What is the DeFi Insurance “California Earthquake” Catastrophe Equivalent?
Billions of dollars are spent every year by homeowners, commercial property owners, and businesses in preparation for “The Big One”, a.k.a. a major earthquake along the San Andreas fault line. This event would affect numerous major cities, not to mention the city of Los Angeles.
The insurance industry understandably dedicates a lot of resources to this problem. Where there is risk to be shared, there is appropriately priced insurance available. A theoretical major California earthquake is usually the example people in insurance provide as one that would truly test the risk management practices of the industry, and is likely to cause multiple ill-prepared insurers to go bust.
In the DeFi world, there is significantly less access to secondary risk sharing such as reinsurance or panels of primary insurers. For fledgling DeFi insurance companies, this results in incredible concentration risk. The buck stops with them — if a major event causes a catastrophic DeFi insurance loss, the few DeFi insurance protocols that currently exist may find it difficult to pay out legitimate claims.
So what are these events? In the outline below, I suggest three potential catastrophic events that could be likened to “The Big One” of the cryptocurrency insurance world.
Scenario One: An EVM Exploit
Theoretical Scenario: The Ethereum Virtual Machine (EVM) is inarguably the most important piece of the entire Ethereum ecosystem, which powers the majority of Smart Contract based projects. The EVM “is” the Ethereum network, in that the implementations of the EVM are what power its continuous blockchain. While EVM implementations are subject to incredible code scrutiny, at the end of the day they are still human-written code which could potentially be exploited.
Potential Losses: If an exploit against EVM infrastructure were to be found, then not only is the ~$400B market cap of Ethereum at risk, but all the tokens and projects built on top. A hacker playing it slow could try to avoid detection by masking their manipulations, or could try to bring the whole system down in a public manner.
Theoretical Reaction: I have zero doubt that a catastrophic exploitation of the Ethereum network would result in a “hard fork”, essentially rolling back the entire network to before the exploit happened and branching it off to a “new” version of the network with the exploit fixed. This would be an extraordinary circumstance that would fly in the face of an immutable blockchain, but when the alternative is destroying the whole ecosystem, one can see the appeal. In fact there is precedence with this in the 2016 DAO hack, where in Ethereum’s infancy days a hard fork was completed to revert a hacker stealing a significant portion of the existing Ethereum coins.
DeFi Insurance Impact: In this scenario, I would expect DeFi insurers to come away relatively unscathed. With the entire ecosystem being reset, the potential losses I can see being payable would be those stemming from rolled back transactions between the time of the attack and decision to rollback — Though I don’t believe current policy wordings would account for this.
Scenario Two: Uniswap (DEX) Exploit
Theoretical Scenario: At the time of writing, CoinGecko indicated that 37% of the DEX (Decentralized EXchange) volume in the last 24 hours happened on Uniswap, amounting to $1.9B in moved tokens. DEXs are a very innovative concept within cryptocurrencies that allow users to make swaps of crypto asset pairs without a middleman/market maker, but instead decentralized ‘liquidity pools’ which anyone can contribute capital to and collect fees.
Potential Losses: The current TVL (Total Value Locked) within Uniswap Pools is hovering around $7.5B. An exploit of the Uniswap protocol could wipe out these funds.
Theoretical Reaction: While an exploit taking down Uniswap would be a catastrophe for the DeFi ecosystem, I’m not convinced it would push into the ‘hard fork’ territory as above. The consequences of a hard fork are so antithetical to the cryptocurrency ethos that in 2022 it would take a potential extinction level event for that action to be taken.
DeFi Insurance Impact: This event would be the true test of DeFi protocol insurers. Many of those offering coverage rate Uniswap towards the top of the list in terms of security, and thus offer relatively low rates, and take on a concentration risk by offering limits significantly higher than the amounts staked on the Uniswap Protocol. I would expect this event to cause controversy in the claims handling process, where decentralized claims handlers (with no professional insurance experience) would be faced on voting to lose their personal funds, or collectively deny legitimate claims. This could also activate the centralized backstops most of these protocols have, where the team behind the organization could unilaterally force claims to be paid or punish those voting illegitimately by burning their stakes.
Scenario Three: A Centralized Exchange Wallet Exploit
Theoretical Scenario: A centralized exchange (CEX) differs from a DEX in that the CEX itself owns aggregated wallets containing cryptocurrencies held by its customers. There is typically a traditional corporate entity backing these wallets. Account balances are stored off chain, and the exchange keeps track of transactions and ownership much like a traditional bank. A hack against their central wallets could mean there is no longer any actual cryptocurrency backing up these balances.
Potential Losses: Most centralized exchanges practicing good security will store the majority of their customer’s funds offline, and even then distribute coins between multiple hot wallets. If a hack were to take control of a Coinbase wallet, it seems very unlikely it would propagate to taking down the entire company. It has happened before — most infamously the 2014 MTGox hack saw 850,000 Bitcoin go missing, at the time worth ~$500M, today being worth over $30B. In fact, just this month a white hat hacker reported to Coinbase a bug in their trading API which if exploited would have allowed hackers to trade worthless tokens for much more valuable assets such as BTC or ETH.
Theoretical Reaction: The difference between MTGox and modern day CEXs is that sizable companies like Coinbase and Kraken are much more like traditional finance companies than the ‘wild west’ of crypto’s past. There is much more regulation and auditing around these companies, some of which are even now publicly traded. Theoretically this means that a major loss of customer funds would be backed up by traditional commercial insurance policies and the company’s own assets through regulators and the legal system.
DeFi Insurance Impact: This could result in an interesting coverage debate. If a hacked CEX carried significant traditional financial crime insurance covering crypto losses (Coinbase reported holding $255M of such insurance in 2019), which policy responds first? Do purchasers of DeFi protocol insurance have to wait potentially years until the CEX determines if it can recover from its insurance to make individual claims on their own? What happens if the CEX initially gets denied, DeFi insurance policyholders apply for and receive claims payments, but then the CEX subsequently reimburses them out of their own funds? Automated subrogation in a DeFi insurance context is not something I’ve seen discussed yet.
Final Thoughts
DeFi insurers offering protection against loss of cryptocurrency must put serious thought into the aggregation risk stemming from their model. It is possible to carry on for many years unaffected and unaware about these risk accumulations, only to go insolvent when that “1 in 100” year event finally occurs. Traditional insurers have braced for this impact — events such as Hurricane Katrina and 9/11 resulted in unprecedented levels of insurance payouts, but the industry’s preparedness ensured the risk was shared across many providers, and most importantly ensured that claims were able to be paid.
Future developments in the DeFi insurance world will help address this. I expect to see DeFi reinsurance following suit of the primary insurers. Branching out into lines of business not directly related to cryptocurrency loss will reduce event correlations. Perhaps most importantly, I expect regulators to start to take a more critical eye on these projects and adapt traditional reserve guidelines as a requirement for doing business in their country.
