A tiny financial stake in a blockchain can be used to crash a staking pool's performance and generate massive profits for an attacker.
Attackers can manipulate a network's consensus layer using minimal capital to degrade a specific pool's efficiency. This technical sabotage causes the market price of the pool's tokens to drop, allowing the attacker to profit from the volatility. Most investors assume that large-scale attacks require massive amounts of capital to execute. These low-stake attacks prove that technical vulnerabilities allow small players to trigger significant financial gains at the expense of others. Security in decentralized finance depends as much on technical performance as it does on capital requirements.
Your Loss is My Gain: Low Stake Attacks on Liquid Staking Pools
arXiv · 2605.01025
Permissionless Proof-of-Stake (PoS) economic security is predicated on the high cost of violating consensus safety or liveness. We show that liquid staking introduces additional risks that are not captured by standard PoS economic security arguments. Through an empirical study of Ethereum data, we find that the operational performance of liquid staking pools is positively associated with subsequent normalized liquid staking token (LST) returns. Motivated by this, we present a cross-layer attack: