Original author: Frank, Foresight News

On the evening of February 14, Paradigm security director samczsun officially announced the launch of the white hat hacker safe harbor program Security Alliance, which quickly caused waves in the encryption world. Head protocols such as Uniswap have cooperated with industry security agencies such as SlowMist Technology, OpenZeppelin, and Messari. Celebrities such as founder and CEO Ryan Selkis interacted and called in support.

As the most prestigious top white hat hacker in the field of Web3 security, what exactly is the so-called white hat hacker safe harbor program Security Alliance launched by samczsun and what specific things will be done? It may have consequences for the encryption industry and the Web3 security field. What are the impacts?

What is Security Alliance?

First of all, the word is as its name suggests. The literal English translation of Security Alliance is Security Alliance. A simple understanding is that it is a public welfare alliance organization dedicated to network security:

Security Alliance has assembled a team of the best in cybersecurity to help keep DeFi safe through initiatives like SEAL 911 and Wargames.

According to the information disclosed by samczsun, as early as August 2022, when the cross-chain interoperability protocol Nomad was attacked (Foresight News noted that the loss in the Nomad incident reached US$190 million), he cooperated with the security team of a16z crypto to participate in the attack. Hacker identification analysis.

In the process, they collaborated to help the Nomad project recover a whopping $38.8 million in funds from several white hat hackers who deliberately siphoned off the funds to protect them from the attackers, which also It formed the earliest organizational prototype and operating philosophy of Security Alliance.

Because white hat hackers are often the first to notice or receive vulnerability warnings, this is actually the daily tweet content of well-known security researchers/institutions such as samczsun, SlowMist, and PeckShield.

But the problem is that many more technically sophisticated, white-hat-minded developers and security researchers are unable to help because of the legal ambiguity surrounding white-hat hacker rescue:

Either it is not allowed due to work reasons, or there are concerns about other factors. In this context,If there is a legal framework that allows white hats to use actions to show their goodwill, then more people can participate., the Nomad incident is a typical example.

To sum up, samczsun decided to build aRelevant organizations that allow security personnel to have no worries and respond to security incidents faster and better,So after more than a year of hard work, Security Alliance was born - removing the barriers that might prevent white hat hackers from protecting our protocols in real time and empowering security researchers so that if all else fails, white hat hackers can act as The last line of defense.

In short,Security Alliance aims to provide a legal protection framework for white hat hackers, notify owners of vulnerable systems as quickly as possible, and provide an attack and defense exercise environment and support.Currently, Security Alliance has released a draft agreement on GitHub and is open to soliciting community opinions for a period of one month, ending on March 14, 2024.

According to the official website, Security Alliance has more than 50 donors and partners, including Paradigm, Ethereum Foundation, a16z crypto, Vitalik Buterin, Filecoin Foundation, Coinbase, Dragonfly, Framework, Electric Capital, etc. The lineup is top-notch.

Three main products/services

Currently, there are three main products/services listed by Security Alliance: Whitehat Safe Harbor Agreement, SEAL 911, and SEAL Wargames.

Among them, encryption researcher @lex_node and Delphi Labs helped develop the safe harbor protocol, and more supporting initiatives are planned to be released this year.

White Hat Safe Harbor Agreement: White Hat Operating Standards

As shown above, Security Alliance serves as a neutral public welfare platform that brings together top experts from many different tracks in the encryption field, almost forming a network with access to the entire encryption ecosystem to find the best talents in any professional field. Help execute the plan.

Based on this, the White Hat Safe Harbor Protocol is a comprehensive framework specifically designed to deal with active attack events. It can be understood as a White Hat Security Operation Specification. In this framework,The protocol can provide legal protection to white hat hackers who help recover assets during an active attack incident.

That is to say it is similar to a bug bounty in that if a protocol adopts safe harbor protocols before an active attack event occurs, white hat hackers will have a clear understanding of how they can act in a potential rescue, such as:

• What assets are within the scope of the protocol (e.g. any ERC 20 tokens at a specific address)?

