Covering Defi Cover

The case for decentralised insurance

I guess insurance is something that’s always on the backburner — you don’t think about it.

And especially in crypto, where most of us are gun-slinging cowboys.

Have you ever heard of cowboys purchasing insurance against gun injuries? NO! We are bad-asses who need no cover!

Up till the day your wallet is mysteriously “emptied”…..

Source: Giphy

So why does insurance even exist?

It encourages risk-taking behaviour by transferring risk. Imagine a world without insurance — I am responsible for my own terminal illnesses and hurricanes!

In this world — I’ll never go out and I’ll live in a hole.

Insurance exists as a risk management tool to enable growth.

And they do this by pooling capital from many people.

Why do we need Defi insurance?

Firstly, the stats are pretty scary. We lost more than US$1.3b in Defi hacks in 2021.

Also, as alluded to above, Defi participants are mostly crypto-natives who in my opinion, largely have an above-average risk appetite.

In other words, Defi is a cowboy’s playground — which is a very niche audience. For it to scale by attracting both retail and institutional participants, risk management tools have to be in place. And of course, insurance is one of them.

And guess what — insurance currently comprises only 0.5% of total value locked. (according to DefiLlama).

1/ Empowering investors

• Insurance exists in traditional finance as a risk management tool, to enable investors to be more “gung-ho” and try new stuff out
• This will greatly encourage mass adoption from the non-cowboys
• Institutional investors will be more inclined to participate now as there is a risk-management mechanism

2/ Product creation

• Insurance gives Defi participants another product suite to consider that goes beyond the traditional staking, borrowing/lending, liquidity provision type of Defi products
• It can even potentially act as a diversifier in your crypto portfolio if you sell insurance. For example, if you sell insurance on smart contract hacks — you are betting that a particular protocol will be hacked, which has limited correlation with the broader crypto markets (e.g. if crypto prices were to crash, it does not necessarily lead to hacked contracts that triggers insurance payouts).
• In the traditional world — insurance will give rise to re-insurance (for large or systemic risks) and insurance-linked products (catastrophe bonds, industry-linked warranties (ILW), collateralised reinsurance etc) which can potentially open up many opportunities in Defi

How does Defi Insurance work?

In my very humble opinion — to provide a framework of what’s in the market now:

Types of Cover

• Smart contract vulnerabilities (e.g. bugs in code)
• Custody theft (e.g. your crypto on the exchange got stolen)
• Stablecoin or yield token unpegs (e.g. UST deviates 1:1 from USD)

Trigger Types

• Indemnity — payout is based on actual losses sustained, and claim assessors will vote on whether a payout for a particular project is warranted based on proof of loss
• Parametric (pre-defined parameters) to automate the claims and payout process → you don’t have to obtain proof of loss. Risk Harbor uses this — if a predetermined event happens (e.g. if UST depegs by more than 10% from USD), policyholders receive a payout within 45 seconds

Business models

In my mind there are 2 main business models in Defi insurance:

1/Token insurer

• Insurance sellers stake tokens in a protocol specific risk (or “pool”) if they believe no claims will be made. For example, if the risk pertains to smart contract integrity — since the code is all public for you to check and you’re a genius engineer, you stake your tokens to earn a yield
• The more tokens you stake, the higher yield you get
• Insurance buyers on the other hand — who are afraid that they’d be compromised by hackers will buy cover and pay premiums (which pays the yield)
• When there is a claim, insurance sellers will make an assessment of the claim’s validity and settlement amount. For clear cut cases with limited scope for dispute (e.g. parametric), the assessment is straightforward. In other instances, an independent board may be appointed to assess claims or a claims arbitrator might be involved (e.g. Kleros)
• Example: Unslashed Finance

2/ Mutual insurer

• A decentralised autonomous organisation (DAO) that operates as a mutual — an insurance company owned by its policyholders
• Participants can opt-in to be a mutual member by buying the token and their capital is placed in a communal pool
• Cover is priced to ensure a long-term profit margin for mutual members
• The mutual grows along with its capital or profit
• Example: Nexus Mutual (though it is technically a hybrid insurer as non-policyholders can stake tokens too)

Top 2 Protocols

The top 2 protocols comprise more than 90% of total value locked (basically capital committed to the protocols) in insurance.

Note: Armor sells insurance on behalf of Nexus Mutual, so there is some double counting when suming up their TVL.

