Crypto-native Insurance

Aug 11, 2020 | Fred Ehrsam

Crypto-native insurance - on-chain insurance covering protocols and DAOs - has the potential to be the next big financial primitive in DeFi. The market size could be enormous and the initial wedge is credible.

Design challenges abound. Whoever solves them can create one of the fundamental building blocks of DeFi, supporting billions in value today, and unlock broader use by increasing the amount of capital users, investors, and traders are willing to commit to the system. As crypto expands into all financial and internet applications, crypto-native insurance has the opportunity to provide a critical service which backs the broader digital economy, supporting trillions tomorrow.

Why crypto-native insurance?


DeFi has rapidly grown 10x over the last year from $500m in user funds to $5bn today. Money-losing bugs have occurred amidst this growth and the stakes are increasing. By enhancing trust, insurance can simultaneously enable DeFi to continue its rapid pace of iteration and grow its potential market size.
Offering centralized insurance to enhance user trust was an important step we took early in building Coinbase. In 2014 I personally secured the first ever crypto insurance (I believe) from Lloyds of London. The impact was material but not critical for early crypto adopters with high risk tolerance, increasingly important for mainstream users, and a requirement for institutions when they eventually onboarded. Absent speculation, crypto-native insurance is likely to follow a similar adoption arc as centralized crypto insurance.


Insurance also creates a prediction market on the likelihood a protocol or DAO will fail. I suspect many crypto traders will love to play in this market, and, like most modern financial markets, speculators will be key in bootstrapping the market and constitute the majority of the volume (for example, in modern foreign exchange markets 95% of volume is speculation, 5% "real flows"). Speculation is societally positive here: it helps bootstrap liquid markets for those seeking "real" coverage and provides a barometer for how safe different DeFi elements are.
Through this lens, "insurance" can be thought of as closer to modern credit derivatives products like credit default swaps (CDS).

Wedge: Credible

The combination of users/investors looking for insurance, traders looking to speculate, and longer term investors seeking yield-producing products produces a credible wedge today. With $4.5bn locked in DeFi and insurance covers 5% of the market (the rough ratio in traditional credit markets of insurance total market size), a successful system could see $225m demand today.

Market size: Potentially very large

The market size for crypto-native insurance is hard to estimate as it 1) barely exists today and 2) will probably look very different than traditional insurance products and markets. With that said:

Bottom up

Sustained growth in DeFi would produce a large opportunity alone. If and as crypto expands to become the digital financial system of the world, the opportunity becomes enormous and difficult to estimate.

Top down

The insurance market is $5tn globally today. However, that's inclusive of all types of insurance which are unlikely to be relevant to crypto anytime soon. Credit derivatives are a better comparison. Much like some investors need protection against companies failing, some crypto users will need protection against the on-chain entities they rely on (protocols, DAOs, or otherwise) failing. The credit derivatives market globally is $4.2tn, of which $3.7tn are credit default swaps - the product that may look most similar to a successful insurance offering in DeFi.


There are 2 empirical data points in crypto today. First, insurance for centralized crypto companies is in the high hundreds of millions to low billions. Second, one crypto-native insurance mutual with manual governance, Nexus Mutual, has grown from $0.5m in coverage a year ago to ~$15m today.

Hard problems There are a lot of hard design problems to tackle in building crypto-native insurance, including:

