White hat crypto hackers unite to create crime fighting collective


Article Contents

In This Article

The crypto community is applauding the launch of Security Alliance, a nonprofit registered in the United States intended to provide support for “white hat” hackers capable of recovering funds from exploiters. The initiative unites a team of blockchain security specialists headed by samczsun, head of security at crypto venture capital firm Paradigm.

The new organization was made public on Feb. 14. According to its website, Security Alliance has three projects underway. There is a hotline to request help with a security response and a war games component to help prepare developers for security risks.

Probably the biggest innovation the group offers is its Whitehat Safe Harbor Agreement, which offers “legal protection and incentives for whitehats to rescue funds under active exploit.” This is accomplished through an advance agreement that reads in part:

“Provided that you act lawfully, competently and in good faith, the protocol and its members waive the right to pursue legal claims against you.”

“However, be aware that the legal landscape is complex, and engaging in agreements of this nature carries associated risks,” the agreement continues.

Related: White hat: I returned most of the stolen Nomad funds and all I got was this silly NFT

Security Alliance drew its inspiration from the Nomad hack in August 2022. Many white hat hackers took part in the recovery of the Nomad funds, but:

“Members of the security community lamented that had there been a legal framework in place that enabled whitehats to crystallize good faith with action, more people could have helped. So, we decided to build one.”

Although the only individual participant in Security Alliance mentioned on the website is samczsun, who follows the common security practice of disguising their true identity to avoid reprisals, several others have been named on X as group members or have identified themselves as such.

The group claimed to have over 50 donors and partners. Among those named were the Ethereum Foundation, Vitalik Buterin, a16zcrypto, Paradigm, Electric Capital and Coinbase. A Bloomberg report stated that the group had raised over $1 million, with Buterin alone contributing $500,000. 

According to one estimate, $2.61 billion was lost to hacks and scams in 2023, and only a small fraction of it is recovered. New hacking technology is constantly emerging.

Magazine: Real AI use cases in crypto, No. 3: Smart contract audits & cybersecurity