• What will be the reward for a successful white hat rescue (e.g. 10% of the rescued funds, or a cap of $1 million)?

• Where should the rescued funds be returned (e.g. a specific multi-signature address)?

This means that white hat hackers can intuitively understand their operating boundaries, code of conduct, and reward standards, and obtain legal protection. Of course, if the white hat decides to carry out white hat rescue, they must follow the process stipulated in the agreement.

SEAL 911: 7 × 24 emergency hotline

The product form of SEAL 911 is a Telegram robot. Simply speaking, it can be regarded asAn emergency hotline directly connected to the project party and the team. Anyone can use it to get in touch with a certain project team in an emergency.Any messages users send to it will be automatically forwarded to the corresponding project team.

Just imagine, if one day you are the first to discover clues of an on-chain attack against a certain protocol. In such an emergency, time is money, but it may be difficult for you to know who to ask for help or to issue a disclosure reminder immediately, especially how to do so. Notify officials as soon as possible.

SEAL 911 is a channel where users, developers, and others who need urgent security advice, help disclosing critical vulnerabilities, or simply synchronize progress with other researchers can use this Telegram bot to connect with carefully vetted expert volunteers. Team connection.

The SEAL 911 team will then triage the request and provide assistance directly or route it to the correct point of contact. According to samczsun, over the past 6 months, SEAL 911 has helped disrupt, block, and correct several hacker attacks, as well as assisting many people with other security concerns.

SEAL Wargames: Provides red and blue offensive and defensive environments

SEAL Wargames is officially positioned as Red Team Exercise, which can be simply understood asProvide a red and blue offensive and defensive environment.

Because many developers may have never experienced the high-intensity environment of a security incident before, this makes it difficult for them to stay focused and productive because every second could mean millions of dollars lost to an attacker.

andSEAL Wargames can provide projects with the resources and training they need to prepare for extreme scenarios,And includes two stages:

• Tabletop exercises, where the SEAL Chaos team works with project developers to develop hypothetical attack scenarios and document potential vulnerabilities;

• To simulate attacks, the SEAL Chaos team uses vulnerabilities on the test network to challenge project developers, sort out vulnerabilities of different categories, and fix them;

Therefore, if a project is hacked and requires emergency response, or if a red team drill needs to be conducted in advance to deal with extreme situations, this tool can be used.

samczsun Who is this person?

As Paradigm Research Partner and Head of Security, samczsun focuses on Paradigms portfolio companies and research on security and related topics.

In the past two years, samczsun has repeatedly issued early warnings and been active in Web3 security incidents of all sizes. He should be the most familiar white hat hacker in the encryption industry:

According to incomplete statistics, in the past few years, Samczsun has helped at least dozens of projects discover related vulnerabilities in advance through direct warnings, avoiding hundreds of millions of dollars in losses, including SushiSwap, ENS, etc.

If you sort through the timeline, you will find that samczsun’s open source contributions to Web3 security are in the same vein:

In September 2022, samczsun developed and launched the Ethereum Tags Database, an Ethereum address tagging and search website, and stated that the Ethereum Tags Database can be used to tag Ethereum addresses, and anyone can contribute to it, and by address, tag (using wildcard) search;

In August 2023, the Telegram robot SEAL 911 mentioned above will be launched;

summary

We often say, The Web3 world is a paradise for technical talents and hackers. Especially since the DeFi summer of 2020, the security risks in the Web3 world are like an asymmetrical one-way hunt. For hackers, it is undoubtedly a trap. The endless free cash machines, for project developers and ordinary users, are more like a Sword of Damocles that will fall at some point.

And Security Alliance, through a series of combination punches,Allows crypto users affected by security incidents such as hacking to access a 7 x 24-hour emergency hotline, also provides legal protection for white hat hackers when rescuing stolen funds, and provides free exercises for Web3 developers to simulate adversarial networks against organizational systems attack,to identify vulnerabilities and prepare effective responses.

At least as far as the current encryption field is concerned, this is already the most complete Web3 security solution at the moment. It remains to be seen whether it can make everyone less cruel when traveling through the dark forest of encryption.