DeFi guardian: DeFi insurance agreement

Source: Odaily Planet Daily (ID: o-daily)

Author: king

The bZx protocol was hacked in the currency circle, causing a crisis of trust in the DeFi ecosystem. Pessimists see it as a "DeFi death knell", while optimists believe that this is just a pain in the growth of DeFi.

In the long run, the risk control design of DeFi products, the amount of funds for price predictors, and the security audit of smart contracts need to be strengthened.

From a short-term solution perspective, the DeFi insurance platform Nexus Mutual honored the user claim of US $ 31,000 in the bZx incident, which caused DeFi insurance to again attract attention and discussion.

What is DeFi insurance? Can it play a certain remedial role in the next similar incident?

This article will discuss the significance and role of DeFi insurance in the entire DeFi ecosystem, the operating mode of existing DeFi insurance products and platforms on the market, the ceiling of the DeFi insurance market, the improvement space of DeFi insurance, and incident reflection.

DeFi insurance helps DeFi ecosystem to form a business closed loop

bZx is not a single event. As the DeFi circuit stands out and attracts much attention, hackers have also begun to study the vulnerabilities of related products early.

The biggest feature of DeFi is its openness: first, it is open to users, and second, it is open between contracts, so it is very easy to be a target for hackers. According to PeckShield statistics, there were a total of 7 typical DeFi attack events in 2019. In the past February, there were 4 more DeFi security incidents. DeFi security issues have become increasingly prominent.

Among these DeFi security issues, the preferred attack method of hackers is to attack smart contracts. DeFi products are mostly based on smart contracts and interactive protocols. The code is generally open source and the assets are completely on the chain.

It sounds like openness naturally corresponds to unpredictable risks. Can buying insurance reduce losses after the fact?

The answer is yes.

DeFi insurance (decentralized insurance) refers to an insurance agreement based on smart contracts that cannot be tampered with and enforced automatically; it is mainly aimed at common risk events in the currency circle (including theft of private keys, attacks on exchanges, theft of wallets, and intelligence Contract vulnerabilities are manipulated, etc.) to provide risk protection.

Compared with traditional insurance products, the advantages of DeFi insurance are mainly reflected in enhancing the efficiency and transparency of claims. Because once the terms are written into the code, they no longer need to be based on "human trust", so the underwriting costs of insurance companies and the premiums paid by users are reduced.

Another difference from traditional insurance products is that DeFi insurance was born from the high volatility of cryptocurrencies and exists to spread the risk of currency price fluctuations, so it is more like a financial derivative.

NEST enthusiast of the decentralized oracle machine project-Jiuzhangtianwen told Odaily Planet Daily, "DeFi insurance is a security protection for some DeFi products, mainly the risk of DeFi development, the risk of fluctuations in assets in DeFi, etc. These two risks are not the same. As far as development risks (code loopholes, backdoors, arbitrage algorithms, etc.) are concerned, the value of DeFi insurance is higher, which is also the core direction of the industry's development; for the latter, its The essence is swaps or options, which more closely reflect the derivative structure of asset prices, and are not strictly insurance. This type of products will be included in the derivative ranks in the future, but their value is also very great.

In addition, DeFi insurance is very helpful for the promotion and application of the DeFi protocol. dForce & Blockpower founder Yang Mindao told Odaily Planet Daily, "Insurance is a basic service of traditional finance, which helps to diversify the risk of various types of events and promote the deepening of other financial products. It is like the FDIC (Federal Savings Insurance Corporation) deposit insurance The launch of the company has greatly promoted the development of deposit products. "

How do different types of DeFi insurance work?

However, DeFi insurance products are still in the very early development stage, product models and operating methods are not mature, and there is no unified risk pricing system and compensation guarantee mechanism.

The well-known DeFi insurance platforms are Etherisc, CDx, Nexus Mutual, Opyn, VouchForMe, KeeperDAO, SWAP RATE, etc. Among them, only Nexus Mutual's design philosophy is the most similar to traditional insurance platforms. It uses a risk sharing model to transfer individual risks to collectives. Other insurance platforms are more like derivatives that have a certain nature of protection, hedging the risk of currency price fluctuations, or platform services that are only to B.

Let ’s take a look at how these DeFi insurance platforms work.

