Hats.finance is a proactive bounty protocol for white hat hackers and auditors, where projects, community members, and stakeholders incentivize protocol security and responsible disclosure.
Hats create scalable vaults using the project’s own token. The value of the bounty increases with the success of the token and project. In addition, prolific NFT artists have pledged assistance and will create numerous unique NFTs that will be minted specially for hackers and auditors that will responsibly disclose vulnerabilities.
We offer to every participant in the ecosystem of Ethereum skin in the game, to ensure a more secure future for the users of #Ethereum.

Hats.finance mechanism

  • Smart contracts are continuously offering a bounty in the form of their value or the value that is locked by them. Extracting this value in a malicious manner causes more harm to the ecosystem than the size of the extracted value.
  • Incentivize continuous audit for smart contracts
  • Hack or exploits have an effect on the adoption of all smart contract projects and the ecosystem itself. Ecosystem adoption could be boosted if we could reduce this risk.
  • The future of the economy is being withheld by the forces who try to hack it. Hats.finance incentivizes both parties to collaborate towards the success of the ecosystem.

A thought experiment

An individual, let’s call him Mr. Hightopp, finds an exploit in a semi-popular Ethereum decentralized finance (DeFi) protocol.
Currently, the only way for Mr. Hightopp to get substantial monetary reward for his hard work is to exploit the protocol, risk money, and potentially gain a large amount of limited fungibility funds, let’s say $20m. If he succeeds, it will incur a devastating outcome to the project’s token value, investors, community, with additional millions lost as collateral for liquidity providers and other

The Hats Alternative

Hats proposes a different path for Mr. Hightopp. disclose the exploit, get fully fungible $5m plus potential upside from the protocol itself as it is now more secure. In addition, Mr. Hightopp will get notoriety within the community for detecting and disclosing the vulnerability, a unique NFT made by some of the top artists in the NFT space, and work offers on the basis of his reputation.
By incentivizing an open hacking market that scales with the success of projects and significantly reward successful hackers — we will turn black and gray hat hackers into white hat hackers.

How it works

New vault - New bug bounty program

  • Hats governance creates a bounty vault of project tokens, which can fill up to 1% of said token circulating supply, farming Hats in the process.
  • In the case of a detected exploit, the hacker will disclose the vulnerability to the Hats committee, with an on-chain hash proof of the disclosure.
  • The committee, composed of researchers, project core developers, and white hat hackers, will approve or deny the vulnerability and a subsequent release of funds to the hacker, according to the token allocation specified in the vault.
  • Each vault has its own committee, own token, appointed by the project community.
  • This is a simple method that allows for scalable, continuous, and assured reward to hackers in the case of exploit detection.