Kleidi Adopts SEAL Safe Harbor
Kleidi exists because of a simple observation: most crypto losses happen in the gap between a bad transaction being signed and that transaction settling. Timelocks close that gap for individual custody. But custody infrastructure doesn't exist in isolation. It interacts with smart contracts, bridges, and protocols that have their own attack surfaces.
When a protocol is actively being exploited, everyone can see it. The problem is whether whitehats can do something about it before all funds are stolen.
The Whitehat Problem
In August 2022, the Nomad Bridge was exploited for $190 million. The vulnerability was public, and once the first exploit transaction landed, anyone with basic Solidity knowledge could replicate it. Whitehats — security researchers who intervene to protect funds rather than steal them — recognized the situation and began front-running the attackers, rescuing what they could. They recovered over $37 million.
But the whitehats had to wait. They needed explicit permission from Nomad before acting, because the legal status of "rescuing" funds from a smart contract you don't own is, at best, ambiguous. Every hour spent coordinating permissions was an hour the attackers spent draining the bridge.
In July 2023, a vulnerability in Curve Finance pools was exploited across multiple transactions. A whitehat operating under the pseudonym c0ffeebabe.eth front-ran an attacker to recover $5.4 million in user funds. In April 2025, the same researcher intercepted $2.6 million during an exploit targeting Morpho's frontend application. In August 2024, a whitehat returned $12 million to the Ronin Bridge after identifying and exploiting a vulnerability before malicious actors could fully capitalize on it.
Every one of these rescues required a security researcher to make a split-second decision to intervene — without legal protection, without pre-authorization, and without knowing whether they'd be treated as a rescuer or a thief.
What Safe Harbor Actually Does
The SEAL Safe Harbor framework, developed by the Security Alliance, solves this by establishing legal protection for whitehats before an exploit occurs. A protocol that adopts Safe Harbor is making a public, legally structured declaration: if our contracts are being actively exploited, authorized security researchers may intervene to rescue funds, provided they return those funds through a designated process.
Safe Harbor operates through the SEAL Whitehat Agreement, a predefined legal framework, reviewed and crafted by top crypto counsel at a16z, Paradigm, Cooley, and others. It defines the scope of authorized action, the requirements for fund return, and the protections afforded to researchers who act within those boundaries. The protocol specifies a designated asset return address, typically a multisig, and establishes clear criteria for what constitutes a qualifying rescue.
As of early 2026, Safe Harbor protections cover an approximate $56 billion in TVL across more than 20 protocols, including Uniswap, Lido, and Aave.
Why This Matters for Custody
Kleidi's security model is built on prevention. Timelocks give you time to detect and cancel bad transactions before they settle. Audits by Code4rena and Recon verify the integrity of the contracts before deployment. An active bug bounty program through Immunefi incentivizes researchers to find and report vulnerabilities before they're exploited.
Prevention covers most scenarios. Not all of them.
Smart contracts interact with other smart contracts. DeFi positions depend on protocol-level security that no individual user controls. A timelock protects the path between your wallet and the chain. It doesn't protect the protocol on the other end of the transaction.
When a contract is being actively drained, the only defense is someone intervening faster than the attacker. By adopting Safe Harbor, Kleidi pre-authorizes that intervention. Whitehats don't need to call a lawyer or get ahold of someone at Kleidi. They don't need to wait for explicit permission. They already have it.
The Security Stack
Kleidi is a custody system. If something goes wrong, the consequence is someone losing their money. That's why we treat security as the product, not a feature of the product. Every layer exists because we asked "what if the previous layer fails?"
Every contract change goes through unit tests, integration tests, and code review before it reaches anyone outside the team.
Beyond that, Kleidi's contracts are fuzz tested — subjected to randomized, malformed, and adversarial inputs designed to break assumptions that structured tests don't challenge. If a function can fail under unexpected conditions, fuzzing surfaces it before an attacker does.
Critical invariants were formally verified — mathematically proven to hold across all possible execution paths. Not "we tested a lot of cases." We proved it for every case.
Independent auditors at Code4rena and Recon reviewed the contracts with the explicit goal of breaking them. External eyes, adversarial mindset, no shared assumptions with the team that wrote the code. These auditors found no high or critical issues during their reviews.
Kleidi's Immunefi bug bounty program keeps that external scrutiny running continuously. If a vulnerability survives testing, formal verification, and multiple audits, there's a standing financial incentive for anyone in the world to find and report it rather than exploit it.
Safe Harbor is the final layer. If a contract is being actively drained, if every previous layer fails, whitehats can intervene immediately, with legal protection, and return rescued funds through a defined process. No permission needed from the team, no lawyer signoff. They already have it.
We invested in every one of these layers because the alternative is hoping nothing goes wrong. We don't build custody infrastructure on hope.
The Principle
Kleidi was built on the premise that security requires giving people time — time to review, time to cancel, time to respond. Timelocks implement that principle at the transaction level.
Safe Harbor extends that to the ecosystem level — giving the security community a window to act between when an exploit begins and when the damage becomes irreversible, by removing the legal uncertainty that has historically forced whitehats to hesitate.
We take security seriously enough to plan for the scenarios where our own defenses aren't sufficient. Safe Harbor is part of that planning.
Details on Kleidi's security architecture, including our audit reports and bug bounty program, are available on our security page. If you have questions about how Safe Harbor applies to your holdings, contact us.