If I Stake My ETH, What Risks Am I Actually Taking On?

By 2024–2026, ETH staking has moved from a hobbyist activity to a one-click product on every major exchange’s front page. Stable 3–5% APY, 24/7 hands-off passive cash flow, on-chain native “interest”—those labels pushed it into the mainstream. But there’s a significant gap between how staking looks (“low-risk passive yield”) and the actual risk structure it carries. Slashing, withdrawal queues, LST depegs, restaking layering, smart-contract failure—these are different kinds of exposure with very different probabilities and loss magnitudes. This article lines them up along three axes—“actually happened vs theoretical,” “loss magnitude,” and “can a regular user avoid it”—so you can see what you’re actually betting on. For staking basics, see the staking intro.

First, Distinguish the Staking Path

Before discussing risk, confirm which path you’re on—“ETH staking” carries very different risks depending on route:

• Self-run validator — full 32 ETH, run your own node. Total control, full operational responsibility.
• Custodial staking (Coinbase, Binance, Kraken) — hand ETH to a centralized institution that runs the node.
• Liquid staking (LSD) (Lido, Rocket Pool) — stake to a protocol, receive a liquid staking token (stETH, rETH).
• Restaking (EigenLayer) — re-pledge already-staked ETH or LSTs to additional protocols for layered yield.

PoS staking models differ across L1s, not just on Ethereum—see notable Layer 1s besides ETH and Solana for a side-by-side view.

Each path sources risk from different places. Mechanics in liquid staking LSD, Lido vs Rocket Pool, and EigenLayer restaking.

Risk One: Slashing

The most-discussed but actually lowest-probability risk. Slashing is the consensus-layer penalty for cheating or double-signing—part of your stake gets cut.

Historically, for a well-run node, slashing is a low-probability event. Most real cases since Ethereum’s PoS launch came from operational mistakes (same signing key live on two nodes at once), not malicious attacks. Loss magnitude starts around 1 ETH per incident; severe cases run to a few ETH.

What this means for ordinary stakers: users on Coinbase, Lido, and similar custodial routes absorb slashing risk through the provider’s operational quality—back-end failures hit the provider’s share, not your principal directly. Self-run validators must manage signing keys carefully, especially avoiding key parallelism during migrations.

Risk Two: Withdrawal Queue and Timing

Badly underestimated. Ethereum withdrawals aren’t instant—exiting a validator goes through an exit queue whose duration depends on overall exit volume. A few days to a week in normal conditions; weeks to months under stress (market panic, mass unstaking).

The practical implication: when you actually need ETH for something urgent, the staked portion isn’t immediately available. LST routes (stETH, rETH) offer secondary-market liquidity, but under heavy unstaking pressure, the LST price drifts off the ETH peg—stETH has shown 1–5% discounts multiple times, and dropped deeper during 2022 stress.

Position-management implication: staked ETH should be treated as a medium- to long-term position; don’t put short-horizon urgency capital into it.

Risk Three: LST Depegs and Protocol Risk

Users on Lido/Rocket Pool carry an extra layer: stETH is not ETH. Its peg is held by two mechanisms—the protocol’s long-run 1:1 withdrawal relationship (you can withdraw 1:1 once the queue clears), plus secondary-market arbitrage.

The secondary market isn’t always stable, though. stETH drifting 1–5% off ETH under stress is normal; during the 2022 3AC unwind it briefly touched 0.93. If you need cash and won’t sit in the queue, you accept a haircut.

Another layer is protocol risk itself—Lido’s node operator set acting collusively (very low probability, not zero), smart-contract bugs, governance attacks. These events are very low probability but the loss magnitude is “entire principal”—the tail-most risk in staking.

Risk Four: Restaking Layering

A new risk source emerging in 2024–2026. EigenLayer-style protocols let you re-pledge ETH (or LSTs) into additional AVS (Actively Validated Services) for stacked yield. But every additional AVS adds another slashing condition.

In principle, a single AVS failure can slash directly into the principal you re-pledged. With multiple AVS active, a single systemic incident can trigger losses at multiple layers simultaneously.

In 2026 this risk still sits in the “theoretically known, not battle-tested at scale” zone—EigenLayer mainnet hasn’t seen a large AVS slashing event yet. But higher-APY AVS generally have more complex slashing conditions, so chasing yield is materially accumulating compounded tail risk.

Risk Five: Smart Contract and Operational Risk

The infrastructure layer, present across every path:

• Custodian collapse or misappropriation — exchange-staked principal is only as safe as the exchange itself. FTX proved this isn’t a zero-probability scenario.
• LSD contract bugs — any staking protocol earns trust through audit maturity and runtime. Newer protocols offer higher yields and higher contract risk.
• Node operator concentration — Lido’s persistent high share of ETH staking has raised centralization concerns, and the tail risk of a single operator set acting collusively comes up repeatedly.

A Risk Matrix Across the Four Paths

Mapping the five risks against the four staking routes makes it easier to locate yourself:

The reading: there is no “absolutely safe” path, only paths that source risk differently. Self-run pushes all the risk onto your own operations. Custodial ties it to the custodian’s solvency. LSD swaps it for “contract + discount + concentration.” Restaking layers AVS-specific risk on top of LSD.

Slashing History: How Often Has It Actually Happened?

From the Merge through early 2026, publicly trackable slashing events still sit in the hundreds of validators range (the exact number drifts a bit across public dashboards, but it’s well below early forecasts). Against an active validator base in the millions, the realized rate is below 0.05%. Almost all cases fall into three categories:

1. Signing key parallelism — during a node migration the old node wasn’t stopped, both signed the same slot, double-signing auto-triggered the penalty. The largest historical bucket.
2. Operational misconfiguration — client upgrade errors, time sync failures producing liveness failures. Losses usually smaller than a double-sign event.
3. Deliberate malice by the operator — close to zero historically. PoS economics make active malice unprofitable in nearly every scenario.

The takeaway: slashing is significantly overweighted in the staking risk narrative. What deserves more attention is withdrawal timing, LST discount under stress, and the layered tail risk of restaking.

Writing the Risk Into the Calculator

ETH staking presents as “3–5% passive yield.” It’s actually layering several risks with different probabilities and loss magnitudes in exchange for an interest payment. For ordinary holders the priority isn’t a precise mathematical model of each risk—it’s three plain habits: only stake ETH you won’t need short-term; don’t concentrate the entire position in a single LSD protocol; for any high-APY product, ask one extra question—“what slashing condition does this add beyond base staking?” Drop those three into your position calculator and the “3–5% passive yield” stops being a simplified number—it becomes a properly priced return. This article is not investment advice.