Welcome to the official repository of the Security Frameworks—a curated collection of structured, community-driven security best practices maintained by the Security Alliance (SEAL). This repository powers a comprehensive, evolving security reference resource designed for practitioners and organizations to adopt, adapt, and contribute to.
⚠️ This is a work in progress.
The Security Frameworks are continuously evolving as we add, refine, and review content.
Check out our Contributing Guide to learn how you can help shape this resource — whether by fixing typos, suggesting improvements, or contributing new sections.
The Security Frameworks are a modular taxonomy of security topics—ranging from operations and incident response to community management and general security awareness.
They serve as:
- A collection of best practices written in a general and technology-agnostic way, applicable across different contexts.
- A reference guide to help secure Web3 projects and build resilience against threats, from basic considerations to complex scenarios.
- A well-organized compilation of security insights, designed to centralize existing knowledge while also providing new, practical guidance where gaps exist.
- A living resource that evolves with community contributions and feedback.
Unlike typical blog posts or curated lists, this framework emphasizes fundamental security principles and practical applications rather than chasing the latest trends. It’s not meant to be read linearly, but rather used as a reference tool.
Security challenges in Web3 are expanding—many of them not limited to blockchain infrastructure itself, but affecting the broader ecosystem. While information is abundant, it is often fragmented, inconsistent, or hard to access.
We created this resource to:
- Centralize knowledge scattered across the internet into one accessible reference.
- Fill in the gaps by generating new content where existing resources fall short.
- Support practitioners with in-depth, actionable guidance instead of surface-level commentary.
- Promote resilience by focusing on principles that remain relevant across technologies, not just the “latest and greatest.”
This resource is open to everyone:
- Web3 teams seeking security best practices throughout their project lifecycle.
- Web2 professionals looking to understand blockchain security fundamentals.
- Community managers, policy writers, incident responders, and anyone shaping secure digital ecosystems.
Think of it as a one-stop shop for Web3 security: a high-level framework that combines structured knowledge with practical advice to help teams and individuals level up their security capabilities.
The Security Frameworks are published online in two versions:
- Main – Website following
mainbranch- Contains polished, reviewed, and production-ready content.
- Develop – Website following
developbranch- Contains work-in-progress material, drafts, and experimental updates.
Both versions are continuously updated, but only main reflects finalized, community-reviewed guidance.
The Security Framework is an open and collaborative initiative. Whether you are part of the Security Alliance or not, we welcome your contributions! Help us build the documentation and improve security in the ecosystem. If you'd like to join our effort, feel free to fix typos, contribute new sections, or propose enhancements.
Every contribution helps strengthen the resource and improve security practices across the ecosystem.
See our Contributing Guide for details on how to get started.