{"id":38053,"date":"2024-11-12T14:00:00","date_gmt":"2024-11-12T12:00:00","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=38053"},"modified":"2025-12-05T06:34:19","modified_gmt":"2025-12-05T03:34:19","slug":"who-are-the-white-hats-and-how-do-they-protect-the-blockchain-industry","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/who-are-the-white-hats-and-how-do-they-protect-the-blockchain-industry\/","title":{"rendered":"Who Are &#8220;White Hats&#8221; and How Do They Protect the Blockchain Industry?"},"content":{"rendered":"<div class=\"wp-block-text-wrappers-cards single_card\">\n<h2 class=\"card_label\">Who are \u2018white hats\u2019?<\/h2>\n<p>The term \u201cwhite hats\u201d likely comes from cinema. In Westerns, cowboys in white hats symbolised the good guys, while the villains wore black.<\/p>\n<p>The term \u201cwhite-hat hackers\u201d emerged in the 1960s, when research institutions began examining computer systems for vulnerabilities in order to fix them and improve security.<\/p>\n<p>The subculture took off in the 1990s with the rise of the internet. White-hat hackers were increasingly brought in to defend systems, find weak spots and conduct penetration tests.<\/p>\n<p>White hats have become integral to the blockchain industry, helping to combat cybercrime. Numerous professional training courses, bounty programmes and decentralised platforms such as Immunefi and Hacken channel talent in an ethical direction.<\/p>\n<\/div>\n<div class=\"wp-block-text-wrappers-cards single_card\">\n<h2 class=\"card_label\">What other hats do hackers wear?<\/h2>\n<p>Beyond \u201cwhite\u201d and \u201cblack\u201d, the community has put hackers in four more colours, depending on their intentions and methods:<\/p>\n<ul class=\"wp-block-list\">\n<li>\u201cgrey hats\u201d (gray hats). These hackers oscillate between white and black, switching sides with ease. They usually lack criminal intent, but may break into company products without permission. In some cases, they will not pass up the chance to sell data that comes into their possession;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>\u201cblue hats\u201d (blue hats). At Microsoft, this denotes good hackers\u2014an analogue of \u201cwhite hats\u201d. The tech giant\u2019s <a href=\"https:\/\/www.microsoft.com\/bluehat\/\">Microsoft BlueHat Conference<\/a> promotes having products attacked by hackers before release. A second meaning <a href=\"https:\/\/ccoe.dsci.in\/blog\/decoding-the-6-hat-hackers\">can be found<\/a> in public sources: hackers who break into resources for personal reasons, out of revenge;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>\u201cgreen hats\u201d (green hats) \u2014 novice hackers who still lack experience and skills. They may cause inadvertent damage and not know how to remedy the consequences of their activity;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>\u201cred hats\u201d (red hats) \u2014 hacker <span data-descr=\"Individuals or groups whose goal is to pursue those accused of real or imagined wrongdoing, who have not been punished\" class=\"old_tooltip\">vigilantes<\/span>, the main threat to \u201cblack hats\u201d after law enforcement. Their principal aim is to punish wrongdoers by any means.<\/li>\n<\/ul>\n<\/div>\n<div class=\"wp-block-text-wrappers-cards single_card\">\n<h2 class=\"card_label\">How do white hats operate in Web3?<\/h2>\n<p>White hats differ from black hats in that they obtain permission to hack from the system\u2019s owner. Ethical hackers work proactively, fixing problems before adversaries discover them. Core techniques and methods in <a href=\"https:\/\/forklog.com\/en\/news\/what-is-web3\">Web3<\/a> include:<\/p>\n<ul class=\"wp-block-list\">\n<li>auditing <a href=\"https:\/\/forklog.com\/en\/news\/what-is-a-smart-contract\">smart contracts<\/a>. Analysing code for overflow, unauthorised access or logical errors that could lead to loss of funds. Audits use both manual and automated tools such as Mythril, Securify and Slither;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>penetration