De-Risking DeFi: Insurance & Credit Scoring Continue to Evolve
Despite all its potential, the growth and mainstreaming of decentralized finance continue to be restrained by a risk profile that is unacceptable to most investors. However, recent innovation in insurance and credit scoring protocols has the potential to mitigate as least some of the major challenges.
Decentralized Finance (DeFi) and digital assets offer users the potential for high returns, financing opportunities, and financial accessibility. The risks, for both users and builders, of this financial freedom, however, are numerous. They include Smart Contract risks, Counterparty risks, Protocol risks, User error risks, Systemic risks, and many others. DeFi is a dark forest filled with hackers, founders with ulterior motives, tenuously connected pieces hoping the wrong one won’t fall, and regulators waiting to take down protocols. Appropriate insurance and risk management processes have not been valued in the space because of the extra costs associated with delivering these services.
Nonetheless, in a fintech sector that’s prone to tripping up, insurance and effective credit scoring is arguably a ‘must have’, and there are risk management protocols and services emerging now that are delivering some checks and balances within DeFi. Additionally, the Web3 infrastructure and operations at the core of these decentralized risk management models have the potential to disrupt how insurance and risk are assessed in traditional financial markets as well.
What is Decentralized Insurance?
Decentralized insurance, is an emerging DeFi use case where insurance contracts are peer-to-peer, and are enabled and secured by the blockchain. They eliminate the need for centralized operators and major insurance companies to be facilitators, risk-takers and liquidity providers in the insurance equation.
Decentralized Insurance protocols built on programmable blockchains like Ethereum, Solana, and Avalanche utilize smart contracts to power decentralized insurance networks that connect individuals or groups seeking insurance coverage directly with others willing to underwrite those risks.
Smart contracts are programs stored on a blockchain that run when certain predetermined conditions are met. For example, a payout to a customer of a decentralized insurance contract who is paying for cover in the instance of their bank collapsing. If the worst happens and their bank fails, the smart insurance contract can automatically trigger a payment, leading to less hassle and bureaucracy in the operational funnel.
Some of the most popular insurance cover options in DeFi protect against stablecoin de-pegging, protocol rug pulls, and smart contract failures. Oracle technology also makes it possible for smart contracts to deliver ‘off-chain’ cover to protect against instances like flight cancellation or crop damage caused by extreme weather events.
The concept of peer-to-peer insurance has been around for some time, well before Ethereum and smart contracts were deployed and expanded their potential. For example, mutual societies and insurance companies where policyholders own the company, are a major component of the industry. In 2010, Friendsurance was developed by the German company Alecto GmbH. The Friendsurance program used a friend-based, crowdfunding model. Customers could connect online and create their own insurance pools. Small claims would be paid out of this pool, while bigger claims were covered by traditional insurance. If the small claims did not exceed the pool, the money is returned to the customers.
The idea of community insurance pools will be familiar to users of popular decentralized insurance protocols like Nexus Mutual and Unslashed Finance. The operations that are necessary for people to operate with programs like Friendsurance, however, are conducted through smart contracts.
Nexus Mutual: The leading Decentralized Insurance Protocol
Nexus Mutual is an Ethereum-based protocol that creates insurance protocols that are managed by its community. It was founded by Hugh Karp, who before founding Nexus Mutual worked at Munich Re – one of the two largest global reinsurance companies in the world. Nexus Mutual is a mutual where policyholder and members own the funds within the ecosystem and determine how they are used. In essence it is the same as the traditional mutual model that has been around for centuries.
Nexus Mutual operates as a Decentralized Autonomous Organization (DAO) that is owned by its members. The Nexus Mutual DAO holds members’ funds in a risk-sharing pool and uses those funds to pay out claims. Community members are also called to assess and accept coverage proposals and then ensure that pools are covered by the shared funds. There are further incentives and value created by the protocol’s NXM token.
The mutual model is appealing because there is a reduced conflict of interest, there is no one shareholder that directly makes more money when claims are denied. Karp has said that his vision for Nexus was a scalable mutual.
Generally, mutuals face a high level of rules and legal regulations as this type of insurer acts as a caretaker of customer funds until claims are completed. With Nexus Mutual, robust smart contracts create the system for how insurance funds are handled. The aims and control that are designed to protect the traditional finance industry through regulation, can be much more efficiently deployed with smart contracts. This allows a DAO/firm like Nexus Mutual to also save on legal research and compliance, as its legal obligations are coded into its contracts.
