I think this is a great idea. I want to put in a my two cents.
I’n case you haven’t seen Nexus Mutual, it does something similar.
However, the insurance being purchased on Nexus is done by the individual users. The users decide how much of their funds they want to insure and purchase insurance.
If I understand correctly, what you’re talking about is a protocol level insurance. Anyone who deposits into Anchor gets insurance up to x, automatically, just like the FDIC insures your deposits.
The FDIC collects premiums from depository institutions and provides insurance to depositors in the event that a bank becomes insolvent. One of the main benefits of this is that it reduces the chance of a run on any bank and therefore makes the entire banking system more stable, since people know that their money is backed by the government. In return, the FDIC strictly regulates the kind of assets the banks can hold and imposes all sorts of other restrictions.
A perfect analogue would be Anchor deposits backed by the Terra treasury/fiscal policy mechanism. But that introduces risks of a negative spiral: Anchor gets hacked, depositors lose money, Terra treasury needs to cough up UST, and they’ll have to do that by selling LUNA. There is wrong way risk: Anchor getting hacked may be happening at the same times as LUNA going down (or one may cause the other), and this would add to the selling pressure on LUNA. I don’t think that linkage will be best for the long term stability of the ecosystem.
I think an insurance market then makes more sense where someone is able to put up capital and take over some of the risk. But the premiums then would have to be pretty high:
Lets say I did a thorough review of the code and decided that I’m comfortable with the project. I could either sell insurance on it, or I could deposit into Anchor myself. For a given amount of capital, my return would have to be greater than the Anchor rate for me be enticed to sell insurance.
Unlike car, dental, health, life or even FDIC insurance to some extent, a single claim on an Anchor hack is not independent of other claims. If you sell $100mio worth of car insurance, its extremely unlikely that all of your customers get into a car accident at the same time and file a claim at the same time (thats why they have clauses excluding wars etc). However, with DeFi applications, a fault in the code will lead to mass claims. So the insurance fund needs to be pretty big to make sure that there is enough money to cover the claims in an event.
Another interesting point to think about: if anyone buys insurance, you would need to require them to put up proof that they indeed do have the money deposited. A clever hacker could 1) buy tons of insurance on deposits that they don’t actually have and then 2) hack the system and drain the money, and then 3)file an insurance claim, essentially double dipping… kinda like buying CDS and then forcing the company into bankruptcy.
Anyways… interesting stuff!