testing. Finding weak entry points and simulating real attacks on the security mechanisms of blockchains, <span data-descr=\"Decentralised applications\" class=\"old_tooltip\">dapps<\/span> and smart contracts. This may include social engineering and phishing to compromise accounts, keys and wallets;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>researching vulnerabilities in <a href=\"https:\/\/forklog.com\/en\/news\/should-we-burn-the-bridges\">cross-chain bridges<\/a>. This popular attack vector requires particular attention: issues in transaction verification, vulnerabilities in consensus algorithms and cross-network operations are examined;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>bug-bounty programmes. Run by blockchain firms and audit platforms, these initiatives help protect potential victims and financially incentivise white hats;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>reverse engineering. Analysing smart contracts and dapps through reverse development. This can uncover vulnerabilities, especially when code is available only as bytecode.<\/li>\n<\/ul>\n<p>White-hat work typically follows four stages:<\/p>\n<ol class=\"wp-block-list\">\n<li>Pre-engagement. Discussing the scope and goals of testing with system owners.<\/li>\n<li>Gathering information about the system, network and potential vulnerabilities.<\/li>\n<li>Threat modelling related to dapps, smart contracts or infrastructure providers. Creating an account and attempting a trial breach.<\/li>\n<li>Exploitation. Verifying identified bugs to confirm risks. Compiling a report that lists all issues found, ways to fix them and recommendations for the business.<\/li>\n<\/ol>\n<\/div>\n<div class=\"wp-block-text-wrappers-cards single_card\">\n<h2 class=\"card_label\">How are white-hat hackers trained?<\/h2>\n<p>According to the <a href=\"https:\/\/hacken.io\/discover\/what-is-a-white-hat-hacker\/\">Hacken blog<\/a>, hacking is \u201cmore a way of life than a set of specialised skills\u201d:<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>\u201cMany enter this field after getting into computer games; some have a background in computer science, and others come from applied mathematics. Eventually they find a vulnerability, dig deeper, enjoy the process, and start looking for bugs again and again. Put simply, self-education makes a person a programmer, and curiosity makes a programmer a hacker.\u201d<\/em><\/p>\n<\/blockquote>\n<p>In traditional IT, white hats have been used for decades; training and upskilling processes are therefore well established.<\/p>\n<p>In the view of the popular platform for ethical hackers <a href=\"https:\/\/www.hackerone.com\/knowledge-center\/white-hat-hacker\">HackerOne<\/a>, you can become a certified cybersecurity professional in a few steps, including through its free <a href=\"https:\/\/www.hackerone.com\/for-hackers\/hacker-101\">Hacker101<\/a> courses.<\/p>\n<p>To gain practical experience, it recommends joining the community and taking part in competitions such as <span data-descr=\"Capture The Flag\" class=\"old_tooltip\">Capture The Flag<\/span> (CTF).<\/p>\n<p>For a successful career and easier client acquisition, it helps to validate your skills with recognised certifications:<\/p>\n<ul class=\"wp-block-list\">\n<li>Certified Ethical Hacker (CEH). Issued by EC-Council, it covers methodologies, tools and techniques of ethical hacking;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>Offensive Security Certified Professional (OSCP). A hands-on approach to penetration testing;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>CompTIA Security+. Covers foundational concepts and practices in cybersecurity.<\/li>\n<\/ul>\n<\/div>\n<div class=\"wp-block-text-wrappers-cards single_card\">\n<h2 class=\"card_label\">Is it legal?<\/h2>\n<p>Unauthorised hacks are the province of grey hats; even with good intentions, they may face legal consequences. White-hat work requires careful alignment with the law.<\/p>\n<p>Underdeveloped legislation in digital security and blockchain systems poses serious risks for them. There is no guarantee that an expert\u2019s help will not be turned against them.