SEAL’s Whitehat Safe Harbor agreement is a legal and technical framework which can be adopted by protocols and crypto communities to grant advanced permission to whitehats and MEV bots for frontrunning exploits so long as:

1. Funds are returned to a designated Asset Recovery Address determined by the protocol.
2. Action is only taken in the event of an Active Exploit.

By adopting Safe Harbor, protocols and whitehats can work together to increase their chances of recovering funds in the event of an attack.

Documents

Introducing the Security Alliance

Safe Harbor for Protocols

Successful Adoptions

Safe Harbor for Security Stakeholders

Safe Harbor for Lawyers

Safe Harbor for Whitehats

Components

• security-alliance/safe-harbor: the GitHub repository housing the legal contracts and on-chain components of the agreement. Includes the official legal agreement, a summary document, and the Safe Harbor Registry.
• Whitehat Legal Defense Fund: In collaboration with the Security Research Legal Defense Fund (SRLDF), the Whitehat Legal Defense Fund is legal defense fund which offers grants for whitehats who act under Safe Harbor in the event that they require legal defence.
• Safe Harbor Agreement for Whitehats: the official legal agreement binding the whitehat and protocol community. Includes several exhibits, including Exhibit F Adoption Form, which describes the choices a protocol can make during adoption (KYC requirements, bounty %, etc.).
• Safe Harbor Agreement for Whitehats - Human Readable Summary: a helper document to summarize the official agreement.

Safe Harbor Registry

For a full up-to-date list of registry addresses, please view the github readme.md.

The ENS “safeharborregistry.eth“ will resolve to the latest deployed registry on all supported chains.

Diagram