Etherisc-Decentralized Insurance DApps Construction Platform

Etherisc is a development protocol (DIP protocol) for decentralized insurance applications. A simple understanding is the decentralized insurance DApps construction platform.

Etherisc's idea is very similar to Aragon in the DAO field-first build a universal platform so that developers can quickly develop applications based on the platform.

At present, the three application directions officially displayed are: flight delay insurance, hurricane insurance and crypto wallet insurance. There are more than 20 application directions in development on the platform.

Hurricane Insurance Intro Page

Etherisc does not provide any insurance business itself, but only works with insurance providers. The business scope is divided into two parts: a non-profit platform based on the token system, and various profitable business entities. These business entities build distributed applications on the platform and bear the corresponding legal responsibilities and risks. The platform also serves these insurance products and Service diversion.

Etherisc has also developed a native token, DIP, for the DApp development team and Oracle providers.

Return model for holders and insurance users under this business model

In general, Etherisc is not an insurance platform that can directly redeem claims for policyholders. It is only a decentralized insurance agreement for To developers. The main risk behind it is whether their own smart contracts can run safely.

Nexus Mutual-a risk-sharing pool that allows anyone to buy insurance

Nexus Mutual has received attention from the outside world because it recently paid bZx's user losses. It uses a risk sharing model with a risk sharing pool behind it (similar to the mutual treasure launched by Alipay). The fund pool is managed by community members who hold NXM token (Nexus Mutual's native token) and vote to determine the validity of a specific claim.

Purchase interface

In Nexus Mutual, all governance measures are subject to the proposals and votes of members, advisors, and owners. Proposals submitted by members must be whitelisted by the Advisory Committee. Each governance proposal has a category associated with it that defines the solution to be executed at the end of the vote.

On February 25, Nexus Mutual's governance measures were leaked by security researchers Mudit Gupta and Sam Sun. Fortunately, the vulnerabilities were not exploited by hackers, and insurance funds did not lose money.

Roxana Danila, CTO of Nexus Mutual, published an article on Medium to disclose the details and solutions of the vulnerability, and thanked the two security personnel who found the vulnerability.

Roxana explained that the potential loophole was that the proposed solution had not proven effective before members voted. As a result, members of the advisory board are likely to whitelist proposals for specific categories, but perform other actions in practice. This means that although members are voting for "the company is getting better," they are likely to vote for some malicious behavior without their knowledge.

In general, Nexus Mutual is also smart contract-driven insurance, which means that DeFi users can use the above solutions to purchase insurance for Compound or Dharma funds, digital currency stored by Uniswap, and hedge their risks. It's just "who can insure DeFi's insurance acceptor once the smart contract has a loophole?" This day's question still has no answer.

Opyn (oTokens)-insurance agreement that wants to replace dYdX

Opyn is also a decentralized insurance agreement. The Opyn team believes that dYdX, as the earliest derivative transaction protocol of DeFi, has some natural defects in the initially proposed model, such as only supporting the 0x protocol, and option writers can only Charge performance assets, etc., so the team hopes to propose a more complete protocol to replace dYdX, which is the Convexity Protocol.

Before explaining how Opyn runs an insurance agreement, let's understand what a "put option" is.

Suppose Xiao Zhang has a house in his hand, the current price is 2 million. Because of the serious bubble and the bad market environment, he is always worried that house prices will fall sharply recently. But now I sell it directly for 2 million, and I am worried that it will rise again immediately after the sale, and I can never buy it back. Therefore, Xiao Zhang found a real estate agent and signed a contract, which agreed that no matter how the house price fluctuated, Xiao Zhang could sell the house to the real estate agent for 2 million. At the same time, Xiao Zhang had to pay 20,000 for the contract. Contract fee (right).

Xiao Zhang's behavior is called buying put options. If the house price is higher than 2 million next year, he will not fulfill this contract and choose to sell the house at market price, so the maximum loss is 20,000 yuan contract fee.

Opyn is essentially that users can protect their assets by purchasing put options on the Convexity Protocol. Users mortgage Ethereum ETH to mint an ETH oToken. This oToken represents an Ethereum put option. Others can buy this. Options (equivalent to insurance against ETH crash).

