DeFi Insurance and Risk Transfer

DEFI INSURANCE TAXONOMY

Type 1: Discretionary Coverage (Mutual)
├── Model: Members pool funds, vote on claims
├── Examples: Nexus Mutual
├── Claim process: Submit, assessors vote
├── Pros: Established, significant capital
├── Cons: Subjective decisions, voting required
└── Coverage: Smart contract failure, oracle failure

Type 2: Parametric Insurance
├── Model: Auto-payout based on trigger
├── Examples: Various protocols
├── Claim process: Automatic if trigger met
├── Pros: No voting, fast payout
├── Cons: May not match actual loss, basis risk
└── Coverage: De-peg events, price triggers

Type 3: Underwritten Coverage
├── Model: Traditional underwriting, defined terms
├── Examples: InsurAce, others
├── Claim process: Submit evidence, review
├── Pros: Clear terms, professional underwriting
├── Cons: May have exclusions, slower
└── Coverage: Various protocol risks

Type 4: Risk Markets
├── Model: Two-sided market for risk
├── Examples: Various prediction/risk markets
├── Claim process: Market-based settlement
├── Pros: Market-priced risk
├── Cons: Liquidity dependent
└── Coverage: Event-based

Type 5: Protocol Native
├── Model: Built into protocol
├── Examples: Some lending protocols
├── Claim process: Automatic from reserves
├── Pros: Integrated, automatic
├── Cons: Limited, protocol-specific
└── Coverage: Protocol-specific events
```

INSURANCE MECHANICS

Premium Factors:
├── Protocol risk level (audit status, age, TVL)
├── Coverage amount
├── Coverage period
├── Market demand for coverage
├── Available underwriting capital
└── Historical claims

CLAIM ASSESSMENT FACTORS:
├── Was event covered by terms?
├── Did policyholder comply with requirements?
├── Is loss documented?
├── What's the payout amount?
├── Exclusions that apply?
└── Varies significantly by provider
```

INSURANCE PROVIDER LANDSCAPE

Nexus Mutual:
├── Type: Discretionary mutual
├── Coverage: Smart contract, protocol cover
├── Capital: ~$200M+ (varies with NXM)
├── Claims process: Member voting
├── Track record: Paid claims, also denied some
├── KYC: Required for membership
└── Rating: Established, largest DeFi insurer

InsurAce:
├── Type: Underwritten coverage
├── Coverage: Smart contract, stablecoin, CEX
├── Capital: Varies
├── Claims process: Submit and review
├── Track record: Younger, growing
├── KYC: Varies by product
└── Rating: Growing alternative

Unslashed Finance:
├── Type: Discretionary/underwritten hybrid
├── Coverage: Various protocol risks
├── Claims process: Committee review
├── Track record: Limited history
└── Rating: Smaller player

Protocol Native:
├── Aave Safety Module: Aave-specific coverage
├── Compound reserves: Protocol reserves
├── Others: Protocol-specific mechanisms
└── Rating: Limited but integrated

MARKET LIMITATIONS:
├── Total DeFi insurance capacity: ~$1B
├── Total DeFi TVL: ~$50B+
├── Coverage gap: Massive
├── Many protocols uninsurable
├── Premiums can be expensive
└── Not all risks covered
```

---

COVERAGE SCOPE ANALYSIS

Typically Covered:
├── Smart contract bugs exploited
├── Economic design exploits
├── Oracle manipulation (sometimes)
├── Protocol-specific failures
├── Stablecoin de-pegs (specific products)
└── Read the fine print

Typically NOT Covered:
├── Market price drops
├── Impermanent loss
├── Rug pulls by anon teams
├── Governance attacks (often excluded)
├── Bridge exploits (often excluded)
├── Front-end attacks
├── Phishing/user error
├── Regulatory actions
├── Network failures
└── Many things you'd want covered

READING COVERAGE TERMS:

Key questions:
├── What events trigger coverage?
├── What evidence required for claim?
├── What exclusions apply?
├── What's the deductible?
├── What's max payout vs. coverage bought?
├── What's the claims timeframe?
├── Who decides claims?
└── What's appeal process?

RED FLAGS in terms:
├── Vague triggering conditions
├── Broad exclusion categories
├── Short claim filing windows
├── Subjective determination clauses
├── Hidden deductibles
└── Payout caps well below coverage
```

INSURANCE QUALITY FRAMEWORK

Provider Assessment:

Capital Adequacy (30%):
├── Total capital vs. total exposure
├── Ability to pay multiple large claims
├── Capital source stability
├── Reinsurance arrangements
└── Score: 1-10

Claims History (25%):
├── Number of claims processed
├── Approval rate
├── Payout amounts vs. claims
├── Time to resolution
├── Disputed claims handling
└── Score: 1-10