<\/p>\n<p>Main legal constraints white hats face include:<\/p>\n<ul class=\"wp-block-list\">\n<li>confidentiality. Handling personal data, intellectual property or trade secrets demands care and responsibility;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>compliance with laws and regulations. The obligation to follow applicable law, such as the Computer Fraud and Abuse Act (CFAA) in the United States or the General Data Protection Regulation (GDPR) in the EU;<\/li>\n<\/ul>\n<ul class=\"wp-block-list\">\n<li>non-disclosure agreements (<span data-descr=\"Non-Disclosure Agreement\" class=\"old_tooltip\">NDA<\/span>). Some clients may require signing such documents to protect a target organisation\u2019s confidential information and trade secrets. Breaching an NDA can lead to legal consequences.<\/li>\n<\/ul>\n<\/div>\n<div class=\"wp-block-text-wrappers-cards single_card\">\n<h2 class=\"card_label\">What is the Security Alliance (SEAL)?<\/h2>\n<p>On February 14, 2024, Paradigm\u2019s head of security\u2014and noted white hat\u2014samczsun <a href=\"https:\/\/x.com\/samczsun\/status\/1757784867163832397\">called on<\/a> the Web3 community to unite in defending the rights of \u201cethical hackers\u201d in their fight against crypto crime. That day, a <span data-descr=\"Non-profit organisation\" class=\"old_tooltip\">non-profit<\/span>\u2014the Security Alliance (SEAL)\u2014and the Whitehat Legal Defence Fund were formally registered.<\/p>\n<p>He said his motivation was to reduce legal risk for peers. He recalled the 2022 hack of the Nomad cross-chain protocol for more than $186m, when many white hats wanted to help but had to watch from the sidelines. Thanks to the efforts of individuals who would later form SEAL, it <a href=\"https:\/\/forklog.com\/en\/news\/nomad-protocol-hacker-transfers-14500-eth-to-tornado-cash\">managed to save<\/a> about $39m, and Nomad was relaunched.<\/p>\n<p>After the incident, samczsun proposed a round-the-clock \u201crescue service\u201d \u2014 SEAL 911. Anyone affected by a hack, or noticing suspicious activity, can reach out in a Telegram chat for free, real-time assistance. The service operates in line with applicable legal frameworks.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/Znimok-ekrana-43.webp\" alt=\"Znimok-ekrana-43\" class=\"wp-image-245005\"\/><figcaption class=\"wp-element-caption\">SEAL\u2019s product suite. Source: <a href=\"https:\/\/securityalliance.notion.site\/Introducing-the-First-Legal-Defense-Fund-to-Support-Crypto-Whitehats-e6792614a5b34c9f9f3f529caf975750\">SEAL<\/a>.<\/figcaption><\/figure>\n<p>SEAL also includes SEAL-ISAC \u2014 an analytical, information-sharing centre for crypto security \u2014 and the <span data-descr=\"A \u2018safe harbour\u2019 agreement for white-hat hackers\" class=\"old_tooltip\">Whitehat Safe Harbor Agreement<\/span>.<\/p>\n<p>The purpose of the Safe Harbour Agreement (<span data-descr=\"Safe Harbor Agreement\" class=\"old_tooltip\">SHA<\/span>) is to shield white hats from unfair prosecution and bring legal clarity to their actions. It is concluded between a protocol under attack and specialists who come to help, allowing them to intervene and redirect funds to a safe address (\u201charbour\u201d) for recovery.<\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"508\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/flowchart-1024x508.png\" alt=\"flowchart\" class=\"wp-image-245004\" srcset=\"https:\/\/forklog.com\/wp-content\/uploads\/flowchart-1024x508.png 1024w, https:\/\/forklog.com\/wp-content\/uploads\/flowchart-300x149.png 300w, https:\/\/forklog.com\/wp-content\/uploads\/flowchart-768x381.png 768w, https:\/\/forklog.com\/wp-content\/uploads\/flowchart-1536x762.png 1536w, https:\/\/forklog.com\/wp-content\/uploads\/flowchart-2048x1015.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">How the \u201csafe harbour\u201d framework for white hats works. Source: <a href=\"https:\/\/github.com\/security-alliance\/safe-harbor\/blob\/main\/assets\/flowchart.png\">SEAL<\/a>.