Lido: The ZKsync wstETH bridge endpoint contract has a potential vulnerability

Lido officially stated that there is a potential vulnerability in the ZKsync wstETH bridging endpoint contract. There are currently no signs that this vulnerability has been exploited, and wstETH holders on ZKsync are not affected. Other bridging contracts are not impacted.

As a precaution, Lido has paused new deposits to the ZKsync bridging contract, while withdrawals from zkSync and token transfers are unaffected. Lido has prepared a fix that will be audited and deployed during the next scheduled on-chain Lido governance comprehensive vote (late March/early April), after which the deposit functionality will be restored. Further updates will be released as necessary.