Terms Clarity (20%):
├── Clear coverage definitions
├── Explicit exclusions
├── Understandable process
├── No hidden clauses
├── Reasonable requirements
└── Score: 1-10

Track Record (15%):
├── Years operating
├── Protocols covered successfully
├── Major events navigated
├── Community trust
└── Score: 1-10

Accessibility (10%):
├── Easy to purchase
├── KYC requirements
├── Premium payment options
├── Coverage availability
└── Score: 1-10

PROVIDER SCORE:
= (Capital × 0.30) + (Claims × 0.25) +
(Terms × 0.20) + (Track Record × 0.15) +
(Accessibility × 0.10)
```

COVERAGE TYPE EVALUATION

Smart Contract Cover:
├── Covers: Bugs exploited in covered protocol
├── Typical premium: 2-5% annually
├── Quality: Varies by protocol covered
├── Limitations: May exclude certain attack types
├── Best for: Large positions in audited protocols
└── Assessment: Core DeFi insurance product

Protocol Cover:
├── Covers: Broader protocol failures
├── Typical premium: 2-8% annually
├── Quality: Depends on terms
├── Limitations: Exclusions vary widely
├── Best for: Comprehensive protocol risk
└── Assessment: Check terms carefully

Stablecoin De-peg Cover:
├── Covers: Stablecoin falling below threshold
├── Typical premium: 1-5% annually
├── Quality: Clear trigger, but basis risk
├── Limitations: May not cover algorithmic
├── Best for: Large stablecoin holdings
└── Assessment: Parametric often better

Custodian Cover:
├── Covers: Custodian/CEX failure
├── Typical premium: 2-5% annually
├── Quality: Important for centralized exposure
├── Limitations: Coverage limits
├── Best for: CEX holdings, wrapped assets
└── Assessment: Emerging product category
```

---

SELF-INSURANCE FRAMEWORK

What is self-insurance:
├── Not buying external insurance
├── Bearing risk yourself
├── Setting aside reserves for losses
├── Diversifying to reduce impact
└── Accepting some uninsured risk

Self-insurance advantages:
├── No premium cost
├── No claim uncertainty
├── Full control
├── Works for all risks
├── Premium "savings" compound
└── No counterparty risk

Self-insurance disadvantages:
├── Full loss exposure
├── May not have reserves for large loss
├── No professional risk transfer
├── Behavioral challenges
└── May underestimate risk

WHEN TO SELF-INSURE:
├── Small positions (insurance cost > expected loss)
├── Highly diversified portfolio
├── High risk tolerance
├── Able to absorb total loss
├── Insurance unavailable or overpriced
└── Low confidence in insurance payout

WHEN TO BUY INSURANCE:
├── Large positions relative to portfolio
├── Concentrated risk
├── Lower risk tolerance
├── Cannot afford total loss
├── Insurance fairly priced
├── High confidence in provider
└── Position is core holding
```

PREMIUM COST-BENEFIT CALCULATION

Break-Even Analysis:
Premium = Expected Loss if Insured
At what exploit probability does insurance break even?

Example:
├── Position: $50,000
├── Premium: 3% annually = $1,500
├── Coverage: 100% of loss
├── Break-even probability: 3%/year
└── If P(exploit) > 3%, insurance has positive expected value

PREMIUM REASONABLENESS:

Position type | Reasonable premium | Break-even P
─────────────────┼────────────────────┼─────────────
Blue-chip DeFi | 1-3% | 1-3%
Mid-tier DeFi | 3-5% | 3-5%
Higher risk | 5-8% | 5-8%
Novel/unaudited | Often unavailable | N/A

CONSIDERATIONS BEYOND BREAK-EVEN:
├── Risk of ruin vs. tolerable loss
├── Correlation with other positions
├── Portfolio impact of total loss
├── Psychological value of coverage
├── Opportunity cost of premium
└── Claims uncertainty discount

VALUE OF INSURANCE FORMULA:
Value = (Probability × Loss × Payout_Rate) - Premium

If Value > 0, insurance is positive expected value
But also consider:
├── Utility of avoiding ruin
├── Variance reduction value
├── Risk-adjusted not just expected value
```

INSURANCE DECISION FRAMEWORK

Step 1: Identify insurable risks
├── List positions with available coverage
├── Note coverage terms and exclusions
├── Calculate premiums
└── Assess provider quality

Step 2: Prioritize by impact
├── Largest positions first
├── Highest concentration risks
├── Positions you can't afford to lose
├── Core vs. tactical positions
└── Focus insurance on high-impact risks

Step 3: Calculate cost-effectiveness
├── Premium vs. expected loss
├── Risk of ruin analysis
├── Portfolio impact analysis
├── Break-even probability
└── Identify clearly positive value

