During the painful hours of August 2022, the White Hat Hacker looked anxiously as an evil dorker known as the “Black Hat.” He stole $190 million from Nomad Bridge.
Some white hats eventually hugged it to themselves to steal funds for temporary storage, but made them even more frightening that participating could potentially land them in prison.
This exact incident led the Crypto Security Nonprofit Security Alliance, or Seal, to give freedom to a white hat and, more importantly, to find a way to fight the bad guys.
This was later turned into a Safe Harbor Agreement. According to Dixon Woo and Robert McFa, co-leads of the Seal Safe Harbor Initiative, they framed the project with white hats during an aggressive exploit.
“A skilled white hat capable of stopping attacks often hesitant due to legal uncertainty regarding ‘hacking’ the protocol they are trying to save. Safe Harbor eliminates this fear by providing clear legal protection and regulations procedures for the White Hat. ”
SEAL recognizes 29 companies that support ethical hackers at Crypto
Three years later, SEAL now recognizes 29 crypto companies adopting and supporting the Safe Harbor Agreement as part of its first Safe Harbor Champion 2025 Awards.
“By restoring standards like Safe Harbor, we signal a coordinated defence strategy rather than fragmentation,” Wu and McFa said.
“When you have billions of dollars of risk, hundreds of attack vectors, and you can establish clear security standards and participate, you create baseline security for everyone.”
Candidates split into “employers” and “advocates” include many other candidates, including Cointelegraph, such as Polymarket, Uniswap, A16Z Crypto, Paradigm, Piper Alderman.
Another candidate, Web3 security platform Immunefi, told Cointelegraph last month that the adoption of the Safe Harbor Initiative helped 30 white hat security researchers reach billionaire status, contributing more than $25 billion in customer funding from attempted theft.
So far, Immunefi has driven more than $120 million in payments in thousands of reports, and Seal’s Safe Harbor Framework serves as one of the powerful tools to protect crypto protocols from bad actors.
The well-known white hat hack has saved millions of codes
SEAL currently has 79 volunteer white hat hackers available to handle during active exploits. One of the most famous white hats is the pseudonym c0ffeebabe.eth, who saved and saved the crypto project on more than a few occasions.
In April, they ran the largest extractable value bot to frontrun malicious transactions, intercepting $2.6 million stolen from the Morpho app.
In July 2023, C0ffeebabe.eth returned $5.4 million worth of ether (ETH) to curve users through the same MEV strategy, retrieving 300 ETH from Sushiswap’s smart contract exploit a few months ago.
Thank you for returning the funds c0ffeebabe.eth pic.twitter.com/lteksvzo80
– Banteg (@bantg) July 31, 2023
He also retracted and returned $12 million worth of Ether and USDC (USDC) from Ronin Bridge in August 2024, with the team praised the action.
It was recently tuned to warn against cryptographic protocols for NPM supply chain attacks that compromised JavaScript software libraries in September.
Despite early fears about potential Black Swan events, the industry’s collective defense limited the total loss to under $50 in the first 24 hours.
“Seal works quickly to triage and repair the crypto aspects of the attack, and we are extremely proud of the fact that GitHub and other developers have worked so quickly to flag and neutralize infections from a Web2 perspective,” said Samczsun, founder and CEO of Seal’s pseudonym.
Seal’s Safe Harbor Champion Opens for 2025 votes
Seal’s Safe Harbor Champion 2025 Winner award From October 1st to November 1st, the @_seal_org tag is used to determine by the total number of posts, retweets, quoted tweets, and replies from candidates.
The winners will be announced on November 3rd. They will earn inappropriate tokens and continued recognition of commemorative seals as Safe Harbor Champions in 2025.
The award is part of SEAL’s broader initiative to encourage more crypto companies to adopt safe harbor agreements to enhance protection of their client assets.
How the Safe Harbor Framework for Seals works
To adopt a safe harbor framework, the cryptographic protocol must join SEAL’s onboarding waitlist. If approved, they will receive a step-by-step guide on how to comply with the framework.
During an aggressive exploit where white hats intervened for temporary storage, Safe Harbor rules state that funds must be returned within 72 hours and bounties are set at 10% of the funds recovered ($1 million cap).
Payment is made only after confirmation, and to ensure accountability, the white hat must complete OFAC checks with the customer before receiving the compensation.
On the other hand, membership as a Seal Volunteer is granted through a specific badge. Certain badges are earned by donating time or money to support the operations and initiatives operated by Seal.
The crypto industry is accountable
The adoption of the Safe Harbor Initiative is “an outside world where codes evolved beyond the wild west and into a mature ecosystem where collective action is possible,” says Wu and Macwha.
Related: Private user data reports are “unfounded” according to crypto.com
Ayham Jaabari, founding contributor to Defi Platform and Safe Harbor nominated Silo Finance, told Cointelegraph that the seal agreement is enacted on-chain and tied to updated user terminology reflects the type of accountability banks and regulators expect.
Part of Silo Finance’s Safe Harbor implementation includes disclosure of recovery addresses on Ethereum, Avalanches, Sonic, Arbitrum, Base and optimism, eliminating doubts about where the white hat should return rescue assets.
The ongoing adoption of white hat frameworks like Safe Harbor should serve as a warning sign for bad actors, Jaabari added:
“For attackers, the message is clear: the community is organized, coordinated and ready to respond quickly.
White hats have legal protection
Another Safe Harbor candidate is the Security Research Legal Defense Fund, a nonprofit organization ready to fund the legal defense of white hats facing legal issues if the hack is done in good faith.
SRLDF president and senior lawyer Kurt Opsahl told Cointelegraph they don’t need to use the fund yet, but the white hat gives them more confidence to intervene to protect the protocol during active attacks.
“By pre-setting conditions and protections, sincere security researchers know what the transaction is and can limit exposure to acting as a good Samaritan.”
Despite progress, work remains. Hackers are becoming increasingly sophisticated, sucking up $3.1 billion in the first half of 2025. It exceeded the $2.85 billion lost in 2024.
The $1.4 billion Buybit Hack is the biggest contributor to 2025 losses along with rising crypto prices, exceeding what was already seen last year.
magazine: Team of white hats from “Seal 911” formed to fight crypto hacks in real time