Source: DefiLlama
The total value locked within Nexus Mutual currently sits at US$267.8 million but at one point has been as high as US$800 million. It is by far the largest insurance protocol in crypto. The Nexus Mutual website says US$17,914,682 in claims have been approved and paid by members to cover holders who suffered a loss of funds.
An example of when Nexus Mutual paid out on a claim was the TribeDAO – Rari Capital Fuse Market hack. On 30th April 2022, an exploiter stole more than US$80 million from Rari Capital – a permissionless lending protocol that was governed by the TribeDAO.
Nexus Mutual members who had assets in Fuse were able to file claims that provided evidence of proof of loss. Nexus Mutual reviewed each claim, verified the total loss, and voted to approve US$5.08 million in insurance claims. The process wasn’t seamless, however. After initially approving a governance vote to reimburse customers in May, the TribeDAO community voted against trying to reimburse customers in a June vote. Eventually, however, in September 2022 Nexus Mutual reimbursed policy holders that lost assets in the hack. This was six months after the initial hack and the value of ETH had fallen significantly. This incident shows the utility of DeFI insurance – and its flaws. While an insurance DAO like Nexus Mutual may reimburse customers following a black swan event, the process is normally drawn-out and no lack of bureaucracy and differing opinions.
That said, decentralized insurance has been a boon to DeFi users because DeFi remains a nascent and unstable technology and there is no lack of protocols being compromised. Robust smart contracts are difficult to write, anonymous protocol founders often find running away with user funds, and smart contract auditors, project managers and qualified CFOs are expensive. All of this means DeFi protocols are prone to being rug pulled, hacked by external forces, or are simply poorly managed and run out of money.
Nexus Mutual has primarily focused on supporting claims that protect users of DeFi, its risky nature has meant that there has been a steady stream of liquidity and cover demand. Nexus Mutual has also bailed out users of the Perpetual Protocol and Cream Finance when these protocols were compromised. The mutual model fits well within the decentralized ethos of crypto and many users have embraced Nexus Mutual’s smart contract based model. However, the DAO’s claimed payouts of US$17,914,682 is a tiny fraction of the losses from hacks and other malicious actions in the DeFi space over the last couple of years, so it’s fair to say that DeFi insurance has not been thoroughly battle tested to date.
Etherisc: Creating Decentralized Insurance Cover Beyond Crypto
As the sector evolves, some decentralized insurance protocols are exploring external cover programs, outside the world of crypto. Etherisc is an early decentralized insurance provider founded by Christoph Mussenbrock and Stephan Karpischek. The project released its whitepaper in 2017. One of the cover options is its Generic Insurance Framework (GIF) which uses Blockchain oracles to provide secure details on information on flights and weather to provide cover for flight delays and crop yields. Blockchain oracles are third-party services, that provide smart contracts with external data or information from the off-chain world to Blockchains.
GIF utilizes a specific type of insurance called parametric insurance. Parametric insurance differs from traditional insurance in that a predetermined payout is released upon the occurrence of a specific event. With traditional insurance – a house fire or a car crash for example – an insurance company will assess the actual damages, sometimes without limits (policy dependent). The process can take considerable time and the insured party may not always agree with their insurance company’s assessment of damages. With parametric insurance, for example, in the case of flight delay cover, there is a parameter created between the time when the flight was set to leave and when it actually left. This is what determines the size of the insurance payout. Accuracy and timing is key to parametric insurance. The data used must be transparent, reliable, and trustable. Once the event occurs there is generally not a long drawn-out process, with payouts often happening immediately after the event. It is a type of insurance that seems primed for the automation and data reliability offered by a combination of smart contracts and blockchain oracles.
Etherisc has built a Flight Delay portal which is deployed on the Gnosis Chain (formerly known xDai). The portal offers insurance coverage for flight delays and has flights from over 80 airlines on its registry. Holders of Etherisc’s native token, DIP, create insurance pools. Similar to how the Aave protocol invites users to deposit liquidity into lending pools, and then use their deposits as collateral for loans, Etherisc user deposits into pools are used as their collateral to underpin their Parametric insurance positions.
