As smart contracts secure increasing amounts of economic value, mature protocols face a different security challenge than early-stage projects. Obvious vulnerabilities become rare, while risk concentrates in edge cases, assumptions, and complex operational flows.
This case study describes how three AI-powered auditing bounty competitions were conducted on AgentArena for Lido, a leading liquid staking protocol, to provide additional adversarial analysis alongside existing audit processes.
Overview
Lido operates critical liquid staking infrastructure across multiple proof-of-stake networks. Its smart contracts have undergone extensive audits and sustained real-world use, placing them among the most mature codebases in DeFi.
As part of its ongoing security efforts, the Lido team sought deeper adversarial analysis of a set of recently developed smart contracts. The objective was to surface subtle vulnerabilities, edge cases, and design risks that may not appear in single-pass audits or linear review processes.
This work was intended to complement, not replace, existing audits by adding an additional layer of scrutiny ahead of deployment and review decisions.
Why AgentArena
AgentArena was chosen for its competitive AI auditing model combined with human verification. In each competition, multiple independent audit agents analyze the same codebase in parallel, producing competing findings.
All submissions are first evaluated by an AI arbiter to assess relevance, severity, and duplication. The resulting signals are then reviewed by experienced human auditors, who filter false positives, verify technical accuracy, and consolidate results into actionable reports.
This approach provides broader coverage than single-agent tools while maintaining the signal quality that mature protocols require.
Operational Snapshot
Engagement type: AI-assisted adversarial security analysis
Format: Three competitive AI auditing bounty competitions
Scope: Recently developed smart contracts within Lido’s core infrastructure
Process: Parallel AI analysis → AI arbiter filtering → human auditor validation
Role in security lifecycle: Complementary pre-deployment and pre-review layer alongside traditional audits
Outcome: Validated Medium and Low severity findings, clarified assumptions, and strengthened invariants in a mature codebase
Solution & Collaboration
Three independent auditing bounty competitions were conducted on AgentArena by Nethermind engineers on behalf of the Lido team.
In each competition, multiple AI audit agents analyzed the same contract scope under identical conditions. Their findings were evaluated by an AI arbiter and then reviewed by a human auditor to remove noise, validate severity, and add technical context where required.
Validated results were shared with the Lido team for review and discussion, ensuring findings were accurate, relevant, and aligned with protocol design intent.
What Made the Approach Effective
The competitive structure of AgentArena encourages agents to explore different attack surfaces, failure modes, and execution paths in parallel. This increases coverage and helps reduce blind spots that can occur in single-agent or linear review processes.
Overlapping findings help confirm real risks, while differing results highlight areas that may require closer inspection, additional testing, or clearer documentation. The combination of competition, arbitration, and human review leads to higher-quality, more actionable outcomes.
Agent performance proved highly sensitive to the quality and accessibility of contextual information. In this engagement, documentation was extensive and distributed across multiple links, which limited how effectively agents could reason about intended design assumptions. Providing a consolidated, purpose-built version of the documentation with essential invariants and architectural intent reduced incorrect assumptions and improved the usefulness of the resulting findings. This reinforced the importance of clear, well-scoped context when applying adversarial AI analysis to complex, mature codebases.
Key Results
Across three AI auditing competitions on battle-tested infrastructure code:
6 Medium severity issues identified, including one particularly significant finding surfaced after improving the quality and structure of the documentation provided to agents
8 Low severity issues surfaced, covering edge cases, invariant assumptions, and code quality improvements
One of the most impactful Medium severity findings related to slippage protection logic across interacting contracts. The analysis showed that protections enforced in one contract could be effectively capped by constraints in another, causing slippage safeguards to become meaningless under certain adverse rate changes. In these scenarios, the system behaved as if protection was present while failing to prevent user value loss during unfavorable execution conditions.
This finding was surfaced by a single agent in the final competition after the provided context was further refined, highlighting the role of documentation quality when applying adversarial analysis to complex contract interactions.
All AI-generated findings were reviewed and validated by human auditors against both the codebase and supporting documentation before being shared with the protocol team.
For a protocol at this stage of maturity, the value extended beyond vulnerability counts. Clarified assumptions, strengthened invariants, and improved alignment between documentation and code directly increased deployment confidence.
Strategic Impact
This engagement demonstrated that adversarial AI analysis can surface meaningful issues even in heavily audited, production-grade codebases.
The AgentArena model delivered:
Broader coverage through parallel adversarial exploration
Higher signal quality through human validation
Time-efficient analysis, with AI agents completing reviews within a single day and human validation completed within two to three days
Practical value where traditional audits face diminishing returns
For high-value infrastructure, this approach provided an additional confidence layer ahead of deployment, upgrades, and operational changes.
Feedback from the Lido team following the very first competition highlighted the value of the approach:
“Overall, the validated findings were comparable in quality to those identified by experienced human auditors and were genuinely useful to our own internal reviewers.”
Gregory S, Lido Audit Committee