Source: Defi Llama

1/ Nexus Mutual

Overview

• Founded by Hugh Karp, ex Munich Re CFO and Actuary
• Offers cover on 1/ Yield token: if your yield-bearing token loses more than 10% in value, you’ll be able to claim up to 90% of your loss 2/ Protocol risk: basically smart contract vulnerabilities (the code gets hacked or doesn’t do its job) 3/Custody hacks (when your crypto gets stolen from a centralised exchange like Binance)
• Largest insurance player by a large margin, with $431m TVL. Armor is not a “true-blue” insurer but more of a Managing General Agent (MGA) but I’ll get to that later
• Covers 90+ protocols, 13 custody providers, 11 yield tokens
• Seems to be profit-making since July 2020
• Members must go through KYC and hold NXM tokens to be a part of the mutual — this means when you join the mutual, you become a legal member of the UK company. This lets you buy cover, as well as participate in claims assessment and governance
• The mutual underwrites risk by a shared capital pool and the tokens represent your share of the capital pool
• There is a one-time membership fee of 0.002 ETH — the payment will be converted to Nexus Mutual’s token NXM
• The shared capital pool uses a treasury management solution via Bancor to generate yield

Buying Cover

• To get cover, you pay in NXM or ETH for a particular protocol. You automatically become a mutual member when you become a policy holder
• The minimum cover price is 2% and is governed by formula, depending how much NXM is staked by others and a “surplus” or profit margin that will go into the capital pool

Source: CoinGecko, Nexus Mutual

• The more NXM is staked by others in a particular protocol, the lower the premiums
• If no claims are made during the cover period, 10% of your premium goes back to you
• If there is a payout, the NXM staked by others will be used as capital to pay the claim.

Governance

• To become a mutual member (this is automatic upon policy purchase), you buy NXM tokens — the membership fee is 0.002 ETH — and your token represents your share of the capital pool
• You can stake up to 20x the amount you own into various projects as a risk insurer and earn 50% of the premium for taking on the risk (as mentioned above, 10% will go back to cover buyers if no claim is made and 40% will go to the shared capital pool). For example, if a risk assessor has 100 NXM, he can stake up to 2,000 NXM across different projects.
• If the claim amount is larger than the staked capital, the mutual’s communal capital pool will pay off the remainder

Tokenomics

• The NXM token has a unique pricing formula that captures the growth of the mutual, rather than market sentiment
• The price is a function of MCR% (Minimum Capital Requirement): the ratio between total value of assets in the capital pool and the minimum amount of funds it needs to be confident it can pay all claims
• When more NXM tokens are purchased or when more cover is bought → the capital pool increases and token price increases
• When claims are paid out → the capital pool decreases and token price decreases

2/ Armor Protocol

• It acts as a managing general agent (MGA)— it repackages and distributes policies for Nexus Mutual (i.e. finding insurance buyers), bypassing the need for policyholders to do KYC with Nexus Mutual. In other words, Nexus Mutual is their underlying risk carrier (note: carrier = capacity provider).
• It also acts as an alternate capacity provider, bringing in new capacity (i.e. finding insurance sellers) on top of what Nexus Mutual can offer. It does so via a product that bypasses the need to do KYC in order to be an insurance seller.
• It offers the following products:

1/arNXM: enabling investors to stake or sell insurance on Nexus Mutual without doing KYC. In other words, it helps Armor and Nexus Mutual increase capacity by opening up another channel of insurance sellers

2/ arCORE: “pay as you go” coverage which is automatic adjustable coverage and premiums paid per second as you move through various projects.

3/arNFT: tokenised coverage that enables you to buy cover without doing KYC. This is tradable as well, so you can sell your policy on the secondary market. arNFT can be repackaged into arCORE when staked — arCORE charges a higher premium than Nexus Mutual to compensate stakers.

4/arSHIELD: insurance for Liquidity Providers (LP) where insurance premiums are automatically deducted from the LP trading fees earned. arSHIELD essentially creates insured LP tokens where liquidity providers do not have to pay upfront premiums. arSHIELD another repackaged form of arCORE.

