Trust & Security

Security & Audits — How Stakingverse Protects Your Stake

Non-custodial smart contracts, independent audits and validator infrastructure spread across multiple data centers. Here is exactly how your LYX and ETH stake is protected.

Non-Custodial by Design

When you stake with Stakingverse, your coins go into a smart contract — not into our hands. The contracts do not allow Stakingverse to access your coins: only the depositor can withdraw them. We operate and maintain the validators your deposit activates, but your funds are never in our custody.

This also means you remain the custodian. If you lose access to your wallet or keys, we cannot recover your coins for you — so please take the usual precautions with your keys.

Smart-Contract Audits

The Stakingverse vault and liquid staking contracts on LUKSO trace back to the Universal Page contracts repository and have been audited multiple times by independent reviewers:

AuditorDateScopeReport
ExtropyOctober 2024StakingverseVault.sol and liquid staking contractsRead the report
Enigma VenturesLiquid staking contractsRead the report
MiloTruckStakingverseVault.sol and liquid staking contractsRead the report
Nethermind AI AgentStakingverseVault.sol and liquid staking contractsRead the report

The Ethereum vault runs on StakeWise V3, which has undergone multiple security audits by leading blockchain security firms, including Sigma Prime (September 2024), ConsenSys Diligence (March 2024), Halborn (August 2023).

All reports are linked from our documentation: LUKSO security docs and Ethereum security docs.

Infrastructure

We run our validator nodes on multiple Virtual Private Servers hosted by DigitalOcean, a highly reliable and professional infrastructure provider, spread out over multiple secure data centers around the world. We constantly monitor and update our servers to keep security and reliability high.

Servers are our single biggest cost, and we do not cut corners: exposure is deliberately spread out so that no single point of failure can affect all of our pools at the same time.

Slashing-Risk Mitigation

Slashing — a network penalty for validator misbehavior — is the main operational risk in staking, and our setup is built to minimize it. Validators are distributed across multiple servers and data centers, so an outage or fault in one location cannot create a penalizing event across all of our pools at once.

The Stakingverse oracles run independently of the staking pool and have no access to the funds, so even a failure or compromise of the oracle systems would not put your stake at risk.

Responsible Disclosure

Found a vulnerability or something that looks off? We want to hear about it. Email us at support@stakingverse.io or reach out through our contact page, and we will follow up promptly. For general questions about how staking works, see the staking FAQ.

Questions about security?

Don’t hesitate to send us a message.