor transactions from OFAC sanctioned addresses.

Verifying the MEV Relay List

You can verify the latest MEV Relay List for the Lido CSM on Holesky here: https://holesky.etherscan.io/address/0x2d86C5855581194a386941806E38cA119E50aEA3#readContract

  1. Go to the Etherscan link above and it will bring you to the MEV Relay Inclusion List used by the Lido CSM

  2. Under Contract>>Read Contract>>4. get_relays>>Query

  3. A list of relay endpoints will appear under this section 4. get_relays. Verify that you are only using relay endpoints from this list.

The Holesky version of this Etherscan link is currently broken so you will face an error. Refer to the Designated MEV Relay List in the previous section in the meantime.

Last updated