Category: Proposal Discussion
Authors: Skylock.xyz, aiham.eth (@aiham.eth), samczsun (@samczsun)
Disclaimer: I am submitting this proposal solely in my personal capacity
Introduction
This proposal outlines Silo DAO’s adoption of the SEAL (Security Alliance) Whitehat Safe Harbor Agreement (“Safe Harbor Agreement”). By adopting the Safe Harbor Agreement, Silo improves the security of its on-chain assets by allowing whitehats to intervene during active exploits to save protocol funds.
What is the Safe Harbor Agreement?
The Safe Harbor Agreement addresses a critical need in crypto: enabling whitehats to intervene during active exploits when traditional responsible disclosure procedures are not feasible.
Key aspects of the agreement include:
- Encouraging Whitehats to Protect the Protocol: By adopting Safe Harbor, Silo incentivizes whitehats to step in and protect the protocol during active exploits by limiting their legal exposure.
- Intervention Only During Active Exploits: Whitehats are authorized to act only when there is an immediate or ongoing exploit that threatens the protocol. This agreement applies only to critical situations where responsible disclosure procedures would not save funds due to the urgency of the exploit, and it is not intended for routine security testing or vulnerability reporting.
- Mandatory Return of Rescued Funds: Under the terms of the Safe Harbor, whitehats are required to return all rescued assets to a pre-designated recovery address controlled by the protocol within 72 hours of recovering them. This ensures that recovered funds are quickly secured, preventing delay or potential loss.
- Clear Guidelines and Legal Protection: The agreement establishes strict rules for how whitehats must operate during an exploit, ensuring recovery efforts are conducted professionally and safely, minimizing the risk of mistakes or further damage to the protocol. By adhering to these guidelines, whitehats can limit their potential legal exposure, allowing them to act in good faith without fear of liability.
- Incentivized Rescue Efforts: To motivate whitehats to act during critical situations, the agreement offers a bounty system similar to a bug bounty. Whitehats are rewarded with a percentage of the recovered assets, up to a predefined cap, for their successful interventions.
For more information, check out the Safe Harbor Agreement here.
Rationale
Silo is committed to enhancing its security and protecting user funds during critical moments. While security audits and other preventive measures are crucial, the unpredictable nature of exploits requires a swift, decisive response mechanism to minimize potential damage.
The Safe Harbor Agreement empowers whitehats to act immediately during an active exploit, providing a proactive and structured recovery process. By enabling whitehats to step in and recover assets during a crisis, Silo strengthens its defenses against emerging threats.
Benefits of adopting the Safe Harbor Agreement include:
- Agile Defense Against Exploits: Whitehats are authorized to intervene as soon as an active exploit is detected, enabling rapid response and minimizing the window for malicious actors to exploit vulnerabilities. Immediate action helps reduce damages and speeds up asset recovery during critical moments.
- Clarified Rescue Process: The agreement ensures that every step, from intervention to fund recovery, is predetermined and streamlined. Whitehats know exactly where to send recovered funds, preventing chaotic negotiations or rushed decisions during an exploit. This clarity ensures efficient, decisive action when it matters most.
- Clear Financial Boundaries: The Safe Harbor Agreement ensures whitehats are fairly incentivized while maintaining financial balance for the protocol, promoting a transparent and straightforward process during emergencies. By setting expectations upfront, it eliminates post-exploit negotiations, ensuring funds are returned promptly without attempts to change the reward amount, keeping the process fair and transparent.
- Aligning with Industry Best Practices: By adopting the Safe Harbor Agreement, Silo aligns itself with leading security practices across the industry, reinforcing its commitment to staying at the forefront of protocol security.
Adoption of the agreement complements audits by providing an additional layer of security, ensuring that the protocol is better prepared to respond to active threats.
Adoption Details
Silo DAO will adopt the agreement with the following parameters. For a full description of these adoption details, review the Safe Harbor for Protocols document.
