It was early in the morning on March 9 when LP, who was still asleep, started getting calls on her Telegram. According to her, that is never a good sign. Still in her button-down pajamas with her bedroom shades drawn, she reached under the blanket and grabbed her laptop, and put in her contact lenses. It was time to try to save someone else’s cryptocurrency—by hacking them first.
LP, who prefers not to use her real name to protect her privacy, is an engineer with a PhD who used to work at a Silicon Valley law firm and the founder of the cybersecurity companies RugDoc and Paladin Blockchain Security. She wants everyone to know that crypto is “more than basement dwelling white men," she told Motherboard.
. . .
“White-hat hacking, while noble, in crypto is nonetheless fraught with risk in the absence of the affirmative consent of the target,” Preston Byrne, a lawyer who specializes in issues surrounding crypto, told Motherboard in an email. “Disclosing a vulnerability is one thing; assuming the rights of an owner over third party funds, regardless of the reason, is quite another, and if the target is displeased with the hack for whatever reason this could expose the hacker to civil and criminal liability.”
. . .
“The issue with a white/gray hat hacker is that where one target would (quite rightly) be grateful to be notified about a vulnerability, another target might blow their stack and call the police instead,” Preston said. “The best approach when a white hat identifies a vulnerability in a smart contract system is to privately notify the devs and leave it at that. You’re not Superman and saving the world is not your problem.”
To read the full article, please click here.