Difference between revisions of "Nexus Mutual (NXM)"

From CryptoWiki

 
Line 15: Line 15:
== Audits & Exploits ==
== Audits & Exploits ==


*[[Bug bounty]] program can be found [https://nexusmutual.gitbook.io/docs/welcome/audits-and-security here] (27-7-2021) up to $50k.  There used to be none according to [[Blockchain Security DB]] (29-6-2020), which did show 1 [https://consensys.github.io/blockchainSecurityDB/ audit] (4-2019).  
*[[Bug bounty]] program can be found [https://nexusmutual.gitbook.io/docs/welcome/audits-and-security here] (27-7-2021) up to $50k ([https://immunefi.com/bounty/nexusmutual/ still] as of 19-3-2023).  There used to be none according to [[Blockchain Security DB]] (29-6-2020), which did show 1 [https://consensys.github.io/blockchainSecurityDB/ audit] (4-2019).  
*''"The V2 code has been extensively audited by iosiro over the course of November, December, February, and early March."'' ([https://gist.github.com/iosiro-security/9ab387c0f43fddfc50e3a66802d2f4f7 15-3-2023])
*[https://docs.defisafety.com/master/nexus-mutual-0.7-update Scored 80%] on [[DeFi Safety]] (15-9-2021). With the [https://t.me/c/1453353094/6019 comment]: ''"Their access controls are solid. However, it would be suited for the alternative insurer in getting a [[Formal Verification]] done."''
*[https://docs.defisafety.com/master/nexus-mutual-0.7-update Scored 80%] on [[DeFi Safety]] (15-9-2021). With the [https://t.me/c/1453353094/6019 comment]: ''"Their access controls are solid. However, it would be suited for the alternative insurer in getting a [[Formal Verification]] done."''
 
*Has added a [https://nexusmutual.gitbook.io/docs/welcome/audits-and-security third] [https://iosiro.com/audits/nexus-mutual-stacked-risk-on-chain-mcr-and-swap-operator-smart-contract-audit audit] done by iosiro (5-2021).
*Previously [https://docs.defisafety.com/finished-reviews/nexus-mutual-pq-audit scored] a 87%  (9-2020); ''"Nexus Mutual has two independent detailed audits where the changes were incorporated and witnessed by the auditors in most cases."''
*Previously [https://docs.defisafety.com/finished-reviews/nexus-mutual-pq-audit scored] a 87%  (9-2020); ''"Nexus Mutual has two independent detailed audits where the changes were incorporated and witnessed by the auditors in most cases."''
*Has added a [https://nexusmutual.gitbook.io/docs/welcome/audits-and-security third] [https://iosiro.com/audits/nexus-mutual-stacked-risk-on-chain-mcr-and-swap-operator-smart-contract-audit audit] done by iosiro (5-2021).


=== Bugs/Exploits ===
=== Bugs/Exploits ===
Line 184: Line 184:
=== Fees ===
=== Fees ===
=== Upgrades ===
=== Upgrades ===
* Nexus Mutual V2, the infrastructure layer where anyone can share risk and build the future of on-chain protection went [https://nexusmutual.io/blog/nexus-mutual-v2-live-on-ethereum-mainnet live] 15-3-2023:
''"Staking pool managers can underwrite existing cover products or propose new cover products to expand protection to new crypto-native and real world risks."''
* [https://medium.com/paradigm-fund/defi-in-ether-25b-in-defi-this-week-mstable-save-v2-now-live-sushiswap-2021-roadmap-is-here-de8b15c45249 From] [[Paradigm]] (19-1-2021):
''"Nexus Mutual members asked for the unstake lockup period to be reduced, therefore the team [https://twitter.com/NexusMutual/status/1351164585424936963?s=20 reduced] it from 90 to 30 days."''
*From [[Delphi Digital|Delphi]] Daily (1-9-2020):
"''With some capital in the pool, the recent adjustment to enable pooled staking was a strong step towards increased capital efficiency. This allowed users to stake the same NXM to 10 different [[Contract|contracts]] simultaneously, while still adhering to existing capacity rules that protect the network from concentrated exposures that invite solvency risk. What this adjustment really took advantage of was the idiosyncrasies of smart contract risk. Smart contract bugs are typically smart contract specific, meaning a bug in the smart contract of one project doesn’t really increase the probability of there being a bug in the smart contract of another. They’re more or less independent."''


