(Public) SEAL Whitehat Safe Harbor Agreement

SEAL’s Whitehat Safe Harbor agreement is a legal and technical framework which can be adopted by protocols and crypto communities to grant advanced permission to whitehats and MEV bots for frontrunning exploits so long as:

Funds are returned to a designated Asset Recovery Address determined by the protocol.
Action is only taken in the event of an Active Exploit.

By adopting Safe Harbor, protocols and whitehats can work together to increase their chances of recovering funds in the event of an attack.

What Problems does Safe Harbor aim to solve?

Smart contract hacks, such as re-entrancy, flash loan, oracle manipulation, and access control breaches, represent some of the most significant threats to protocols. In 2023 alone, there have been over 400 incidents resulting in a staggering $1.9 billion loss.

Untitled

Currently just 20% of funds stolen from protocols are returned. This is, in part, because of the complete lack of standards protecting prospective ethical whitehats. Without any assurances that they will be legally secure whitehats are less likely to intervene during active exploits, leaving protocols vulnerable.

Why Should a Protocol Adopt Safe Harbor

Between Bug Bounties, Audits, and Safe Harbor, the latter is by far one of the simplest security measures a protocol can take to significantly reduce the risk of an attack.

Lower Resource Commitment: Adopting Safe Harbor requires significantly fewer resources than conducting a full code audit and demands less ongoing commitment compared to maintaining Bug Bounties.
First Line of Defence: While comprehensive security involves multiple layers, Safe Harbor is the best initial measure to mitigate risks.
Reduced Risk of Attack and Increased Fund Recovery: Protocols that adopt Safe Harbor are less likely to be targeted and are more likely to recover funds if an attack does occur.