Decentralized insurance
We all believe that DeFi is the future of the global financial system. It will and is changing multiple areas, such as payments, trading, and banking. By making finance more accessible and transparent it will play the role of bank for the bankless. But DeFi is not without risks of course. If we look at Hacks section on Defillama, we observe the dismal picture — Total Value Hacked is almost $6.5b!
And note that this is only hacks, smart contract bugs which result in protocol hacks. We shouldn’t ignore stablecoin depegs, CEX defaults, rugpulls — these are some events due to which DeFi users lost huge amounts. Sure, smart contracts security improve, and audit firms verify protocols which increases reliability of the industry. Also, many protocols offer bug bounties. All of this help but we are still far from high level of security in the field. Risks are still rife in DeFi. If DeFi doesn’t solve its safety and security problems, mass adoption will remain only a dream.
This is why I think decentralized insurance, sometimes called DeFi cover market, is and will be one of the most important sectors in the decentralized financial system solving the fundamental challenges of DeFi. The risks covered by the protocols offering DeFi insurance include but not limited to:
- Bridge failures
- Protocol failures
- Stablecoin and yield token depegs
Unlike other sectors in DeFi, cover market is moderately concentrated. 90% of the industry’s underwriting capital is concentrated in 9 largest players, the biggest of which is Nexus Mutual.
Nexus Mutual
Nexus Mutual is the first and the largest decentralized insurance protocol. Built on Ethereum, it allows users to buy cover products insuring various types of risks. As of this writing, the protocol offers five crypto-native cover products:
- Protocol cover. The first thing that comes to mind when we speak of DeFi risks. The product covers loss events which can be the result of exploits, oracle price manipulation, and governance attacks.
- ETH staking cover. If you want to be protected against slashing events or missing rewards, you can purchase this cover product.
- Custody cover. Considering that most of us hold our funds in centralized exchanges and centralized lending / borrowing platforms, this is a very important product. It provides members with the protection against custodian hacks and halted custodian withdrawals where members cannot withdraw their funds for more than 90 days.
- Yield token cover. In DeFi this is a typical case that users deposit digital assets into protocols that integrated with other DeFi protocols. This cover product offers protection against the event in which yield-bearing token depeg from its face value by more than 10%. Nexus Mutual has two kinds of yield token cover products at the moment. One insures users against the loss of yield-bearing tokens backed by USD-pegged stablecoins. Another cover product provides protection for yield-bearing tokens backed by synthetic ETH tokens, such as sETH or stETH, Synthetix and Lido tokens respectively.
- Excess cover. This is similar to reinsurance in traditional finance. Reinsurance, which sometimes is referred to as “insurance for insurance companies”, is insurance where an insurer (called cedent) transfers some of its risk to a reinsurer. In a like manner, Nexus Mutual’s this product is intended for other crypto-native cover providers. When a DeFi insurer underwrite coverage for different risks, they bear financial risk which can result in claim payouts. To protect their underwriting capital, decentralized insurers and cover providers can buy Excess cover thus transferring some of their risks to Nexus Mutual. The protocol has offered this product to Sherlock, another large DeFi insurer.
Speaking of Sherlock, by the way. Sherlock is a DeFi cover protocol aiming to “to make DeFi safe for the masses.” That DeFi insurance is a risky business and hacks are still abundant can be seen from the charts below. The first chart shows protocol’s TVL (Total Value Locked) which fell from $30M in 2022 to $3M in 2023 April. The last decrease in TVL is related to Euler Finance hack in 2023 March. The second chart shows that the protocol paid $5.7M to the buyers of Euler Finance coverage. This put Sherlock at risk. The insurer which has only $3M TVL has underwritten $16.5M coverage. If Sherlock is unable to attract more insurance premiums, any hack may result in the protocol default.
What Sherlock got wrong was pricing risk. This is when an insurer misprices its risks: you charge too small amount for too big risks. Though premiums are charged with the assumption that DeFi exploits are rare, in the real world they are frequent — at least more frequent than insurance quant models suggest — and are more costly. The problem is that unlike other industries that traditional insurance market deals with, DeFi is new and to correctly price such innovative ideas, as stablecoin depeg, protocol exploits or economic design failures is fiendishly difficult.
