by Jascha Samadi, Sep. 01
We are excited to share that we recently led Hats’ $3.5m seed funding round with participation of Lemniscap, Spartan Capital, Accomplice, Collider Ventures, IOSG Ventures and others.
Hats is a decentralized cybersecurity network, which is governed by its community stakeholders (hackers, projects, token holders) and aims to incentivize protocol security by providing prize pools (similar to bug bounties) and enable black hat hackers to be turned into white hat hackers.
One of the key aspects of Ethereum and DeFi is the way in which it is being built, based on a high degree of open-source experimentation, permissionless collaboration and composability of code. The result of this new paradigm is an unprecedented rate of innovation allowing projects to move fast, experiment, and build on each other’s tech to create a more open financial system.
This approach comes with its own challenges and risks though, as the industry has seen with a series of hacks and smart contract exploits. In traditional finance, most risk is connected to having to trust people with your assets. While many say DeFi eliminates trust, it actually shifts trust from individuals, institutions and surrounding legal systems to code. At the same time it is hardly possible to code at 100% accuracy, even if taking audits into account — while DeFi kept growing in particular over the past 1.5 years, so did the extent to which the industry was affected by hacks and exploits, leaving behind many users with significant loss of funds.
This year alone, over $1bn in user funds has been subject to hacks and exploits in Ethereum smart contracts with more than $600m. (temporarily) lost alone in the Poly Network attack, the biggest of its kind so far. The direct result of these exploits, beyond significant loss of funds to users, is the immediate drop in TVL and token price, averaging at -39% and -31% respectively. Currently the biggest measure against such exploits are security audits, and yet almost all of the affected protocols have had at least one audit in the past.
That being said, white hat hackers can play a crucial role in all of this as they can expose vulnerabilities and create a more resilient ecosystem but with little to no incentive today to become a “white hat hacker” an exponentially growing hacker community has become a problem for DeFi applications.
Open and incentivized bounty vaults
Hats intends to incentivize an open & transparent hacking market by creating a scalable model for responsible disclosure with financial and social incentives. The Hats DAO creates bounty vaults with project tokens, which can fill up to a certain percentage of the token’s circulating supply (by allocations from the project’s treasury as well as from users and token holders), farming Hats tokens in the process.