Overview of DeFi Insurance Track and Representative Protocols

Original author: Catarina Urgueira

Translation: LlamaC

 (Portfolio: FORM 2016, about Tomo: illustrator for the Ethereum Foundation)

DeFi has experienced multiple security incidents involving losses of billions of dollars, leading people to gradually lose confidence in its core value proposition. However, insurance solutions to mitigate DeFi risks are crucial to ensuring that DeFi can be widely adopted.

This insurance series covers the following protocols:

Nexus Mutual, Unslashed, InsurAce, Risk Harbor, Ease.org, Sherlock, Tidal Finance, InsureDAO, Neptune Mutual, Bridge Mutual, Cozy Finance, Bright Union and Solace

Overview of the Insurance Market

Although DEX and lending account for most of DeFi’s locked value, insurance accounts for less than 1% of the total value. However, as TVL grows, the potential crisis of smart contract vulnerabilities or other attack vectors increases accordingly. Insurance solutions act as a safety net in a manner similar to that of traditional finance markets, and flourishing solutions will encourage investors, individual users, and institutions to participate in on-chain markets with confidence.

The industry pioneer Nexus Mutual has been dominating the insurance market since its launch, accounting for over 78% of TVL, but only 0.15% of the overall DeFi TVL. The rest of the insurance market is decentralized, with the next three protocols after Nexus accounting for around 14% of TVL.

Although the global traditional insurance market is very large and is expected to see significant growth in the coming years, the DeFi insurance industry has become a small but very promising branch of the blockchain industry. As the DeFi insurance industry matures and upgrades, we can expect more innovation, with new protocols emerging and existing protocols continuously improving their products to meet the needs of DeFi users.

How Does DeFi Insurance Work?

DeFi insurance does not involve obtaining insurance from centralized institutions, but rather allows individuals and businesses to insure their capital against risks through decentralized liquidity pools. In exchange, insurance providers earn interest from the locked capital generated by the percentage of the premium paid, thus establishing a link between the premium and the risk of the protocol.

Cover providers invest their funds into a pool of capital that offers higher returns than the protocol risk. This means individuals trade event outcomes based on their estimates of the probability of potential risks occurring. If an agreement insured by an insurance company experiences a negative event, such as a hack, the funds in the pool that covers that agreement compensate the insured users who purchased insurance against that specific event.

Concentrating resources among multiple participants and diversifying risk is an effective strategy for dealing with exceptional or extreme events that have significant financial impact. A common pool of funds can cover many multiples of risk with less capital, providing a collective mechanism to address large-scale issues.

Parametric insurance’s popularity in DeFi stems from its automated and transparent mechanisms. Smart contracts with preset parameters and real-time data from oracles can automate claims settlement based on those parameters. This automation speeds up the claims process, improves efficiency, and reduces the possibility of human bias or error.

The ability for anyone to participate, on-chain operational transparency, and decentralization are often emphasized as the main advantages of decentralized insurance systems. As DeFi continues to grow, the need for solutions that protect user funds becomes increasingly important.

DeFi Insurance Evolution

The concept of decentralized insurance dates back to the early days of blockchain technology. The first decentralized insurance platform, Etherisc, was launched on Ethereum in 2017 and offered a peer-to-peer insurance marketplace where users could buy and sell general policies such as flight delay and hurricane loss, without traditional insurance companies.

The turning point for DeFi insurance came in 2019 with the launch of Nexus Mutual, the first insurance protocol built specifically for the DeFi ecosystem. It operates under a fully delegated structure, meaning the board of directors (all Nexus Mutual members who have passed KYC verification) can decide on all claims payouts. The recently released V2 of Nexus Mutual facilitates the creation of on-chain risk markets, allowing other companies to establish and share both crypto-native and real-world risks such as liability, catastrophes, property, and network insurance. Protocols built on top of this version can offer their services without requiring users to complete KYC requirements, increasing accessibility to platform risk management solutions.

After Nexus Mutual, many protocols were launched to address the challenges still present in the field.

In November 2020, InsurAce was launched, offering zero-premium pricing (ultra-low premiums), no KYC requirement, and a multi-chain solution based on portfolios.

Unslashed was launched in January 2021, offering insurance for various risks and allowing anyone to become a capital provider, earning returns from premiums, financial interest, and the USF capital mining program, increasing the available capital for insurance.

