Who Are The "White Hats" And How Are They Protecting The Blockchain Industry?

Who are white hats?

The term white hats probably comes from the movie industry. In westerns, cowboys wearing white hats symbolized the good guys, while the bad guys wore black hats at the will of the directors.

The term ”white hat hackers” was coined in the 1960s, when research institutes began looking at computer systems for vulnerabilities in order to eliminate them and improve security.

The subculture developed in the 1990s with the rise in popularity of the Internet. White hackers were then actively involved in protecting systems, searching for weaknesses, and conducting penetration tests.

White hats have become an integral part of the blockchain industry, helping to fight cybercrime. Many professional training courses, bounty programs and decentralized platforms like Immunefi and Hacken are helping to steer talent in an ethical direction.

What other hats do hackers wear?

In addition to ”white” and ”black,” the community has dressed hackers in four other colors depending on their intentions and methods:

• ”gray hats.” These hackers fluctuate from white to black, changing sides easily. Usually have no criminal intentions, but may hack into companies' products without their authorization. In some cases, they will not miss an opportunity to sell their data;

• ”blue hats. That's what Microsoft calls good hackers, the equivalent of ”white hats.” The Microsoft BlueHat Conference, established by the tech giant, promotes product validation by hackers before release to the market. A second meaning of the term may be encountered in publics is hackers who hack into resources for personal gain, for revenge;

• ”green hats” (green hats) - hackers who are new to hacking and are still lacking in experience and skills. They may often do damage unknowingly and may not know how to fix the consequences of their activity;

• ”red hats - hackers-vigilantes, the main threat to the ”black” after the law. Their main goal is to punish intruders by any means necessary.

How do ”white hats” work in Web3?

”White hats” differ from ”black hats” in that they get permission to hack from the system owner. Ethical hackers work proactively and solve the problem before the attackers discover the breach. Basic techniques and methods in Web3:

• Auditing smart contracts. They analyze code for overflow vulnerabilities, unauthorized access, or logic errors that could lead to loss of funds. Manual and automated tools like Mythril, Securify and Slither are used in the auditing process;

• penetration testing. Search for weak entry points and simulate real attacks on blockchain security mechanisms, dapps, smart contracts. May include use of social engineering and phishing to compromise accounts, keys, wallets;

• investigating vulnerabilities in crosschain bridges. A popular attack vector requires special attention: transaction validation issues, vulnerabilities in consensus algorithms, and cross-chain operations are investigated;

• bug bounty programs. Organized by blockchain companies and auditing platforms, the events help effectively protect potential victims and financially incentivize white-hat hackers;

• reverse engineering. Analyze smart contracts and dapps using reverse engineering. Can identify vulnerabilities, especially if the code is represented as bytecode.

White hat work typically involves four steps:

1. Preliminary interaction. Discuss testing conditions and objectives with system owners.
2. Gather information about the system, network, and potential vulnerabilities.
3. Model threats related to dapps, smart contracts, or infrastructure providers. Account creation and trial hacking.
4. Exploitation. Checking identified bugs to confirm risks. Writing a report that identifies all problems found, how to fix them, and recommendations for business owners.

How are white hackers trained?

According to the Hacken blog, hacking is ”more of a lifestyle than having specialized knowledge.”

In the traditional IT industry ”white hats” have been used for several decades, accordingly, the process of their training and professional development is already established. 

According to the popular site for ethical hackers HackerOne, becoming a certified cybersecurity representative can be accomplished in a few steps, including using their free courses Hacker101.

To gain hands-on experience, they recommend becoming a community member and participating in various competitions like Capture The Flag (CTF). 

To have a successful career and find orders easily, you need to prove your qualifications by earning popular certifications:

• Certified Ethical Hacker (CEH). A credential from the EC-Council that includes methodologies, tools, and techniques for ethical hacking;

• Offensive Security Certified Professional (OSCP). Takes a hands-on approach to penetration testing;

• CompTIA Security+. Covers key concepts and practices in cybersecurity.

Is it even legal?

Unauthorized hacks are the prerogative of gray hackers, but despite good intentions, they can have legal consequences. White hat work involves compromise with the legal field;

Underdeveloped legislation on digital security and blockchain systems poses a serious threat to them. There are no guarantees that specialist assistance will not backfire.

The main legal constraints faced by ”white hats”:

• Confidentiality. Handling personal data, intellectual property or trade secrets requires a responsible attitude;

• Compliance with laws and regulations. The obligation to follow applicable laws, such as the Computer Fraud and Abuse Act (CFAA) in the US or the General Data Protection Regulation (GDPR) in the EU;

• non-disclosure agreements (NDA). Some clients may be required to sign a document to protect confidential information and trade secrets of the target organization. Violation of the NDA may result in legal consequences.

What is the Security Alliance (SEAL)?

On February 14, 2024, the head of security at venture capital firm Paradigm and part-time famous whitehat hacker samczsun called the Web3 community to unite to protect the rights of ”ethical hackers” in their fight against cryptocurrencies. On this day, Security Alliance (SEAL), a NPO, and the Whitehat Legal Defense Fund were officially registered.

He attributed his motivation to his desire to reduce legal risks for his colleagues. The hacker recalled the Nomad crosschain protocol hack in 2022 for more than $186 million, when many ”white hats” wanted to help but were forced to watch from the sidelines. Then, through the efforts of individual members of the yet-to-be-formed SEAL saved about $39 million, and Nomad was restarted. 

After the incident, samczsun proposed the use of a 24-hour ”rescue service” - SEAL 911. According to the idea, anyone who has suffered from a hack or noticed suspicious activity can contact the Telegram chat to receive free real-time assistance. The service operates in accordance with the current legal mechanisms.

SEAL also includes SEAL-ISAC - a crypto-security analysis, information clearinghouse - and the Whitehat Safe Harbor Agreement. 

The purpose of the Safe Harbor Agreement (SHA) is to protect whitehat hackers from unfair prosecution and bring legal clarity to their actions. It lies between the protocol under attack and the experts coming to the rescue so that they can intervene and redirect funds to a safe address (”safe harbor”) for recovery.

What is Immunefi?

Immunefi is a Web3-based cybersecurity platform. It was founded in December 2020 by Mitchell Amadoro and is one of the leading bug bounty platforms. 

Immunefi's main goal is to create a safe environment where ”white hats” can responsibly disclose found vulnerabilities and get rewarded for it. The startup works with Safe Harbor Agreements along the lines of SEAL.

The platform is valued for its generous rewards and system analytics. Over $100 million has been paid out to hackers since its inception.

In 2022, the team launched a ”white hat” rating system. The rating is updated daily and categorizes hackers by the number and complexity of paid reports, as well as by the total amount of earnings.

Immunefi honors outstanding ethical hacks with NFT-objects from the Whitehat Hall of Fame collection. They are unique and are produced in one-of-a-kind pieces.

Immunefi also provides security consulting services. The company's experts help projects create more resilient and secure systems.

The organization cooperates with major players in the industry, helping projects to minimize the risks of cyberattacks and ensure user trust in Web3. It often conducts attackathons.

Immunefi closed a $24 million Series A funding round in September 2022, led by Framework Ventures with participation from Electric Capital, Polygon Ventures, Samsung Next and others.