Once they’ve added collateral to the pool, they sign up to a policy to cover their flight. Etherisc plugs into oracles fed by Chainlink that report airport flight data. Then, if the user’s flight is delayed by longer than 45 minutes, the user receives a direct payment via Metamask. This is similar to an automatic liquidation on a loan within pool-based borrowing and lending protocols.
RociFi – Building rails for credit rating systems
The RociFi protocol is on the periphery of the decentralized insurance sector. It nevertheless has the potential to revolutionize how risk is determined in the decentralized finance sector and beyond. RociFi is an under-collateralized lending protocol on Polygon. The protocol leverages on-chain data that is reviewed with machine learning alongside loan risk management to effectively facilitate undercollaterized loans via the blockchain.
DeFi’s most popular lending protocols like Maker, Aave, and Compound offer overcollaterized loans. Customers must provide more collateral than the value of the loan they are trying to take out. This means that the borrower is taking on a higher risk and will lose more if they can’t repay the loan. It also prices out users who aren’t able to meet the higher capital requirements of most DeFi borrowing and lending protocols.
The reason the lending protocols operate this way is because in the pseudonymous world of DeFi, loan applicants don’t have any qualifying information. Thus, there is no way to tell whether one borrower is more likely to pay back than another, so lenders need to be protected more and have their risk completely covered.
The clear differentiating aspect of RociFi is its credit scoring tool. Credit scores are risk-based and the RociFi credit score is based on a user’s wallet’s DeFi history and is used to determine the likelihood they will default on their loans. The lower the credit score the less likely a user will default.
RociFi borrowers can take out USDC loans. Before taking a loan, users must mint a non-transferrable NFCS (Non-Fungible Credit Score) which is part of the credit scoring process. The NCFS contains a credit score connected to the user’s address. The credit score is based on the wallet’s transaction history. Users with stronger histories get access to loans with lower credit requirements.
The RociFi credit scoring algorithm considers a variety of data points across the EVM-compatible chains to which a user’s selected wallet is connected. This may include chains like Ethereum, Polygon, Avalanche, and Metis.
Factors include previous borrowing and repayment behaviour within DeFi lending protocols, DAO contributions, liquidity provision and trading activities, and balance changes over time. Other factors that Rocifi says can boost credit scores include having wallets that have been created some time ago (verifiable history), addresses that have interacted with numerous protocols, and wallets with lots of transactions.
A strong Web3 reputation can also boost the score. This can be determined by whether the user has a unique Web3 digital ID (like an ENS), whether have they participated in DAOs and if they own high-value NFTs.
Presently, RociFi’s credit score is used to determine loan-worthiness within RociFi lending pools but it could conceivably be extended to cover overall creditworthiness of a blockchain address. It could be used for default risk assessment across other DeFi lending protocols like Aave, or even for real-world loan applications.
Conclusion
The emerging world of DeFi is taking strides to transform not only the financial landscape but also sectors such as insurance and credit scoring. Decentralized insurance has brought some level of security to users of Defi, while parametric insurance and oracles has introduced a level of efficiency and speed that is largely unavailable in traditional insurance sectors.
Protocols such as Nexus Mutual have been at the forefront of this transition, leveraging smart contracts and blockchain technology to provide a more efficient, fair, and user-controlled insurance platform, accessible to users who want to stay Web3 and identify with blockchain ids. It should be noted that because of factors like smart contract risk, the insurance protocols themselves need to be excessively robust to protect users.
Moreover, the evolution of these platforms to offer insurance for events outside the crypto realm signals the potential for expansive disruption in the traditional insurance sector. Platforms like RociFi are further pushing the boundaries of DeFi by innovating in areas such as credit scoring, using on-chain data to assess and manage risk more effectively.
As DeFi continues to mature, the line between traditional and decentralized finance will likely blur, leading to a new era of digital, peer-to-peer financial services. This potential may take some time to be realized, however, as DeFi continues to navigate the challenges of security, reliability, and regulatory acceptance.
Planning your 2024 crypto-media spend? Brave New Coin’s combined website, podcast, newsletters and YouTube channel deliver over 500,000 brand impressions a month to engaged crypto fans worldwide.
Don’t miss out – Find out more today