Step 4: Determine coverage level
├── Full coverage: Maximum protection, highest cost
├── Partial coverage: Balance cost/protection
├── Deductible coverage: Lower premium, retain some risk
└── Match coverage to risk tolerance

Step 5: Monitor and adjust
├── Review coverage adequacy quarterly
├── Adjust for position changes
├── Track claims and provider performance
├── Reassess cost-effectiveness
└── Don't set and forget

RECOMMENDED APPROACH:
├── Insure positions > 15% of portfolio
├── Focus on smart contract / protocol cover
├── Accept self-insurance for smaller positions
├── Budget 1-2% of DeFi portfolio for insurance
├── Prioritize provider quality over price
└── Review quarterly
```

---

INTEGRATING INSURANCE INTO RISK MANAGEMENT

Insurance as risk transfer:
├── Reduces protocol-specific risk
├── Does NOT reduce market risk
├── Does NOT reduce all protocol risks
├── Shifts some risk to insurer
├── Introduces counterparty risk in insurer
└── Net risk reduction depends on quality

Position sizing with insurance:
├── Insured positions may allow larger size
├── But don't over-rely on insurance
├── Still apply concentration limits
├── Insurance as safety margin, not primary control
└── Max position = MINIMUM of (uninsured limit, insured limit × 1.5)

Example:
├── Position without insurance: Max 15% of portfolio
├── Same position with quality insurance: Max 20-25%
├── Rationale: Risk transfer justifies modest increase
├── Caveat: Insurance may not pay
└── Don't double position just because insured

RISK BUDGET ALLOCATION:
If 1-2% of portfolio for insurance premium:
├── Allocate to highest impact positions
├── May cover 30-50% of DeFi portfolio
├── Rest is self-insured
├── Total risk budget = premium + expected self-insurance losses
```

CLAIMS PREPARATION AND PROCESS

Before an Event:
├── Document coverage terms
├── Save policy/coverage proof
├── Understand claim requirements
├── Know filing deadlines
├── Have documentation systems ready
└── Don't wait for event to understand process

CLAIM DOCUMENTATION CHECKLIST:
□ Coverage proof (policy ID, purchase tx)
□ Event documentation (exploit details)
□ Loss proof (before/after balances)
□ Transaction evidence
□ Timeline of events
□ Any required attestations
□ Communication records
```

WHAT INSURANCE DOESN'T SOLVE

Moral hazard:
├── Insurance may increase risk-taking
├── "I'm insured, so it's fine"
├── Leads to larger losses
├── Insurance should enable, not encourage risk
└── Maintain discipline regardless

Coverage gaps:
├── Many risks uninsurable
├── Exclusions in covered risks
├── Coverage limits
├── Claim denials possible
└── Never assume full protection

Counterparty risk:
├── Insurer could fail
├── Claims could be denied
├── Payout could be delayed
├── Coverage could be insufficient
└── Insurance adds a counterparty

Market capacity:
├── Limited coverage available
├── Large positions may be uninsurable
├── Premiums rise with demand
├── May not be available when you need it
└── Supply constrained

INSURANCE IS A TOOL, NOT A GUARANTEE:
├── Part of risk management toolkit
├── Doesn't replace other controls
├── Has its own risks
├── Cost-benefit varies
├── Appropriate for some situations
└── Use thoughtfully, not as crutch
```

---

✅ DeFi insurance has paid claims. Major exploits have resulted in payouts (with caveats).

✅ Insurance provides value for concentrated positions. Risk transfer has real benefits.

✅ Premium pricing reflects market assessment. Premiums correlate with perceived risk.

⚠️ Claims certainty. Will your specific claim be paid? Uncertain until tested.

⚠️ Provider stability. Long-term viability of insurance providers.

⚠️ Coverage evolution. What will be insurable in the future?

📌 False security. Insurance doesn't mean you can't lose.

📌 Ignoring exclusions. Many losses aren't covered.

📌 Over-reliance. Insurance as substitute for risk management.

---

Assignment: Evaluate insurance options for your DeFi portfolio.

Requirements:

1. Position insurance audit

2. Cost-benefit analysis

3. Insurance decision

4. Documentation

Time investment: 2 hours

---

1. A 3% annual premium provides break-even value when exploit probability exceeds:
A) 1% B) 3% C) 5% D) 10%

Correct Answer: B

2. What's typically NOT covered by smart contract insurance?
A) Code bugs B) Economic exploits C) Market price drops D) Oracle manipulation

Correct Answer: C

3. When is self-insurance typically more appropriate than buying coverage?
A) Large concentrated positions B) Small diversified positions C) High-risk protocols D) Core holdings

Correct Answer: B

---

End of Lesson 12