Decentralized insurance
We all believe that DeFi is the future of the global financial system. It will and is changing multiple areas, such as payments, trading, and banking. By making finance more accessible and transparent it will play the role of bank for the bankless. But DeFi is not without risks of course. If we look at Hacks section on Defillama, we observe the dismal picture — Total Value Hacked is almost $6.5b!
And note that this is only hacks, smart contract bugs which result in protocol hacks. We shouldn’t ignore stablecoin depegs, CEX defaults, rugpulls — these are some events due to which DeFi users lost huge amounts. Sure, smart contracts security improve, and audit firms verify protocols which increases reliability of the industry. Also, many protocols offer bug bounties. All of this help but we are still far from high level of security in the field. Risks are still rife in DeFi. If DeFi doesn’t solve its safety and security problems, mass adoption will remain only a dream.
This is why I think decentralized insurance, sometimes called DeFi cover market, is and will be one of the most important sectors in the decentralized financial system solving the fundamental challenges of DeFi. The risks covered by the protocols offering DeFi insurance include but not limited to:
- Bridge failures
- Protocol failures
- Stablecoin and yield token depegs
Unlike other sectors in DeFi, cover market is moderately concentrated. 90% of the industry’s underwriting capital is concentrated in 9 largest players, the biggest of which is Nexus Mutual.
Nexus Mutual
Nexus Mutual is the first and the largest decentralized insurance protocol. Built on Ethereum, it allows users to buy cover products insuring various types of risks. As of this writing, the protocol offers five crypto-native cover products:
- Protocol cover. The first thing that comes to mind when we speak of DeFi risks. The product covers loss events which can be the result of exploits, oracle price manipulation, and governance attacks.
- ETH staking cover. If you want to be protected against slashing events or missing rewards, you can purchase this cover product.
- Custody cover. Considering that most of us hold our funds in centralized exchanges and centralized lending / borrowing platforms, this is a very important product. It provides members with the protection against custodian hacks and halted custodian withdrawals where members cannot withdraw their funds for more than 90 days.
- Yield token cover. In DeFi this is a typical case that users deposit digital assets into protocols that integrated with other DeFi protocols. This cover product offers protection against the event in which yield-bearing token depeg from its face value by more than 10%. Nexus Mutual has two kinds of yield token cover products at the moment. One insures users against the loss of yield-bearing tokens backed by USD-pegged stablecoins. Another cover product provides protection for yield-bearing tokens backed by synthetic ETH tokens, such as sETH or stETH, Synthetix and Lido tokens respectively.
- Excess cover. This is similar to reinsurance in traditional finance. Reinsurance, which sometimes is referred to as “insurance for insurance companies”, is insurance where an insurer (called cedent) transfers some of its risk to a reinsurer. In a like manner, Nexus Mutual’s this product is intended for other crypto-native cover providers. When a DeFi insurer underwrite coverage for different risks, they bear financial risk which can result in claim payouts. To protect their underwriting capital, decentralized insurers and cover providers can buy Excess cover thus transferring some of their risks to Nexus Mutual. The protocol has offered this product to Sherlock, another large DeFi insurer.
Speaking of Sherlock, by the way. Sherlock is a DeFi cover protocol aiming to “to make DeFi safe for the masses.” That DeFi insurance is a risky business and hacks are still abundant can be seen from the charts below. The first chart shows protocol’s TVL (Total Value Locked) which fell from $30M in 2022 to $3M in 2023 April. The last decrease in TVL is related to Euler Finance hack in 2023 March. The second chart shows that the protocol paid $5.7M to the buyers of Euler Finance coverage. This put Sherlock at risk. The insurer which has only $3M TVL has underwritten $16.5M coverage. If Sherlock is unable to attract more insurance premiums, any hack may result in the protocol default.
What Sherlock got wrong was pricing risk. This is when an insurer misprices its risks: you charge too small amount for too big risks. Though premiums are charged with the assumption that DeFi exploits are rare, in the real world they are frequent — at least more frequent than insurance quant models suggest — and are more costly. The problem is that unlike other industries that traditional insurance market deals with, DeFi is new and to correctly price such innovative ideas, as stablecoin depeg, protocol exploits or economic design failures is fiendishly difficult.
Insurance is a capital-intensive business. An insurer should be able to meet contingency claims from its customers. As many exploits, most recently the Euler Finance case, taught us that sometimes claim payout could far exceed insurance premiums. That’s the problem Ensuro aims to solve. Ensuro is a decentralized capital provider for Insurtech companies.
It works as follows. Liquidity providers (LP) deposit capital in stablecoins (USDC) into pools called eTokens. The capital is used to provide underwriting capital for insurers called Risk Partners. To generate interest for LP on the capital, it is reinvested into blue-chip DeFi protocols, such as Aave or Compound. When a Risk Partner decides to sell an insurance policy, it transfers premiums to Ensuro which allocates solvency capital for that policy. Once the premium is received, smart contract checks the availability of sufficient capital in the liquidity pool. If there are enough funds, capital is allocated to that policy and locked until the end of the policy.
To guarantee that Ensure will be able to cover losses that is inevitable in insurance business the Quant team develops a model with 99.5% confidence level. (This means that in 99.5% cases loss will never exceed this level. For those understanding risk management, it is same thing as Value-at-Risk or VaR, the most popular risk measure in financial risk management). The calculation produces the collateralization ratio, which multiplied by the maximum payout for the policy gives solvency capital for that policy.
Though not directly an insurance protocol, Y2K Finance offers products developed for exotic peg derivatives. Users can purchase these products for hedging their stablecoin positions or betting on a depeg event of a stablecoin. At the time of this writing, the protocol has two products: Earthquake and Wildfire.
Earthquake is similar to what is known in traditional finance as catastrophe bonds. These securities allow insurance companies to transfer part of the risks they would bear if a particular catastrophe occurred to investors. An insurer issues a catastrophe bond which is then sold to investors. Investors will receive coupon payments if no catastrophe occurs until the maturity date of the bond. If the specified catastrophe does occur, the principal amount will be forgiven and will be used by the insurance company to meet obligations of claimholders.
In Earthquake, there are two kinds of vaults — Risk vaults and Hedge vaults. Those who bets on the stablecoin depeg event — those purchasing catastrophe bonds in the example above — deposit funds in Hedge vaults. Users who don’t believe that the depeg will realize, (i.e., that stablecoins will not deviate from their market value and) are ready to underwrite depeg insurance deposit funds into Risk vaults. For playing the role of an insurer, Risk vaults depositors will receive premiums irrespective of whether the depeg occurs or not. But if the depeg event does occur during the epoch, Hedge vaults depositors will receive the principal of Risk vaults.
The graphics below taken from the protocol documentation clarifies the mechanics described above.
Wildfire is a secondary market for Earthquake depositors. Earthquake vaults have Weekly and Monthly epochs. This means that depositors’ funds will be locked during a week or a month depending on the epoch. Wildfire creates a market for depositors where they can trade their ERC-1155 tokens they received for their deposits. If a user’s position is profitable, she can sell part of her tokens which without Wildfire would be illiquid. This is also true for those who seek to get exposure to Earthquake after the deposit period ends.