Bridge Mutual, launched in the same month, offers permissionless insurance pool creation, portfolio-based insurance coverage, and the ability to use stablecoins to underwrite policies in exchange for attractive returns. In December 2021, it released V2 with capital efficiency improvements, allowing users to underwrite insurance for multiple projects at once with leveraged portfolios, and the Shield Mining feature that allows projects and individuals to contribute X tokens to the Project X Coverage Pool to increase the pool’s APY and attract more liquidity. It also introduced the Capital Pool, which is Bridge Mutual’s investment arm that invests unused capital into third-party Defi protocols, creating income for the treasury and token holders.

Armor was launched in late January 2021, using the Nexus Mutual model without KYC requirements, but later introduced the Uninsurance model and was renamed Ease.org in May 2022. In RCA (Reciprocal Coverage Assets), covered assets are underwritten simultaneously with assets from other ecosystems, allowing capital deployed from DeFi yield strategies to collect underwriting capital. If a hack occurs, Ease will liquidate a certain percentage of funds from all treasuries to compensate investors. Ease’s value proposition is based on the assumption that, on average, losses from hacks are far lower than the premiums paid.

Tidal Finance was launched on Polygon in July 2021, with a flexible weekly subscription system. Since March 2023, the new upgraded version V2 has been on the testnet, allowing users to effectively set up their own custom insurance pools and policies.

Risk Harbor was launched in May 2021 as the first decentralized parametric insurance protocol, offering protection against smart contract risks, hacks, and attacks. It provides automated, algorithmic, transparent, and fair claim assessment by comparing the redeemability of credit tokens with the issuing protocol. For example, in the case of coverage protection for the UST depeg event, when the UST price on Chainlink falls below $0.95, Risk Harbor will compensate, allowing holders to automatically swap their bundled aUST for USDC. Risk Harbor is developing two upcoming versions, V2.5 and V3, with V2.5 serving as a stepping stone to V3. Improvements in V2.5 include ERC20 holdings instead of ERC721, automatic ERC20 staking and buyback protection, while V3 includes cross-chain recharge and purchase, allowing for an insurance library containing all EVM and other EVM farms and creating an unrelated risk insurance library. However, it should be noted that Risk Harbor mainly focuses on the Terra ecosystem, having concentrated most of its TVL on the ecosystem since the end of 2021. The team’s goal is to expand and shift focus to the Cosmos and Ethereum ecosystems.

In September 2021, Bright Union launched as a DeFi insurance aggregator, while Sherlock launched in the same month with a unique auditing approach. Sherlock established an auditing company composed of blockchain security engineers to review smart contracts, which were then included as part of the auditing process to prevent hacker attacks. This idea of directly providing code auditing and coverage to protocols eliminates the need for users to manage their own coverage. As a result, insurance protocols also began to emulate this and started launching their own Audit Cover products in partnership with external auditing firms to provide similar services, which offer protection for the protocols audited by their partners against smart contract risks.

Solace launched in October 2021, with a focus on usability and providing portfolio coverage that dynamically adjusts risk rates with position changes to prevent overpayment and complex policy management. It obtains its own underwriting capital based on the liquidity model owned by the protocol and eliminates underwriting risk for token holders. Solace places the assets of its bond program into an underwriting pool to sell policies and uses that pool to pay out claims. However, the Solace team has temporarily ceased operations to develop a new version of the protocol. They identified two flaws in the insurance model, which they believed went against the essence of DeFi: the need for manual input during the claims process and the need for probabilistic underwriting to generate returns. Their goal is to address these issues in the new version.

InsureDAO launched in February 2022 as an open protocol for anyone to use, similar to Bridge Mutual. The team is currently working to modify the protocol to change the model to better fit the current market.

Neptune Mutual launched in November 2022, with a goal of providing secure payouts to users. In Neptune, rules are not defined on the smart contract, which hinders the automation of the claims process and relies on reporters, which requires a trust-based assumption. However, this limitation provides an advantage for Neptune as it allows them to offer insurance that is not dependent on on-chain data, such as custody insurance.

Cozy Finance provides parameter insurance and recently suspended all V1 markets to launch V2, which is based on the idea of restrictively designed other protocols in terms of pricing, payout, and risk management. This new version allows anyone to create a new market with automated payments and programmatic pricing.

