An advocacy platform

Who Protects the Protectors?

The organizations securing the web3 ecosystem — responding to exploits, researching threats, building open-source defenses — are under sustained pressure. Understaffed, underfunded, and stretched thin. This is their reality, and a call to action.

Understand the Reality

The organizations we champion

View all

Understanding

What is a Public Good?

In web3, public goods are the shared infrastructure that makes the ecosystem possible: the security researchers responding to exploits at 3am, the teams building open-source defense tools, the organizations setting ethical standards for data and AI. Everyone relies on them. Few fund them.

Non-excludable

They protect everyone, not just paying customers. When a security team neutralizes an exploit, every user in the ecosystem benefits — whether they contributed or not.

Non-rivalrous

One person benefiting doesn't diminish the good for others. Open-source security tools, threat intelligence, and ethical data frameworks serve the entire ecosystem simultaneously.

Sustained by mission, not market

These organizations exist because someone decided the work was too important not to do — even when the economics don't work out. They run on conviction, not revenue.

The Problem

The Sustainability Reality

Technical excellence alone doesn't guarantee survival. Across the web3 security ecosystem, the organizations doing the most critical work face the same structural challenges in funding, staffing, and social coordination while operating below needed capacity.

01

The Moral Heroism Trap

People who care deeply about ecosystem security are willing to work for less, accept burnout, and sacrifice personal stability. The system exploits this dedication. Their commitment becomes a vulnerability — organizations can't retain talent when mission-driven workers hit their breaking point.

02

Incentive Misalignment

The protocols that benefit most from public goods have little direct incentive to fund them. If SEAL stops a $50M hack, the protected protocol rarely sends a check. The value captured is enormous; the value returned is minimal.

03

The Free-Rider Problem

When everyone benefits but no one is obligated to pay, most don't. Open-source security tools protect billions in assets, but their creators often can't cover operational costs. The more successful the public good, the more people benefit for free, and the harder it becomes to sustain.

04

Chronic Understaffing

Small teams monitoring the entire crypto ecosystem around the clock. Independent researchers tackling nation-state threat actors with a fraction of the resources. Public goods organizations are perpetually stretched thin — the scope of their mission grows while their resources stagnate or shrink.

Coordination

Social Coordination Is Security Infrastructure

Most incidents are not solved by code alone. They are resolved by people, trust, timing, and shared process across organizations. Coordination is not overhead. It is part of the defense surface.

01

Shared escalation channels

Security incidents cross org boundaries quickly. Teams need pre-agreed channels, not ad-hoc DMs.

02

Clear authority and trust

During crises, responders must know who can validate signals, approve actions, and communicate externally.

03

Standardized reporting and postmortems

Comparable evidence and postmortems allow faster triage now and better prevention later.

04

Recurring support for shared infrastructure

Coordination systems only remain reliable when funded and staffed as ongoing public infrastructure.

View Whitehat Expectations

Our Research

State of Affairs

These findings draw from ongoing research into the sustainability of public goods organizations. The picture is clear: the current model is failing the people who protect us.

The Red Guild

Between the Code: Why Technical Excellence Fails

An in-depth investigation into why even the most technically brilliant security organizations struggle to survive. Explores the moral heroism trap, incentive misalignment, and the sustainability pressures facing public goods in the blockchain space.

Read the full article

The Red Guild / 1TS Initiative

The state of off-chain security in Ethereum and a primer on how to improve it

A report from the 1TS Initiative gathering at Devconnect Argentina, examining the state of off-chain security in Ethereum and proposing concrete steps to improve the ecosystem's resilience beyond smart contracts.

Read the full article

Key insight from the research

"The people most qualified to protect digital infrastructure are the same people most likely to burn out doing it. We have created a system that depends on moral heroism — and moral heroism does not scale."

From our analysis of the structural challenges facing security organizations in the blockchain ecosystem.

Recognition

Highlighted Champions

Curated champions from our internal database, with optional external correlation to enrich collaboration and activity flags.

Gray tags show prior collaborations. Colored tags show active duty.

External Member Directory

Snapshot synced on 2/18/2026

View featured champions

Explore

Distinct Security Functions

These categories are intentionally non-overlapping. Each one represents a different edge of ecosystem defense, from incident response to long-term governance.

01

Incident Response & High-Stakes Coordination

Emergency triage, war-room operations, and cross-org response coordination during active security incidents.

View work
02

Adversary Research & Security Validation

Investigation and validation of attack paths, with public analysis that improves prevention across the ecosystem.

View work
03

Security Education & Behavior Change

Programs that convert security knowledge into everyday defensive habits for teams, users, and communities.

View work
04

Open-Source Defensive Tooling

Reusable security systems that any team can adopt without negotiating private vendor access.

View work
05

Data Governance & AI Assurance

Standards and governance practices that keep data- and AI-driven systems secure, accountable, and rights-preserving.

View work

Take Action

Shared security needs shared responsibility

Public-good security organizations cannot carry ecosystem risk alone. Support can be financial, operational, or social. The important part is sustained coordination and predictable commitment.

A

Fund Operations Recurringly

One-off grants help, but recurring support keeps war rooms, research, and coordination systems alive between incidents.

B

Sponsor Contributor Time

Give employees protected time to contribute to public goods of their choosing: OSS tooling, documentation, incident playbooks, training material, or threat research.

C

Lend Staff to Initiatives

Second a team member into a specific initiative or project on a defined cadence: a few hours each week or month with clear scope, outcomes, and ownership.

D

Adopt Shared Playbooks

Use common disclosure templates, escalation paths, and postmortem formats. Coordination quality improves when teams practice the same language before incidents occur.

Start by learning about the organizations that protect us all

Each profile below includes detailed information on what they do, how to fund operations, and specific ways to contribute time, process, and coordination capacity.

Security AllianceThe Red GuildWorld Ethical Data Foundation