An advocacy platform
Who Protects
the Protectors?
The organizations securing the web3 ecosystem — responding to exploits, researching threats, building shared defensive tooling — are under sustained pressure. Understaffed, underfunded, and stretched thin. This is their reality, and a call to action.
The organizations we champion
View allUnderstanding
What is a Public Good?
In web3, public goods are the shared infrastructure that makes the ecosystem possible: the security researchers responding to exploits at 3am, the teams building shared defense tools, the organizations setting ethical standards for data and AI. Everyone relies on them. Few fund them.
Non-excludable
They protect everyone, not just paying customers. When a security team neutralizes an exploit, every user in the ecosystem benefits — whether they contributed or not.
Non-rivalrous
One person benefiting doesn't diminish the good for others. Shared defensive tooling, threat intelligence, and ethical data frameworks serve the entire ecosystem simultaneously.
Sustained by mission, not market
These organizations exist because someone decided the work was too important not to do — even when the economics don't work out. They run on conviction, not revenue.
The Problem
The Sustainability Reality
Technical excellence alone doesn't guarantee survival. Across the web3 security ecosystem, the organizations doing the most critical work face the same structural challenges in funding, staffing, and social coordination while operating below needed capacity.
The Moral Heroism Trap
People who care deeply about ecosystem security are willing to work for less, accept burnout, and sacrifice personal stability. The system exploits this dedication. Their commitment becomes a vulnerability — organizations can't retain talent when mission-driven workers hit their breaking point.
Incentive Misalignment
The protocols that benefit most from public goods have little direct incentive to fund them. If SEAL stops a $50M hack, the protected protocol rarely sends a check. The value captured is enormous; the value returned is minimal.
The Free-Rider Problem
When everyone benefits but no one is obligated to pay, most don't. Public defensive tooling protects billions in assets, but the teams maintaining it often can't cover operational costs. The more successful the public good, the more people benefit for free, and the harder it becomes to sustain.
Chronic Understaffing
Small teams monitoring the entire crypto ecosystem around the clock. Independent researchers tackling nation-state threat actors with a fraction of the resources. Public goods organizations are perpetually stretched thin — the scope of their mission grows while their resources stagnate or shrink.
Coordination
Social Coordination Is Security Infrastructure
Most incidents are not solved by code alone. They are resolved by people, trust, timing, and shared process across organizations. Coordination is not overhead. It is part of the defense surface.
01
Shared escalation channels
Security incidents cross org boundaries quickly. Teams need pre-agreed channels, not ad-hoc DMs.
02
Clear authority and trust
During crises, responders must know who can validate signals, approve actions, and communicate externally.
03
Standardized reporting and postmortems
Comparable evidence and postmortems allow faster triage now and better prevention later.
04
Recurring support for shared infrastructure
Coordination systems only remain reliable when funded and staffed as ongoing public infrastructure.
Our Research
State of Affairs
These findings draw from ongoing research into the sustainability of public goods organizations. The picture is clear: the current model is failing the people who protect us.
Matta & Dr. Kelsie Nabben
Between the Code: Why Technical Excellence Fails
An in-depth investigation into why even the most technically brilliant security organizations struggle to survive. Explores the moral heroism trap, incentive misalignment, and the sustainability pressures facing public goods in the blockchain space.
The Red Guild / 1TS Initiative
The state of off-chain security in Ethereum and a primer on how to improve it
A report from the 1TS Initiative gathering at Devconnect Argentina, examining the state of off-chain security in Ethereum and proposing concrete steps to improve the ecosystem's resilience beyond smart contracts.
samczsun
Higher bug bounties won't stop hacks
A critique of bounty-only thinking: larger payouts alone do not prevent hacks because bounty programs are reactive. The piece argues for proactive layers such as regular re-audits and stronger pre-incident security practice.
Key insight from the research
"The people most qualified to protect digital infrastructure are the same people most likely to burn out doing it. We have created a system that depends on moral heroism — and moral heroism does not scale."
From our analysis of the structural challenges facing security organizations in the blockchain ecosystem.
Explore
Distinct Security Functions
These categories are intentionally non-overlapping. Each one represents a different edge of ecosystem defense, from incident response to long-term governance.
Incident Response & High-Stakes Coordination
Emergency triage, war-room operations, and cross-org response coordination during active security incidents.
Adversary Research & Security Validation
Investigation and validation of attack paths, with public analysis that improves prevention across the ecosystem.
Security Education & Behavior Change
Programs that convert security knowledge into everyday defensive habits for teams, users, and communities.
Open Defensive Tooling
Reusable defensive systems that teams can adopt directly, whether fully open source or openly accessible.
Data Governance & AI Assurance
Standards and governance practices that keep data- and AI-driven systems secure, accountable, and rights-preserving.
Take Action
Shared security needs shared responsibility
Public-good security organizations cannot carry ecosystem risk alone. Support can be financial, operational, or social. The important part is sustained coordination and predictable commitment.
A
Fund Operations Recurringly
One-off grants help, but recurring support keeps war rooms, research, and coordination systems alive between incidents.
B
Sponsor Contributor Time
Give employees protected time to contribute to public goods of their choosing: OSS tooling, documentation, incident playbooks, training material, or threat research.
C
Lend Staff to Initiatives
Second a team member into a specific initiative or project on a defined cadence: a few hours each week or month with clear scope, outcomes, and ownership.
D
Adopt Shared Playbooks
Use common disclosure templates, escalation paths, and postmortem formats. Coordination quality improves when teams practice the same language before incidents occur.
Start by learning about the organizations that protect us all
Each profile below includes detailed information on what they do, how to fund operations, and specific ways to contribute time, process, and coordination capacity.