Decentralized insurance, as a transparent and decentralized way, has made great progress as a promising solution to mitigate risk. Nexus Mutual, as a pioneer in this field, is still leading in terms of TVL. However, as competition in this industry becomes increasingly fierce, market leaders will be those who can provide a scalable underwriting protocol that does not require dispersed liquidity, transparent and decentralized risk assessment, accurate pricing, and continuous payment of valid claims.

Underwriting Capital

With more underwriting capital, protocols may offer broader coverage, making them more attractive to users. However, the source of underwriting capital may affect the long-term sustainability and effectiveness of the protocol. For example, many protocols are diversifying their pools of capital across multiple chains, which disperses liquidity and may affect their potential to scale capital efficiency.

The table below compares several insurance protocols based on their sources of underwriting capital.

Coverage Categories

In this section, we will explore the various types of insurance offered by different insurance companies.

Protocol Cover

Protocol cover protects customers from economic losses that may occur when using DeFi protocols. Different providers offer different levels of coverage, aimed at mitigating certain risks inherent in the protocol. Threats include smart contract exploit/errors, Oracle failures or manipulation, economic design flaws, and governance attacks. It is important to note that Protocol Cover typically does not protect against front-end, Discord or Twitter attacks, and rug pulls, among other risks.

Custody Cover

Custody protection measures prevent financial losses that may occur when digital assets are stored in third-party custodial accounts (such as centralized exchanges). Its primary purpose is to provide protection in two main scenarios. The first scenario occurs when the custodian suspends withdrawals for an extended period of time, preventing consumers from using their funds. The second scenario occurs when the custodian’s assets are stolen.

Depeg Cover

Depeg cover can prevent depegging events, which occur when an asset loses its peg to the target currency. This form of insurance is widely used to protect stablecoins and other pegged assets, such as stETH. Consider a user who holds a stablecoin that is intended to maintain a 1:1 peg with the US dollar. If the stablecoin’s value drops significantly and the user is unable to redeem it for the expected amount of dollars, they will suffer a financial loss. Depeg insurance can help mitigate this loss by compensating the user for some or all of the losses incurred due to a depegging event.

Specific conditions must be met before a claim can be submitted, and these criteria vary by provider. These typically include elements such as the percentage drop in price and duration. When establishing depeg coverage claims, the time-weighted average price (TWAP) of the asset over a given time period is often used to determine the occurrence of a depeg event. TWAP calculates the average price of an asset over a specific time window while taking into account the asset’s trading volume during that window to assess whether a decoupling event has occurred.

Many protocols, including InsurAce, Unslashed, and Risk Harbor, offered UST depeg policies during their active periods. According to their UST De-Peg Cover Wording, InsurAce was officially activated on May 13, 2022, when UST’s 10-day TWAP fell below $0.88. Notably, they successfully paid out $11.5 million in claims. Unslashed allowed claims when the 14-day TWAP for UST fell below $0.87, and they paid out over 1000 ETH in batches. Risk Harbor, as a parametric insurance solution, facilitated reimbursements when the UST price on Chainlink fell below $0.95, allowing holders to immediately swap their bundled aUST for USDC.

Yield Token Cover

Yield Token Cover can prevent financial losses caused by the difference between the monetary value of LP tokens generating yield and their actual value. To be eligible for a claim, the depeg percentage (such as the Depeg Coverage Ratio) must exceed a specified threshold of the token’s value.

Audit Cover

Audit cover is a protection that protocols can directly obtain to reduce the risk of vulnerabilities during the audit period. It adds an extra layer of security shortly after an audit.

Sherlock pioneered the concept and provided up to $5 million in insurance for smart contract vulnerabilities after an audit. As long as there are no further changes to the codebase, this coverage can be activated at any time after the audit is completed. On the other hand, InsurAce has partnered with an auditing firm to offer a similar product with a three-month coverage period.

Slashing Cover

Slashing cover provides financial protection for professional validators participating in Proof of Stake (PoS) chains who may face losses due to slashing events. Slashing events occur when validators violate the consensus mechanism’s rules, resulting in penalties where a portion of their staked assets are slashed or reduced.

