Top DeFi Insurances and How They Work
10 Feb 2022
7 min read
Ever thought about a DeFi Insurance protocol? Well, they’re a reality, and they’re making big waves in the DeFi industry.
In the last few years, we’ve been witness to the tremendous growth of the DeFi space and an accelerated adoption of cryptocurrencies by institutions and wealthy investors, such as Mark Cuban and Paul Tudor Jones.
But as the decentralised finance space rapidly gains ground in the crypto community, so does the number of attacks, scams, and protocol failures.
An Overview Of DeFi Scams & Attacks
2021 is marked as one of the most prolific years for the crypto and DeFi industry. The total value locked (TVL) in the DeFi space is over $286 billion, making it an attractive burgeoning place for investors and traders. But also for malicious actors.
2021 is also the year where we witnessed the largest number of attacks in DeFi protocols. More than $500 million have been stolen in 2021, constituting 78% of all major cyber scams. The industry is still in its infancy and plenty of things are left without care, like human error in coding —which bugs that can be potentially manipulated by malicious actors, or scammers taking advantage of hype and rug pulling investors, giving the space a bad name.
The summary of DeFi hacks in 2021 can be outline as follows:
- Code flaws in smart contracts
- Flash Loan attacks
- Reentrancy attacks
- Oracle and network manipulation
The most affected DeFi projects are usually decentralised exchanges, followed by digital wallets and other infrastructure.
The biggest hack in DeFi history sees Poly Network getting wrecked for over $600 million in a flash loan exploit. The attacker found a bug in the Poly Network platform and proceeded to drain over $600M worth of several crypto assets and stablecoins. While funds were returned thanks to the help of audits and blockchain forensic firms, it remains as the most controversial and largest scam to ever occur.
Other protocols like Cream Finance have lost over $200 million this year in three subsequent flash loan exploits. Squid Game, the popular Netflix series, had an unofficial token created by malicious actors who took advantage of the series’ popularity and attracted numerous traders and naive investors. The token surged over 2000% in two weeks, but investors soon saw their funds disappearing, so as the developers
With so much chaos going on, more developers are creating security-enhancing protocols and are working towards making DeFi a much safer ecosystem. There are audits, blockchain forensic firms, and now DeFi insurances are gaining ground in the sector.
Is DeFi Insurance the Answer?
If you ever thought about what a DeFi insurance protocol would be like take a look at some of them:
InsurAce.io is a relatively new DeFi insurance protocol with a robust insurance platform for DeFi users. It was the first project of its kind —launched in two networks, Ethereum and Binance Smart Chain (BSC). The protocol has been rapidly gaining ground in the market, expanding to other high-performance networks like Polygon, Solana, Fanton, and Heco.
The project was created by Oliver Xie and Sum Wei, both specialised technicians in their fields with vast experience in the financial world. Some of its top investors are DeFiance Capital, Huobi DeFi Labs, Hashed, imtoken, Signum Capital, Tembusu Partners, Lunex, and Alameda Research.
Looking at some of the protocol’s partners, we’ll find a solid team that gives traders and investors the security they’re looking for. To name a few partners:
- Solana: a high-performance smart contract platform that provides high transaction speed and high throughput.
- Avalanche: a next-generation blockchain and the fastest smart contract platforms in the industry so far. CoinGecko: the largest cryptocurrency data aggregator with more than 6,000 crypto assets.
- Elrond: a DeFi blockchain network that prioritizes scalability and low gas fees.
How Does It Work?
The protocol provides DeFi users with a wide range of crypto-related products, without “no premium” deals, unlike other insurances such as Nexus Mutual.
The protocol works similarly as a traditional insurance company —it has an insurance arm and an investment arm, just with a tokenized version. The first arm is called Investment Portal, and has two low-investment pools and one high risk investment pool. On the other hand, the Insurance Portal has a Low Risk Reserve Pool followed by a High Risk Reserve Pool. This business model design allows the protocol to generate revenues from the insurance premium as well as investment returns. Those revenues are used to fund liquidity pools, communities, operations, network, etc.
One of InsurAce.io products is “smart contract vulnerability” —in case of any failure or attack regarding the performance of the contract. The protocol has managed to cover more than 30 million DeFi tokens for over 50 projects.
Besides smart contract coverage, the protocol offers portfolio-based coverage to protect its users, multi-chain insurance coverage, and aggregated underwriting pools.
The insurance hopes to introduce more insurance products in the future, including but not limited to:
- Stablecoin Risk
- Cross-chain trading security risk
- NFT (Non-Fungible Token) risk
Unslashed Finance is a DeFi insurance protocol gaining popularity in the DeFi space. Since its launch in February 2021, It has covered a myriad of DeFi projects. One of them is Lido, an aggregator that purchased insurance to cover at least $200 million worth of staked Ethereum from slashing —a mechanism built in the PoS (Proof of Stake) blockchain to demotivate malicious behaviour. Other DeFi customers are Paraswap, a decentralised exchange and liquidity aggregator, and trading platform Kyber Network.