Source:1kx network

Business Model

• In traditional insurance, MGAs typically share premiums with the risk carrier and this is somewhat similar in Armor’s case as seen below

Source: Armor.fi

Reciprocally-covered assets (RCAs)

• What caught my eye in Armor was its novel peer-to-peer coverage solution or reciprocally-covered assets which will be launched at the end of this month . The intention is to provide insurance without using Nexus Mutual’s capacity.
• Perhaps at this stage, relying on a sole risk carrier for distribution constrains their growth
• This is a model I’ve never seen before in traditional insurance — which goes one step further than Nexus Mutual by removing the need for capacity providers or risk carriers, as coverage buyers are in essence, co-sharing the risk by the law of large numbers
• How it works: 1/users who seek cover will deposit their yield-bearing or liqudity provision tokens into insured vaults 2/they will receive a RCA token in exchange that represents their covered tokens 3/ There are no upfront premiums, cover is free at the start. Payments are only made when a loss occurs in one of the vaults of the ecosystem (which represents 1 smart contract) 4/At that point, a small percentage of every vault is liquidated to compensate the affected vault (paying for someone else’s claim i.e. not totally free)
• I guess its the same premise if me and my neighbours are all risk-sharing our homes in case of a hurricane, and we all come into agreement on this. If my neighbour Ben was unlucky and his home is destroyed, all of us contribute 1 room to him (assuming we all have a lego house here).

• It claims (haha pun intended) to be the only coverage method with the ability to cover the total value in the sector and is capital efficient as the risk is shared equally among participants
• The benefits of this are 1/ Low costs: this disintermediates underwriters/capacity providers and there is no need to pay premiums to compensate them for taking on and pricing the risk 2/ Scalability: the current model depends on capacity provided by insurance sellers — but with RCAs, each user will cover each other 3/ Reduced risk of insolvency: Capacity is in essence, provided by coverage buyers and no leverage is needed with RCAs (leverage is what will lead many insurers into insolvency in the wake of systemic risks unfolding)

Key Takeaways

• Nexus Mutual’s competitive edge: As I alluded to above, Nexus Mutual is the first mover in the industry and has established many moats resulting in pretty high barriers to entry 1/ track record in payouts 2/strong brand 3/diversified cover 4/largest capital pool by the biggest margin in the market 5/data collection in a nascent industry. The value of an insurer ultimately lies in how well it can payout claims. Moreover, its business model appears to be working as it has been profitable for close to 2 years
• Liquid staking: The ability of an insurer to pay claims depends on its capital pool. So how do we increase capital provided? By offering liquid staking that will increase investor’s capital efficiency! For example, if you’ve staked your NXM tokens with Nexus Mutual to earn yield from premiums — that should be tokenised to enable you to use it as collateral elsewhere. However, leverage can often be a double-edged sword and I would like to learn more about the controls around leverage to reduce risk of insolvency.
• RCA’s challenges: It boils down to adoption — what would incentivise users to deposit their tokens? Nexus Mutual already has a headstart with a large supply of capital that provides insurance buyers with the comfort of payout. It remains to be seen if RCAs will take off as 1/ there is no yield for depositing into an RCA vault, purely coverage 2/ there may be an opportunity cost for doing so as some yield-bearing or LP tokens can generate additional yields. If there is no adoption of RCA vaults, there will be no product at all.
• Opportunities in “De-Re”: As more and more smart contracts/blockchains interact with each other, systemic or stacked risk increases. Moreover, Defi is a relatively new space so we haven’t really seen a “industry-wide” breakdown like we’ve seen in the traditional finance world (such as the Great Financial Crisis). As such, how much systemic risk there really is, nobody really knows. Therefore I believe there will be strong case for decentralised reinsurance (or “De-Re”!! I call dibs on the name) and the development of defi insurance-linked securities . For example, in Nexus Mutual — stakers have the option of levering up 20x on various protocols. However, in the event of an industry wide breakdown, the amount of capital staked may not be enough to cover all affected protocols — this is when Nexus Mutual is on hook to pay the remaining amounts. Reinsurance or insurance-linked securities may enable Nexus Mutual to transfer some of this risk to the capital markets or re-insurers. Some high level examples I had in mind:

1/Industry-linked warranties(ILWs) could pay-out to Nexus Mutual if there is an aggregate market loss in Defi over a certain period of time

2/or we could look at this in totality using a traditional reinsurance tower perspective- the staked capital pools take on the lowest, riskiest layers, and anything above it could be tranched and sold to reinsurance providers or capital market players. It could be in the form of collateralised sidecars — where investors who want to take on this risk provide their capital into a specified wallet, which will be invested in a pre-determined set of money-market Defi protocols. Nexus Mutual will pay premiums to them and the investors will be issued a token representing their collateral.Which of course, can be used in other protocols as collateral or sold away (compostability matters!)

As I said, insurance is always on the backburner and it hasn’t grown as fast as other Defi products such as DEXes and lending protocols. However, this also means that the industry is far from maturity and there’s plenty of opportunity which I am looking forward to.

I want royalties for “De-Re.”