On February 13, Opyn and “DeFi Bank” Compound reached a cooperation agreement and launched their first put option insurance agreement (previously, Opyn's put option insurance agreement was only a proposal), meaning that users could still be protected against Compound contract attacks. Get back the principal and interest.

Where is the ceiling for the DeFi insurance industry?

DeFi insurance seems to be numerous, but it has not caused much splash in the circle. The main reason is that the market size of DeFi insurance is deeply limited by the size of DeFi's hedging assets.

HashKey Capital Research believes that the current amount of ETH locked in DeFi is only 1 billion U.S. dollars, and there is insufficient motivation to develop insurance products. It is too early to cover insurance specifically for DeFi. HashKey predicts that DeFi insurance will grow into a relatively mature market until the market value of the entire crypto asset reaches $ 300 billion and the market value of Bitcoin reaches about $ 180 billion.

Yang Mindao believes that the final ceiling of this segment of DeFi insurance is equivalent to the ceiling of DeFi itself, that is, the scale of on-chain assets and assets on the original chain. DeFi insurance will eventually cover markets around digital asset trading, lending, derivatives and other services.

Jiuzhangtian asked that the ceiling of DeFi insurance is still the market value of ETH. "Because all on-chain risks can be hedged by insurance, only the code risk of ETH cannot be offset by insurance. If we say that ETH market value measures ETH Code risk and consensus risk, then without changing the current structure of ETH (anti-attack), the ceiling of insurance is the market value of ETH. "In addition, it also depends on asset volatility, but this is difficult to estimate. If assets are not considered Volatility factors, then the DeFi insurance ceiling is indeed limited by the size of the insured DeFi lockout.

DeFi insurance in mixed mode may be the trend

Since it is difficult to break through the ceiling, does it mean that DeFi Insurance can only find its way in a small and beautiful direction?

From the design mechanism of the above-mentioned various types of DeFi insurance products and platforms, we can see that the current DeFi insurance platform is mainly based on insurance-native agreements, as well as financial product models such as derivative transactions and option agreements. The life and property insurance in China is more like a financial derivative (which may also become an arbitrage tool for hackers) to help users hedge the risk of asset fluctuations.

"I think the DeFi insurance on the market are very early experiments, and they have problems of scale. And users who use DeFi have a higher risk appetite, and insurance may not be particularly attractive to them." Yang Mindao Summarized the pain points of existing DeFi insurance products on the market.

Like Nexus Mutual mentioned above, the current smart contract-driven DeFi insurance model is still facing risks from the system. Yang Mindao gave an example to describe this risk. "I have made a metaphor, which is similar to an insurance underwriting Person, underwriting the passengers on the Titanic, and this sole insurer also boarded the Titanic. "

In response to this problem, Yang Mindao proposed an interesting solution: combined with off-chain insurance, through a universal insurance, the core DeFi infrastructure can be covered, and the potential loss can be socialized in a larger scope.

Specifically, the establishment of a Universal Insurance based on the DeFi protocol, which guarantees the audited DeFi agreement with a lockup size of more than 1000w USD, stable operation for half a year, and limited management authority. Anyone can mortgage Ethereum Or Bitcoin enters the underwriting pool and earns insurance costs. Such insurance actually socializes the losses caused by "associated risks caused by interoperability between DeFi protocols."

In this way, being audited by a whitelisted auditor covers both smart contract risk and Oracle risk, and also covers most of the DeFi risk. "As the industry develops, insurance for the DeFi protocol will definitely accelerate, but it must be a hybrid model, not a complete decentralization."

The advent of hybrid mode DeFi insurance will boost the enthusiasm for financial innovation in the entire DeFi industry. Just as security is the most important part of the impossible triangle of the blockchain, DeFi insurance will become a necessary link in the DeFi financial Lego building block portfolio. On the one hand, the DeFi product portfolio forms a closed loop of mortgages, loans, transactions, and claims, accelerating DeFi. The maturity of the application market; on the other hand, it will stimulate the emergence of more DeFi application scenarios, prompting the DeFi field to continue to inject more funds and more users.

References:

Orange Book: "The Patron Saint of DeFi: Talking about the New Track" Insurance "

Medium: "Responsible Vulnerability Disclosure"

Medium: "Nexus Mutual Launch — How our digital cooperative works"

Medium: "Introducing CDx, The Protocol for Tokenized Credit Default Swaps on Ethereum"