How Does it Work?
Unslashed offers insurance coverage for a myriad of protocols in the DeFi space. The user buys the coverage and protection, backed by a set of market participants that supply the necessary capital to the protocol. As a capital supplier, you participate in the protocol by injecting Ether (ETH) to different Buckets or individual pools on the protocol.
The protocol allows the creation of insurance products called Buckets —a mix set of insurance policies assessed, priced, and built by capital suppliers to provide coverage for a wide set of pools and policies.
The first structured insurance product on the platform is the Spartan bucket, and contains a broad list of covered pools.
- 6 centralised exchanges —Binance, Coinbase, Kraken, Bitfinex, Bitmex, Deribit)
- 2 Wallets —Ledger Hardware, Gnosis SAFE
- 8 Decentralised applications —Compound, Uniswap, Melonport, Deversifi, dYdX, MakerDAO, Paraswap, Uniswap.
- 1 Oracle —Chainlink
- 1 DEX aggregator —Lido Finance
- 3 Custodians —Coinbase Custody, Bitgo, Ledger Vault
- 3 Stablecoin: USDT, DAI, USDC
Every policy on the Spartan Bucket has a maximum exposure of 5%. The maximum exposure can be adjusted by the protocol’s DAO, and future changes and updates can be changed as long as the Bucket exists.
Unslashed has its own DAO (Decentralised Autonomous Organisation), the Unslashed DAO, which manages the different policy parameters on the protocol. The DAO votes and decides what will be the maximum exposure to a single policy.
Nexus Mutual is a DeFi insurance company built atop of the Ethereum blockchain driven by its community of NXM token holders. Since its launch, it has become a popular system of insurance coverage, attracting numerous investors to hold and stake the NXM token and become a board member.
How It Works
Nexus Mutual offers coverage to smart contract hacks in three types of ways. The first one is called Yield Token Cover, which protects against token de-pegging. The three main assets are yDAI, yUSDC, and yETH.
The second one deals with protocol hacks, protecting against exploits and general smart contract attacks on a specific project.
The third one is Custody Cover, which protects against suspended withdrawals and cuts on a user’s funds stored on centralised exchanges.
Becoming a Member
By becoming a member, you can buy insurance coverage to protect your applications against smart contract vulnerabilities. The insurance is mutual, which means it's owned by policyholders —in this case, token holders that make up the DAO and share mutual risks.
Every member holds tokens to have membership rights. Likewise, there are plenty of things to do when you become a member.
- Buy smart contract coverage
- submit governance proposals
- vote on proposals
- contribute your funds to the mutual and hold NXM tokens
- Stake ETH and address claims that other members submit
In essence, members are in charge of the capital provision, governance, risk assessment, and claims assessment.
Solace is a DeFi insurance protocol that went live on Oct.19 after 12 months of development and testing. The protocol is community-driven and offers coverage policies for several DeFi protocols including Uniswap, Compound, and Aave.
Solace processes claims and validates them immediately, with payouts occurring in a single transaction thanks to its automated system. Unlike other protocols that assess claims via staking and voting, the insurance manages risks with quantitative measures and analytics, making it a good alternative to most forms of “crowd wisdom” governance. Nikita Buzov, Solace Founder, believes the current model of staking and voting that most protocols rely on is unreliable.
“As a user I don’t trust the current mechanisms like voting, staking or market forces, in other words “wisdom of the crowd”, to accurately evaluate risk exposures and predict losses. Solace is driven by an analytical approach and incentivizes intelligent risk assessment through an architecture where people can offer their risk assessment models and earn fees for managing risk.”
The Polygon network, NEAR protocol, and Aave support the protocol with financial grants. Solace now has coverage policies for several DeFi protocols, which are:
- Yearn Finance
- Curve Finance
- Uniswap V2, V3
iTrust Finance is an insurance yield-optimizer protocol that allows users to automate their DeFi insurance investments while generating low-risk yields. The protocol is a layer 2 solution, meaning it’s a blockchain living outside of a mainnet. Since its launch, the protocol has gained ground in the market, partnering with protocols such as Nexus Mutual to provide a broader range of DeFi insurance mixed with yield optimization.
How it Works
The protocol provides automated solutions for insurance-based DeFi yields, allowing investors to simply stake their funds in the protocol’s pools and manage their yields from there.
The protocol has a vault which automatically scans smart contracts on protocols to assess the risk/reward ratio, moving users’ funds into protocols that provide the best ratio. Afterwards, the protocol allocates the funds to generate a low-risk yield. The staking process is straightforward —users have to connect their wallet, such as MetaMask, and add liquidity to their preferred pool, receiving an equivalent of pool tokens. If a user decides to unstake the funds, he/she will have to lock the pool tokens for 30 days. After that, the funds are burnt, and funds are deposit back into the user’s wallet.
The protocol is the first of its kind, calling the attention of numerous investors for its yield-optimization platform, using Yearn Finance-style automated algorithms with dynamic capital allocation.
Fintech and finance writer, with keen interest in blockchain and crypto.See other articles by José