6 hours ago
For respective agonizing hours successful August 2022, achromatic chapeau hackers watched anxiously arsenic evil-doers, known arsenic “black hats,” stole $190 cardinal from the Nomad span — the 4th biggest crypto hack conscionable that twelvemonth alone.
While immoderate achromatic hats yet took it upon themselves to bargain the funds for impermanent safekeeping, galore much hesitated implicit fears that getting progressive could onshore them successful prison.
This nonstop incidental is what led crypto information nonprofit Security Alliance, oregon SEAL, to find a mode to springiness achromatic hats the state and, much importantly, ineligible safety, to combat against the atrocious guys.
This aboriginal became the Safe Harbor Agreement — a model for achromatic hats and projects to abide by during an progressive exploit, according to the SEAL Safe Harbor initiative’s co-leads Dickson Wu and Robert MacWha.
“Skilled whitehats who could halt the onslaught often hesitate owed to ineligible uncertainty astir ‘hacking’ the protocol they’re trying to save. Safe Harbor eliminates this fearfulness by providing whitehats with wide ineligible extortion and prescribed steps.”SEAL recognizes 29 companies supporting crypto’s ethical hackers
Three years later, SEAL is present recognizing 29 crypto companies for adopting and supporting its Safe Harbor Agreement arsenic portion of its precise archetypal Safe Harbor Champions 2025 awards.
“By rallying astir standards similar Safe Harbor, we’re signaling a coordinated defence strategy alternatively than remaining fragmented,” Wu and MacWha said.
“With billions astatine hazard and hundreds of onslaught vectors, establishing wide information standards and rewarding information raises the baseline information for everyone.”The nominees, divided into “adopters” and “advocates,” see Polymarket, Uniswap, a16z Crypto, Paradigm, Piper Alderman, and galore more, including Cointelegraph.
Nominees for SEAL’s Safe Harbor grant are divided into “adopters” and “advocates.” Source: Cointelegraph
Another nominee, Web3 information level Immunefi, told Cointelegraph past period that its adoption of the Safe Harbor inaugural has helped 30 of its achromatic chapeau information researchers reach millionaire status, contributing to much than $25 cardinal successful lawsuit funds saved from attempted thefts.
So far, Immunefi has facilitated much than $120 cardinal successful payouts crossed thousands of reports, with SEAL’s Safe Harbor model serving arsenic 1 of its almighty tools to support crypto protocols from atrocious actors.
Notable achromatic chapeau hacks that saved millions successful crypto
SEAL presently has 79 unpaid achromatic chapeau hackers who tin respond during progressive exploits. One of the much celebrated achromatic hats is the pseudonymous c0ffeebabe.eth, who has tally successful and saved crypto projects connected much than a fewer occasions.
In April, they ran a Maximal Extractable Value bot to frontrun a malicious transaction and intercept $2.6 cardinal stolen from the Morpho App.
In July 2023, c0ffeebabe.eth returned $5.4 million worthy of Ether (ETH) to Curve users done the aforesaid MEV strategy, and a fewer months earlier, they besides recovered 300 ETH from a smart declaration exploit connected SushiSwap.
thank you c0ffeebabe.eth for returning the funds ❤️https://t.co/DoBoh5QEaR pic.twitter.com/ltEKSvZo80
— banteg (@bantg) July 31, 2023Good-faith achromatic chapeau actors besides withdrew and returned $12 cardinal worthy of Ether and USDC (USDC) from the Ronin span successful August 2024, receiving praise from its squad for their actions.
More recently, respective SEAL volunteers coordinated to pass crypto protocols of the NPM proviso concatenation attack that compromised JavaScript bundle libraries successful September.
Despite aboriginal fears of a imaginable achromatic swan event, the industry’s corporate defence constricted the full harm to little than $50 crossed the archetypal 24 hours.
“I'm precise arrogant of the information that SEAL worked rapidly to triage and remediate the crypto aspects of the onslaught portion GitHub and different developers worked rapidly to emblem and neutralize the corruption from a Web2 perspective,” SEAL’s pseudonymous laminitis and CEO, Samczsun, said.
SEAL’s Safe Harbor Champions 2025 unfastened for voting
Winners of SEAL’s Safe Harbor Champions 2025 awards will beryllium determined by the full fig of likes, retweets, punctuation tweets, and replies connected posts from nominees utilizing the @_SEAL_Org tag from Oct. 1 until Nov. 1.
The winners volition beryllium announced connected Nov. 3. They volition gain a commemorative SEAL nonfungible token and ongoing designation arsenic a 2025 Safe Harbor Champion.
The awards are portion of SEAL’s wider inaugural to promote much crypto companies to follow the Safe Harbor Agreement to fortify the extortion of lawsuit assets.
How SEAL’s Safe Harbor model works
To follow the Safe Harbor framework, crypto protocols indispensable articulation SEAL’s onboarding waitlist. If approved, they volition person a step-by-step usher connected however to comply with the framework.
During an progressive exploit wherever a achromatic chapeau steps successful to instrumentality the funds for impermanent safekeeping, the Safe Harbor rules authorities that funds indispensable beryllium returned wrong 72 hours, with the bounty acceptable astatine 10% of recovered funds (capped astatine $1 million).
Payment is made lone aft verification, and to guarantee accountability, achromatic hats indispensable implicit a Know Your Customer and OFAC cheque earlier receiving rewards.
On the different hand, rank arsenic a SEAL unpaid is granted done definite badges, which are earned by contributing clip oregon wealth to enactment the operations and initiatives tally by SEAL.
The crypto manufacture is taking accountability
Ayham Jaabari, a founding contributor of DeFi level and Safe Harbor nominee Silo Finance, told Cointelegraph that the SEAL statement being enforced on-chain and tied to updated idiosyncratic terms, reflects the benignant of accountability expected by banks and regulators.
Part of Silo Finance’s implementation of Safe Harbor has progressive publishing betterment addresses connected Ethereum, Avalanche, Sonic, Arbitrum, Base and Optimism to region immoderate uncertainty astir wherever achromatic hats should instrumentality rescued assets.
Continued adoption of achromatic chapeau frameworks similar Safe Harbor should service arsenic a informing motion to atrocious actors, Jaabari added:
“For attackers, the connection is clear: the assemblage is organized, coordinated, and prepared to respond rapidly — making exploits little profitable and riskier to attempt.”White hats present person ineligible protection
Another Safe Harbor nominee is the Security Research Legal Defense Fund, a nonprofit that is prepared to money the ineligible defence for immoderate achromatic chapeau who faces ineligible issues, provided the hack was carried retired successful bully faith.
SRLDF President and Senior Attorney Kurt Opsahl told Cointelegraph that portion they haven’t had to usage the money yet, it gives achromatic hats much assurance to measurement successful to safeguard protocols during progressive attacks:
“By mounting retired the presumption and protections up of time, a bully religion information researcher knows what the woody is, and tin bounds their vulnerability for acting arsenic a Good Samaritan.”Despite the progress, enactment remains. Hackers are becoming progressively sophisticated, siphoning $3.1 billion successful the archetypal fractional of 2025 — already surpassing the $2.85 cardinal mislaid successful each of 2024.
The $1.4 cardinal Bybit hack, on with rising crypto prices, person been the biggest contributors to losses successful 2025, already exceeding those seen past year.
Magazine: ‘SEAL 911’ squad of achromatic hats formed to combat crypto hacks successful existent time
English (US) 