Insurance Protocol

I am looking to gain some support for building a insurance protocol to project user funds. It would ideally take a part of the staking returns and put that towards a Bridge Mutual or similar blockchain protocol insurance fund to protect users funds from any code errors that are used to exploit the staked funds or hacks as we have seen in nearly every protocol out there. This is the biggest risk to holding funds here and would be great to see an already amazing return have a safety to protect again these things.

This is just the beginning thoughts on this and would to have other jump on here with theirs as well and start getting a solid initiative here

Thoughts,

13 Likes

Hey i’m interested , hit me up on TG (same name)
Thanks

1 Like

Great idea. this is the only issue I see with anc right now. thanks for being proactive at findind a solution so quickly

2 Likes

This is a really great initiative to put forth here at this stage and I also support the Development/ conversation around it. Anchor being a savings protocol that is quite easy to use and intuitive will attract many users who may not be so familiar with crypto. The protection of funds with a kind of insurance will not only relieve some concerns of potential users but will also protect the funds of all users in the case of error or attack. One of the reasons people may chose a traditional savings bank is to also have insured deposited funds (up to $200k usually) despite a lackluster savings rate.
Here I applaud Anchor for an outstanding savings rate but also urge in agreement with the OP for insurance.

2 Likes

Glad to see this getting some traction. Here are my ideas that I am formulating.

It would work similar to FDIC where borrows funds up to 250k are protected. The idea behind this number is to incentivize smaller balance holders for pool stability. Amounts over 250k would scale out to 0% at 500,000k.

More research is needed on what percent of the yield will be needed to cover this and what provider or diversity of blockchain insurance providers is needed. Thoughts here are greatly welcomed

2 Likes

I think this is a great idea. I want to put in a my two cents.

I’n case you haven’t seen Nexus Mutual, it does something similar.

However, the insurance being purchased on Nexus is done by the individual users. The users decide how much of their funds they want to insure and purchase insurance.

If I understand correctly, what you’re talking about is a protocol level insurance. Anyone who deposits into Anchor gets insurance up to x, automatically, just like the FDIC insures your deposits.

The FDIC collects premiums from depository institutions and provides insurance to depositors in the event that a bank becomes insolvent. One of the main benefits of this is that it reduces the chance of a run on any bank and therefore makes the entire banking system more stable, since people know that their money is backed by the government. In return, the FDIC strictly regulates the kind of assets the banks can hold and imposes all sorts of other restrictions.

A perfect analogue would be Anchor deposits backed by the Terra treasury/fiscal policy mechanism. But that introduces risks of a negative spiral: Anchor gets hacked, depositors lose money, Terra treasury needs to cough up UST, and they’ll have to do that by selling LUNA. There is wrong way risk: Anchor getting hacked may be happening at the same times as LUNA going down (or one may cause the other), and this would add to the selling pressure on LUNA. I don’t think that linkage will be best for the long term stability of the ecosystem.

I think an insurance market then makes more sense where someone is able to put up capital and take over some of the risk. But the premiums then would have to be pretty high:

Lets say I did a thorough review of the code and decided that I’m comfortable with the project. I could either sell insurance on it, or I could deposit into Anchor myself. For a given amount of capital, my return would have to be greater than the Anchor rate for me be enticed to sell insurance.

Unlike car, dental, health, life or even FDIC insurance to some extent, a single claim on an Anchor hack is not independent of other claims. If you sell $100mio worth of car insurance, its extremely unlikely that all of your customers get into a car accident at the same time and file a claim at the same time (thats why they have clauses excluding wars etc). However, with DeFi applications, a fault in the code will lead to mass claims. So the insurance fund needs to be pretty big to make sure that there is enough money to cover the claims in an event.

Another interesting point to think about: if anyone buys insurance, you would need to require them to put up proof that they indeed do have the money deposited. A clever hacker could 1) buy tons of insurance on deposits that they don’t actually have and then 2) hack the system and drain the money, and then 3)file an insurance claim, essentially double dipping… kinda like buying CDS and then forcing the company into bankruptcy.

Anyways… interesting stuff!

2 Likes

Thanks so much for this information. I was actually looking over nexus mutual as well and came to similar conclusions that it’s more like underwriting options on your balances and would cut into yield - not that other type of insurance would not cost money either that affects yield.

Great point about the FDIC and Terra Treasury but is why I only went as far as using FDIC insurance levels and not the actual model as exactly what you said would have issues and would cut deeply into yield as well

As good as the code is, there is always risk when wallets are hot like all these, you can have an much faith you as want in the code, but black swan hacks etc are always possible which does come to your point about mass claims happening but I am not sure that would qualify as writing it off completely.

Points 1, 2,3 are certainly valid, but I would sure there would be ways around mitigating this. Ideally through using a time lapse before funds are paid out as well as several independent investigation assessments into the claim as well as smart oracles that also back onchain events to valid if code was compromised or not.

