The Security Alliance (SEAL), the coalition behind a number of leading security initiatives for the Web3 ecosystem, has launched its latest initiative, the first Legal Defence Fund for Whitehats hackers in Web3. The Fund is intended to provide financial assistance to good faith security researchers who face legal action in connection with research activity. The fund has been launched in collaboration with the Security Research Legal Defence Fund (the SRLDF).
Whitehats are security researchers who engage in ethical hacking in order to identify and secure computer systems. Security researches who identify or expose vulnerabilities in software can face legal threats or prosecution over their work, including allegations of unlawfully accessing computer systems or misappropriation of data or assets. Since 2022, the official policy of the US Government is not to prosecute "good faith" security researchers. However, this does not mean that researchers will not face legal threats from the company which published the software or users, or allegations which call their good faith into question. Legal threats can have a chilling effect on good faith security research.
SEAL's Legal Defence Fund complements its broader toolkit for Web3 security researches.
The Whitehat Safe Harbour Agreement is intended to incentivize whitehat hackers to rescue funds by offering agreed rewards and pre-emptive legal releases from the protocol and its users, and reducing the risk of criminal prosecution. The new Legal Defence Fund will assist eligible Whitehats who use the Whitehat Safe Harbor Agreement in good faith to protect the crypto ecosystem.
Whitehats that face legal threats or lawsuits due to good faith security research can apply for grants from the Security Research Legal Defense Fund to offset the cost of legal representation. The eligibility criteria are set out on the Fund's website. The SEAL Whitehat Safe Harbor Agreement is now included in the grants that can be made under the SRLDF.
As part of this initiative, SEAL is also making an initial donation to the fund thanks to its donors including Paradigm, a16z, Electric Capital, Framework, Dragonfly, Paperclip, E-girl Capital, the Ethereum Foundation, and the Filecoin Foundation.
The Security Alliance is the coalition behind several other security initiatives, including the Whitehat Safe Harbor, SEAL Wargames, which allows developer teams to simulate security incident scenarios, and the SEAL 911 Emergency Hotline, which enables users, developers and security researches who need access to urgent security advice, help with disclosing a critical vulnerability, or to connect with a team of carefully vetted expert volunteers. SEAL 911 has helped disrupt, intercept, and remediate several hacks, recovering over USD 50 million in crypto-assets. SEAL has also built the world’s first crypto ISAC or information sharing and analysis centre to enhance real time sharing of threat intelligence, and combat cyber hacks and financial crime in Web3.
Written by Michael Bacina and Steven Pettigrove