DeFi Cover: An Emerging Sector to Watch
Introduction
In our 2023 thematic outlook, we highlighted that on-chain insurance is a DeFi sub-sector that remains underdeveloped.
Today, DeFi has largely covered the services offered by TradFi, such as payments, lending and exchanges; as well as central, commercial and investment banking services. There is also DeFi insurance (or more accurately termed as ‘DeFi cover,’ since the solutions provided are more discretionary than contractual; and may not be regulated), but presently it is not being offered as extensively as traditional insurance. For context, the global insurance market is estimated to be $6 trillion, while the TVL in DeFi cover is around $275 million, which is 0.5% of the total TVL in DeFi (at $55 billion).
This may come as a surprise to some, especially considering the series of unfortunate events that rocked web3 last year. A record of $3 billion was also lost to DeFi exploits last year, highlighting the need for more risk mitigation measures. In this article, we will discuss the state of DeFi cover, specifically covering the current landscape; the issues that consumers and DeFi cover providers are facing; and the next steps for the sector to continue to grow and address the risks of DeFi.
Current State of Play
Background
The concept of DeFi cover can be traced back to 2017 when Hugh Karp launched ‘Nexus Mutual’ and offered the very first cover products. Since then, many others have begun to offer similar products and there are currently around 24 active participants. Nexus Mutual remains the biggest player in the space, with a TVL of ~$200 million (or more than 70% of the total TVL for DeFi cover). Other notable players include Unslashed; Helmet; Ease.org; InsurAce; Sherlock; and Cozy Finance.
Historical data shows that there have been an all-time total of 19,839 covers sold, 552 claims and 379 payouts across leading on-chain DeFi cover providers so far. Given the events last year, 2022 marked the industry’s first large-scale stress test with $34.4 million in claims paid out (out of $36.9 million all-time tracked total, i.e. over 90% of all payouts occurred in the last 12 months). Notable payouts were for the UST depegging, with $22.5 million paid out; and the FTX collapse, with $4.7 million paid out.
Types of Cover
Currently, there are eight broad categories of covers offered in the market (see image below). Providers may choose to focus on a few categories instead of offering the entire sweep of products depending on their risk appetite and area of expertise, e.g. Nexus Mutual does not offer Stablecoin Depeg Cover, unlike InsurAce.
(Source: OpenCover)
Cover Mechanics
Each provider will also have their own terms and exclusions, pointing to a relatively nascent industry that has yet to embark on standardisation. They typically differentiate themselves across three dimensions: (1) risk assessment; (2) claims assessment process; and (3) underwriting capital.
(1) Risk Assessment
Each provider views the risk of certain events happening differently, influencing the selection of covers offered. The model used to price the risk of the incident happening may also vary and this will affect the cover pricing (i.e. the premiums to be collected from cover holders).
The broad parameters that providers tend to use to assess risk include TVL and historical protocol usage; quality and recency of smart contract audits; and team information.
(2) Claims Assessment Process
This refers to the process of determining the validity of the claims submitted. Broadly, there are five types:
Community Vote - The community (typically involving DAO members who hold protocol governance tokens) will determine at their discretion if a submitted claim should be paid out based on the wording of the cover policy, akin to traditional discretionary mutuals. To ensure alignment of incentives to pay out valid claims, the protocol will typically reward participation in claim assessment while penalising voters who vote not to pay out claims determined valid by the majority.
Parametric - When a claim is filed, the smart contract will check for the incident. Should it meet the predetermined on-chain condition, affected cover holders will be able to claim their payouts automatically. There will be no need to submit proof of loss or wait for the result of a vote. This is typically used for asset depegging covers since the incident can be measured objectively.
Optimistic Oracle - This is a combination of community vote and parametric. In this semi-automatic approach, claims are accepted as valid unless disputed by any one party during a given timeline. If disputed, it will be assessed by the community via a vote. Once deemed valid, the payouts will be made automatically.
Expert Panel - This relies on a predetermined group of experts to determine whether a claim is valid. The experts tend to include security and legal professionals; as well as core contributions and representatives from the protocol’s community. It tends to leverage a multi-signature contract which requires a majority vote to validate the claim.
Hybrid - This can combine any element of the above four approaches. For example, a claim may first undergo a community vote, before being evaluated by an expert panel. Alternatively, it may first be evaluated by an expert panel, and should there be a dispute, it could be resolved by an optimistic oracle.
(3) Underwriting Capital
Underwriting capital refers to the funds available to pay out valid claims. There are various ways to build up this capital pool, such as (1) premiums paid by cover holders; (2) investments from institutional and retail investors, where they provide underwriting capital in exchange for a share of cover purchase fees; and (3) returns from investments of funds in underwriting capital pool.
The percentage reliance on each source of underwriting capital may vary across providers. Also, the ratio of the total amount covered by providers (i.e. total sum of all covers) to the underwriting capital may vary depending on the risk tolerance of the providers.
Issues Faced
Today, the growth of DeFi covers has been hindered partially by issues that consumers and cover providers face.
Consumers
For consumers, DeFi coverage is typically offered on a separate platform from the DeFi products, and is not well integrated with existing DeFi platforms. Users may not be aware of the availability of DeFi coverage for the specific protocols that they are interacting with. Even if they were aware, the multitude of options and the mechanics of each cover could be overwhelming. Unlike the traditional sector, where financial advisors and insurance agents can recommend suitable products, the UI/UX of getting DeFi coverage presents too much friction and lacks seamless integration.