  • On-chain or off-chain? A successful system is likely programmable, crypto-native, and allows new products to be community driven. For these reasons, this post assumes the winner will be on-chain (protocol and/or DAO-based) vs off-chain (a centralized provider writing cover for crypto-native applications out of band).
  • Market structure. Modern insurance markets are opaque and dominated by a few large insurers. What will the successful crypto-native insurance landscape look like? A protocol that allows lots of private entities to participate transparently? A DAO or series of DAOs that serve as underwriters? Both? Something totally different?
  • Liquidity. A successful system allows insurance seekers, traders, and investors to easily bootstrap new markets. This is especially important as insurance is an inherently idiosyncratic and fragmented market. A perpetual swap-like product which allows for easier bootstrapping and avoids fragmentation across multiple expiries (a pitfall with an options-based approach) may accomplish this goal.
  • What triggers a payout? A successful system should make this as clear as possible. As one example of potential for ambiguity: if a system fails economically but not technically, should that trigger a payout?
  • Manual or programmatic payout decisions? An ideal system would be entirely programmatic for efficiency, composability, and predictability/clarity. The often weeks long delays in resolving Augur markets through manual payout decisions emphasize the benefits of programmatic payouts. However, it's unclear if this is feasible in practice. What happens if a failure occurs which clearly should trigger a payout but does not? Ironically, it's possible most bugs which insurance is intended to cover in concept are missed in practice if forced to be defined programmatically in advance - otherwise, wouldn't the bug have been discovered and fixed? Concretely, in the words of Vitalik: “If there was a programmatic oracle IsBroken(x), then the code of x could just be modified to reject all transactions that set IsBroken(x) to true.”
  • Ease of creating and evaluating coverage. A successful system makes it easy to write new coverage and to evaluate coverage as an insurance seeker or investor. This is challenging since each smart contract being underwritten, whether a protocol, DAO, other otherwise, is different. Highly technical security auditors may evolve as the evaluators and pricers of risk.
  • Capital efficiency. A successful system balances capital efficiency with systemic risk. Leverage must exist as full collateralization ($1 needed for every $1 of coverage) is untenably capital inefficient for most investors and traders. On the other hand, high leverage threatens system stability and undermines the point of insurance in the first place. For reference, in outstanding policies are roughly 50x the underlying collateral in traditional insurance markets. Crypto-native insurance will likely start more conservatively as it is significantly less mature and more volatile.
  • Resilient to manipulation. A successful system minimizes gaming and maintains trust. Traditional CDS markets have had all sorts of bizarre and unintended outcomes.
  • Business model. This is downstream of the product/market structure. The largest traditional insurance companies have market caps >$100bn and margins of ~5%. However, a crypto-native insurance business model probably looks much different. It may be an open protocol which itself has a business model, an underwriting DAO, or something else. And there may be little opportunity to sustainably capture value.

A perpetual swap for CDS may be a winning approach across a number of these dimensions, as it could be on-chain, programmatic, able to bootstrap and maintain liquidity, and capital efficient.

Prior work

  • Nexus Mutual: an on-chain insurance mutual/collective. Nexus is governance-driven for payouts, offers fixed duration coverage, uses a native token (NXM) for incentives and staking, and only requires partial collateralization due to the mutual's pooled risk model. As previously mentioned, Nexus Mutual has grown from ~$0.5m to ~$15m in coverage over the last year, is still relatively small compared to the $4.5bn asset base of DeFi, and has successfully completed one payout.
  • Opyn: options which can act as a form of insurance. Opyn options, expressed via oTokens, have expiry dates (vs perpetual coverage), are on-chain and programmatic, have little/no governance overhead, and provide holistic economic coverage in one sense (options protect downside via the price of a specified asset), but is imprecise in others (e.g. cannot target specific technical failures), and requires full collateralization from options writers. Opyn is young and has low (~$1m) usage today.

Crypto-insurance ends up not materializing. Why?

  • Problem space proves intractable. One or more of the hard design problems listed above are not solved and prevent an effective product from proliferating.
  • Need for insurance eliminated by substitute mechanisms. For example, socialized losses become commonplace (e.g. TheDAO) or protocols/DAOs commonly have insurance-like mechanisms built in (e.g. MakerDAO's MKR dilution in case of undercollateralization).
  • Need for insurance eliminated by formal verification. Formal verification - the ability to test the boundaries of code - is advancing quickly and is likely to be feels complimentary. However, it's unlikely to be a comprehensive solution, especially to the extent economic vs purely technical failures are covered.

Net: Crypto-native insurance is hard to build but high potential

Crypto-native insurance can produce a valuable service to the community and feels ripe to build today. The problem space is extremely challenging to navigate, but if navigated, has the opportunity to support billions in DeFi today and trillions in global commerce as crypto expands over the coming decades.

Acknowledgments: Thanks to Vitalik Buterin, Tarun Chitra, Gus Fuldner, Matt Huang, Hugh Karp, Dan Robinson, Tony Sheng, and Nick Tomaino for conversations which contributed to this post.

Written by:

Disclaimer: This post is for general information purposes only. It does not constitute investment advice or a recommendation or solicitation to buy or sell any investment and should not be used in the evaluation of the merits of making any investment decision. It should not be relied upon for accounting, legal or tax advice or investment recommendations. This post reflects the current opinions of the authors and is not made on behalf of Paradigm or its affiliates and does not necessarily reflect the opinions of Paradigm, its affiliates or individuals associated with Paradigm. The opinions reflected herein are subject to change without being updated.