<\/figcaption><\/figure>\n<\/div>\n<div class=\"wp-block-text-wrappers-cards single_card\">\n<h2 class=\"card_label\">What is Immunefi?<\/h2>\n<p>Immunefi is a Web3 cybersecurity platform. It was founded in December 2020 by Mitchell Amador and is one of the leading venues for bug bounties.<\/p>\n<p>Its main task is to create a safe environment in which white hats can responsibly disclose discovered vulnerabilities and receive rewards. The start-up works with Safe Harbor Agreements, similar to SEAL.<\/p>\n<p>The platform is valued for its generous rewards and <a href=\"https:\/\/forklog.com\/en\/news\/cryptocurrency-losses-reach-55-1-million-in-october-reports-immunefi\">systemic analytics<\/a>. Over its lifetime, more than $100m has been paid out to hackers.<\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"437\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/Znimok-ekrana-44-1024x437.png\" alt=\"Znimok-ekrana-44\" class=\"wp-image-245003\" srcset=\"https:\/\/forklog.com\/wp-content\/uploads\/Znimok-ekrana-44-1024x437.png 1024w, https:\/\/forklog.com\/wp-content\/uploads\/Znimok-ekrana-44-300x128.png 300w, https:\/\/forklog.com\/wp-content\/uploads\/Znimok-ekrana-44-768x328.png 768w, https:\/\/forklog.com\/wp-content\/uploads\/Znimok-ekrana-44-1536x655.png 1536w, https:\/\/forklog.com\/wp-content\/uploads\/Znimok-ekrana-44.png 1883w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">The all-time top three white hats. Source: <a href=\"https:\/\/immunefi.com\/leaderboard\/\">Immunefi<\/a>.<\/figcaption><\/figure>\n<p>In 2022, the team launched a white-hat rating system. Updated daily, it classifies hackers by the number and complexity of paid reports, as well as total earnings.<\/p>\n<p>Immunefi recognises outstanding ethical hackers with <a href=\"https:\/\/forklog.com\/en\/news\/what-are-nfts\">NFT<\/a> items from the Whitehat Hall of Fame collection. They are unique and issued as one-of-ones.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/Znimok-ekrana-45.webp\" alt=\"Znimok-ekrana-45\" class=\"wp-image-245002\"\/><figcaption class=\"wp-element-caption\">An NFT award given to the white hat Satya0x for rescuing the Wormhole project. Source: <a href=\"https:\/\/immunefi.com\/hall-of-fame\/\">Immunefi<\/a>.<\/figcaption><\/figure>\n<p>Immunefi also provides security consulting. Its specialists help projects build more resilient and secure systems.<\/p>\n<p>The organisation partners with major industry players to help projects minimise cyber-risk and bolster user trust in Web3. It frequently runs <span data-descr=\"A type of hackathon for hackers\" class=\"old_tooltip\">attackathons<\/span>.<\/p>\n<p>In September 2022, Immunefi closed a $24m Series A led by Framework Ventures, with participation from Electric Capital, Polygon Ventures, Samsung Next and others.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>What ethical hackers do\u2014and how to become one.<\/p>\n","protected":false},"author":1,"featured_media":38054,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"1","_short_excerpt_text":"","creation_source":"ai_translated","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[2113],"tags":[2115],"class_list":["post-38053","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptorium","tag-101-technical-foundations"],"aioseo_notices":[],"amp_enabled":true,"views":"259","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"0","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/38053","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=38053"}],"version-history":[{"count":2,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/38053\/revisions"}],"predecessor-version":[{"id":91858,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/38053\/revisions\/91858"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/38054"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=38053"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=38053"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=38053"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}