- Asset Recovery Addresses: Addresses controlled by Silo DAO, which recovered funds will be returned to in the event of a hack
Chain | Address |
---|---|
Ethereum | 0xE8e8041cB5E3158A0829A19E014CA1cf91098554 |
Arbitrum | 0x865A1DA42d512d8854c7b0599c962F67F5A5A9d9 |
Base | 0x43Ce9b39f752E8E4b3B715725B65b3B386F2E864 |
Optimism | 0x468CD12aa9e9fe4301DB146B0f7037831B52382d |
- Scope: List of all on-chain assets protected under Safe Harbor
Chain(s) | Name | Address | Type (None, Existing Only, All) |
---|---|---|---|
Ethereum | SiloFactory | 0xB7d391192080674281bAAB8B3083154a5f64cd0a | All |
Ethereum | SiloFactory (Legacy) | 0x4D919CEcfD4793c0D47866C8d0a02a0950737589 | All |
Ethereum | Silo Llama Factory | 0x2c0fA05281730EFd3ef71172d8992500B36b56eA | All |
Ethereum | Silo Convex Factory | 0x6d4A256695586F61b77B09bc3D28333A91114d5a | All |
Arbitrum | SiloFactory | 0x4166487056A922D784b073d4d928a516B074b719 | All |
Base | SiloFactory | 0x408822E4E8682413666809b0655161093cd36f2b | All |
Optimism | SiloFactory | 0x6B14c4450a29Dd9562c20259eBFF67a577b540b9 | All |
- “All”: The Safe Harbor Agreement will cover both the subcontracts currently deployed under this contract and any future subcontracts deployed through it. This ensures that all present and future subcontracts are protected.
- Contact Details: Designated security contact for Silo DAO
- Name: Silo DAO’s contributors team
- Contact Information: info@silo.finance, Aiham_eth (TG), Aiham.eth (Discord)
- Bounty Terms: Predetermined rewards for successful whitehats that protect protocol funds
- Bounty Percentage: 10% of recovered funds.
- Bounty Cap (USD): $1,000,000
- Retainable: False
- This means that whitehats cannot retain their bounty directly from the recovered assets. Instead, all rescued funds must be returned to the protocol’s designated asset recovery address, and the bounty will be paid out separately after verification.
- Identity Verification: Named
- Whitehats must provide their full legal name. This requirement ensures compliance with legal obligations and is similar to the identity verification standards seen in traditional bug bounty programs.
- Diligence Requirements: KYC and OFAC Screening
- Silo requires all eligible whitehats to undergo Know Your Customer (KYC) verification and be screened against the Office of Foreign Assets Control (OFAC) sanctions lists. This process ensures that all bounty recipients are compliant with legal and regulatory standards before qualifying for payment.
Implementation Plan
-
Register Agreement On-Chain:
- The agreement will be registered on Ethereum in the Safe Harbor Registry at address 0x8f72fcf695523a6fc7dd97eafdd7a083c386b7b6, including all adoptionDetails. This ensures transparency and immutability.
-
Security Team Adoption:
- The Silo Security Team will complete the procedures outlined in “Exhibit C: Security Team Adoption Procedures” of the Safe Harbor Agreement. Upon completion, the signed adoption document will be uploaded to IPFS, ensuring public accessibility and transparency.
-
Update Terms of Service:
- The Silo front-end Terms of Service will be updated in accordance with “Exhibit D: User Adoption Procedures” of the Safe Harbor Agreement. These updates will reflect the protocol’s adoption of Safe Harbor, ensuring that users are informed and provide their consent accordingly.
-
Communicate Adoption:
- An official announcement will be made across all Silo communication channels, explaining the adoption and its significance to the community.
Conclusion
Adopting the SEAL Whitehat Safe Harbor Agreement equips Silo with a rapid response mechanism for active exploits, enabling whitehats to step in effectively when needed most. The agreement provides clear guidelines for action, increasing the protection of user funds and demonstrating Silo’s commitment to proactive security.
References
- SEAL Whitehat Safe Harbor Agreement: GitHub Repository
- SEAL Whitehat Safe Harbor Agreement Overview: Notion
- Silo Bug Bounty Program: Immunefi Bug Bounty Details
Please share your thoughts and feedback in the discussion below before the proposal moves to a formal vote.