In 2022, Blockdaemon, a prominent provider of blockchain infrastructure services for node management and staking, partnered with renowned insurance broker and risk advisor Marsh to launch an insurance policy to protect their clients from significant slashing events. The program attempts to provide additional security for validators in the event of significant slashing penalties. That same year, decentralized insurance provider Nexus Mutual developed a decentralized solution to protect validators on the beacon chain, providing additional options for validators seeking slashing insurance.

Bridge Cover

Bridges make fund transfers between different networks possible, but they also bring risks such as smart contract vulnerabilities, hacking attacks, and implementation or design flaws. These risks can lead to inaccurate fund transfers or slippage calculations.

Some centralized bridges are vulnerable to bad actors who can manipulate the pool of liquid funds. Regardless of whether funds are stored centrally or in a decentralized fashion, storage points can become targets for bad actors. In 2022, hackers stole over $1.8 billion from bridges. Bridge cover was created to mitigate these risks by protecting consumers from economic losses when transferring funds across bridges.

InsurAce introduced this concept through a new product in partnership with LI.FI Bridge Aggregator, with a cumulative coverage amount of over $1 million. Risk Harbor also partnered with Socket to develop a bridge protection system that is still in beta testing.

Excess Cover

Insurance providers can retain their underwriting capital by transferring some of the risk exposure to other insurance providers. This lowers the overall risk for the supplier and allows them to continue providing coverage for a variety of risks without facing excessive risk.

Nexus Mutual is one of the insurance companies that provides excess insurance. It offers insurance for Sherlock’s audit protocol and protects 25% of the basic insurance provided by Sherlock.

Insurance Protocol Coverage Comparison

As the decentralized insurance industry develops, various insurance protocols continue to emerge, providing different types of insurance products. We have prepared a detailed comparison table of the different coverage types offered by existing insurance protocols to help readers understand the available coverage scope.

Thoughts

As DeFi continues to grow, it becomes more susceptible to security attacks. In order to protect users from such risks, viable insurance protocols are needed. However, the DeFi insurance industry faces many challenges in providing a diverse range of coverage and accumulating sufficient underwriting capital. Protocols that split the capital pool across multiple chains will dilute liquidity and be subject to their ability to achieve economies of scale, and proper risk management remains an area for improvement.

Under the current conditions, the availability of underwriting capital in the insurance pool limits the coverage scope. The protocol has been exploring strategies to generate additional returns and attract more liquidity providers to expand coverage, such as depositing a certain percentage of the pool’s returns into platforms such as AAVE or Compound. However, these methods introduce additional risks, including third-party smart contract vulnerabilities and market fluctuations, forcing a trade-off between yield generation and risk management.

To address these challenges, established companies are prioritizing protocol upgrades to improve capital efficiency, coverage capacity, and user experience. Custom insurance and markets are being developed to meet specific insurance needs of DeFi users.

Parameter coverage provides a viable solution for some risks, but it may not be suitable for all coverage types. Depending on oracles for data introduces the system to oracle failures or compromises, and restrictions arise when interest-bearing tokens become non-transferable due to protocol upgrades. Implementing coverage rules via smart contracts presents challenges as it requires storing all relevant information on-chain and limiting the risk scope that can be adequately covered, but it also provides the ability for automated claims assessment.

Furthermore, reinsurance, as an important component of traditional insurance, is still missing in the DeFi insurance market. The practice of transferring a portion of an insurance company’s risk portfolio to a third party to reduce the likelihood of having to pay significant obligations due to insurance claims is called reinsurance. By transferring risk to third-party professional investors, the reinsurance approach can increase underwriting capacity, capital efficiency, and flexibility. Exploring reinsurance can help mitigate the financial impact of catastrophic events like UST depeg.

In the next article, we will take a deeper look at DeFi insurance pricing models and explore the different approaches adopted by protocols.

Like what you're reading? Subscribe to our top stories.

We will continue to update Gambling Chain; if you have any questions or suggestions, please contact us!

Follow us on Twitter, Facebook, YouTube, and TikTok.

Share:

Was this article helpful?

93 out of 132 found this helpful

Gambling Chain Logo
Industry
Digital Asset Investment
Location
Real world, Metaverse and Network.
Goals
Build Daos that bring Decentralized finance to more and more persons Who love Web3.
Type
Website and other Media Daos

Products used

GC Wallet

Send targeted currencies to the right people at the right time.