Furthermore, much of the traditional insurance sector is well-regulated, which means purchasing insurance can be mandated by regulation for risk management purposes. The institutions also command high credibility when it comes to claim processes. Consumers are either required or are more comfortable with the idea of purchasing insurance to protect against risks.
The current cohort of web3 users tends to be risk-seeking early adopters who see themselves as partaking in an emerging asset class. In light of this mindset, purchasing DeFi coverage may just be an afterthought, as it adds extra costs when downside protection is not a top priority, and not mandated by law. Nonetheless, our view is that as web3 gains wider acceptance, particularly with the entry of more institutional investors, this culture will gradually diminish. Consequently, there will be a growing demand for DeFi coverage products over time.
Cover Providers
Besides the consumers, the providers themselves face their own set of challenges. Given the nascency of the sector, there are the following difficulties in firming up the optimal mechanism to supply these covers:
Risk Assessment & Pricing - The truth is, nobody can confidently assess the risks inherent in DeFi, as this is a new field and protocols can break in unexpected ways. The best (or perhaps only) indication of safety may well be the Lindy Effect, in that the longer protocols survive with millions in TVL, the safer they are proven to be. This, however, can only be proven with time. It is also difficult to price the insurance given the difficulty in risk assessment, plus consumers’ willingness to pay for security is still low. Price elasticity is extremely difficult to estimate.
Claims Assessment - There remain questions on who exactly should assess claims for loss events. Should it be policyholders, token holders, core team members, DAO members, or third parties; or should the protocol instead rely on parametric assessment tools? How do we align the incentives across the various stakeholders? A definitive answer remains elusive because no one has implemented a winning system yet.
Underwriting Capital - Underwriter yield must compete with DeFi yield. Investors may favour participating directly in DeFi protocols instead of acting as an underwriter or participating in insurance markets, given the high returns that DeFi protocols offer. It is also difficult to build up an underwriting capital pool with alternative investments. Traditional insurance markets earn a majority of revenue from re-investing collateral into safe yield-generating products. In DeFi, what is considered a “safe” investment for pooled funds? Placing them back in DeFi protocols re-introduces some of the same risks they are meant to cover.
Asset Management - If we were to push the concept of decentralised cover even further, we would need to consider who should be directly responsible for the crypto assets that are held by the cover providers. Should it be the DAO members or should it be a centralised team, given that the management of such assets requires a specific set of skills? If it is a centralised team, how do we ensure that this power and the funds under their charge are not misused?
What’s Next?
Here at Ocular, we have been keeping watch on DeFi cover and below are a few suggestions on how to address the existing issues with the space. They are by no means definitive answers, nor is this an exhaustive list, but we thought these are ideas worth exploring and discussing further.
For Consumers
Make DeFi cover more accessible to all. DeFi cover providers can consider partnerships with other DApps such that each time a transaction is being executed, there will be an option to purchase a cover for it. This can include exchanges, wallets or other DeFi services.
The intent is to reduce the friction of purchasing these covers. Instead of requiring users to go to a separate platform, the DeFi cover option is readily available to them each time they make a transaction. This increases the likelihood of investors purchasing DeFi covers (and contributing to the underwriting capital pool), and helps the DApps’ image in promoting consumer safety and security.
Create a DeFi cover agent to advise users. The goal is to develop an AI-driven agent that can emulate the role of a traditional financial advisor and guide users through the intricate landscape of DeFi cover products. By combining AI and on-chain data, the agent could first analyse the user’s historical interactions and transactions, before scouring the list of DeFi cover options available, to recommend the most suitable DeFi cover tailored to the user’s specific needs, preferences and risk tolerance. This will serve as an efficient and user-centric way of purchasing DeFi covers.
For Cover Providers
Encourage participation of smart contract auditors and protocols. The goal is to promote skin in the game, where those best placed to assess the risks of a particular DeFi product/service will be asked to support their claims and put their money where their mouth is.
For the case of smart contract auditors, DeFi cover providers can consider requesting for these auditors to back up their assessment by committing part of the fees that they charge as underwriting capital. In return, part of the proceeds from the premiums can be given to them.
The same principle will apply to partnerships with protocols. Protocols can be asked to self-assess their inherent risks, and depending on their assessment, they will be asked to commit a portion of their treasuries to the underwriting capital pool. The higher the rating that they give for their self-assessment, the more money they will be asked to commit. Similarly, in return, they will get a portion of the premiums received.
Pushing for such arrangements will help build trust amongst investors, encouraging greater participation in the product/service, as well as the cover policy. It also promotes the growth of the underwriting capital pool, giving cover providers more liquidity to work with.
Create an exploits oracle. The goal is to create an oracle that will serve as the source of truth for whether or not an exploit occurred. The oracle could classify the kind of exploit, which contracts were exploited, and what funds were affected. An oracle like this will benefit all DeFi cover providers, who can use it to verify the exploits that they cover and streamline the claims assessment process.
Conclusion
Insurance (and cover) options are a key piece of DeFi that may be lacking today. The maturation of this sector will help promote trust and the overall growth of the DeFi ecosystem.
Ocular continues to be on the lookout for projects/founders that are actively building in the DeFi cover space - if this resonates with you, do feel free to reach out to us at crypto@ocular.vc and we would love to connect!