I still have to dive deeper, but bridge mutual as we as a few others have some very clever models to help mitigate these issues and more. As mentioned they are providing insurance to REEF, OXY as well as many other exchanges in the works.

More research is needed on the cost and if it makes sense to cut yield for it. But what is 20% return if a blackswan is looming. At that point you still have to diversity by putting your funds in at least 10 plus pools with more than 10% return to make sure hedge this risk.

Thanks for bring up some valid points here and I am going to be looking deeper into cost and how it would work.

1 Like

Also just for some context, Nexus Mutal only only cost 2.6% for DAI coverage via compound. While comp pays about 6-8% APY you are still getting more than the risk rate after paying for insurance. I am not stating this is worth it here but when you consider ANC there are treasury funds that could over this and not hit yield if stakers decided to vote for that.

Sounds like you are proposing a single protocol version of Armor which makes Nexus Mutual coverage available via a simple token buy. They even have a way to link it to your wallet so it keeps you fully covered as your balance changes.

See: https://armor.fi/

3 Likes

Insurance is typically an allusion and promotes a false sense of security. Better to a have a robust system incentivizing developers to find bugs in programming and implement more secure enhancements.

1 Like

what is wrong with doing both? Incentivising developers via bug bounties will not be 100% successful as it is difficult to mitigate all attack vectors. Insurance gives peace-of-mind to users as it provides a backstop to funds in case the protocol gets exploited.

4 Likes

Agree with Vic. Insurance is about risk. No matter what the developers do, you cannot eliminate all risk. Depending on their risk tolerance and situation, someone will be willing to pay more than the expected value of a hack to have someone else take that risk.

2 Likes

Hi Leo,

I agree 100% percent here. We need both a robust treasury fund for find bugs in the contract, at least a million plus to make sure these bugs are found before hackers are able to exploit. Nevertheless, we all know tech is not imperious to downtime, tech evolution and black-swans. Therefore, a robust insurance fund would but this protocol light years ahead of other projects.

I also hear whispers that insurance is coming.

2 Likes

I must agree here as well. Though 20% APY sounds great, the only real thing lacking here is protection and insurance. This is what will offset regular users.

So as soon as there’s a good insurnace or protection of loss, I am confident much more funds will flow in. Just consider the potential of the funds banks and institutions have.

1 Like

Hi again everyone,

I have been on the Anchor telegram lately seeing lots of questions and request for insurance. I hear whispering about it coming from someone other initiative which I am hoping gets some clarity soon. In the meantime, I am going to keep pushing this so that it can possibly shape what is coming , if it does come, and if not we have something to take to the poll soon.

So far this idea has branched into to protection strategies:

  1. A robust treasury for contract bugs. I would like to see this scale with TLV at 1% paid out to anyone uncovering contract bugs.

  2. ~3% split between coming from the current ~20% yield and yield excess. This can be played with and needs more community input. Ideally for those that want to opt out, they could go to the insurance pool and participate in the shield mining to increase their yield on the ANC pool.

I am in talks with bridge mutal to see what this could look like and also open to other suggestions that are not running on er20. So far I have not found a insurance protocol running Cosmos but you know of any please let me know.

Thanks,

I am just voicing my opinion.

I am fundamentally against insurance because it implies it would ever be necessary. There is no reason to have insurance and fund insurance and open and insurance claims division.

There is no fraud. People making there own mistakes shouldn’t be insured from user error.

@40MillionMultiVac appreciate your feedback however i think you misunderstand why people want insurance. It’s not about insuring people acting carelessly and therefore creating moral hazard that others would pay for, it’s about protection against blackswan events such as hacks and code bugs that allow hacks. No matter how good code is, there is always risk. Not having insurance limits pool size because smart investors can’t trust full balances in one protocol and have to spread risk via multiple pools and protocol to mitigate this risk. Almost every major defi savings protocol has had some kind of bug or back. This would help reimburse deposits caught in something like this. No one would ever get insurance on user error.

4 Likes

Hi everyone,

As elusive as the details may be, it seems Ozone is coming Terra. From what I have seen it will start on insuring UST but that’s all I really have found. I will be putting the insurance part of this on hold and want to focus on the treasury bug bounty fund.

The proposal that I will be moving to a poll in about 2 weeks is as follows:

  1. A bounty for any bugs found starting at .25% of TLV. This would scale down to .1% flat as TLV hits 1 billion and continue to half with each billion added in TLV
  2. It would be funded by the community fund.
  3. .5% of yield would go replenishing the fund should bounty have to be paid until the community pool is back to the original balance.

Please let me know your thoughts.

Thanks

What is Ozone? Forgive my ignorance. I googled it too under “Ozone crypto”, “Ozone blockchain insurance”, “Ozone Terra”, and the only thing that comes up is a travel blockchain app.

1 Like

@Wolf There isn’t much on it outside of Do Kwon twitter stating Ozone to the insurance question…