*[https://tokentuesdays.substack.com/p/the-potential-for-bonding-curves From] [[Token Tuesdays]] (3-12-2019):
*[https://tokentuesdays.substack.com/p/the-potential-for-bonding-curves From] [[Token Tuesdays]] (3-12-2019):
Line 192: Line 203:


''With that, whenever there’s excess capital (in the form of MCR%) over 130%, the mutual increases its capacity by 1% per day by lowering MCR% and increasing MCR. While most members in the mutual recognized this would be a short-term detriment to price, it was vital for the prospective long-term growth of the Mutual at large. Since the introduction of the dynamic minimum capital floor (DMCF), the mutual has increased the mutual’s minimum capital floor by “14% over the past few weeks”. In addition, according to Nexus Tracker, the mutual has seen a 16.38% increase in active cover amounts (denominated in ETH) to over 4,710 ETH of active covers."''
''With that, whenever there’s excess capital (in the form of MCR%) over 130%, the mutual increases its capacity by 1% per day by lowering MCR% and increasing MCR. While most members in the mutual recognized this would be a short-term detriment to price, it was vital for the prospective long-term growth of the Mutual at large. Since the introduction of the dynamic minimum capital floor (DMCF), the mutual has increased the mutual’s minimum capital floor by “14% over the past few weeks”. In addition, according to Nexus Tracker, the mutual has seen a 16.38% increase in active cover amounts (denominated in ETH) to over 4,710 ETH of active covers."''
* From [[Delphi Digital|Delphi]] Daily (1-9-2020):
"''With some capital in the pool, the recent adjustment to enable pooled staking was a strong step towards increased capital efficiency. This allowed users to stake the same NXM to 10 different [[Contract|contracts]] simultaneously, while still adhering to existing capacity rules that protect the network from concentrated exposures that invite solvency risk. What this adjustment really took advantage of was the idiosyncrasies of smart contract risk. Smart contract bugs are typically smart contract specific, meaning a bug in the smart contract of one project doesn’t really increase the probability of there being a bug in the smart contract of another. They’re more or less independent."''
*[https://medium.com/paradigm-fund/defi-in-ether-25b-in-defi-this-week-mstable-save-v2-now-live-sushiswap-2021-roadmap-is-here-de8b15c45249 From] [[Paradigm]] (19-1-2021):
''"Nexus Mutual members asked for the unstake lockup period to be reduced, therefore the team [https://twitter.com/NexusMutual/status/1351164585424936963?s=20 reduced] it from 90 to 30 days."''
=== Staking ===
=== Staking ===



Latest revision as of 04:18, 19 March 2023

Basics

"Nexus Mutual has been set-up as a company limited by guarantee in the United Kingdom and will operate under a discretionary mutual structure. A discretionary mutual structure means that all insurance claims are paid at the discretion of the Board (i.e. Nexus Mutual members).

  • Goal and first product:

"Nexus Mutual aims to disrupt the insurance industry by transitioning the power from large insurance companies back to the individual. As such, anyone is allowed to participate as the mutual is wholly owned by its members. Members can contribute Ether (ETH) into the pool in return for NXM, the protocols native token.

The mutual’s first insurance product is smart contract covers for purchasing protection for value storing contracts (which are inherent to DeFi and TVL). In order for the mutual to begin processing claims, the fund must meet the minimum capital requirement of 12,000 ETH locked in the fund." At the moment (9-2019) there is about 8K ETH locked, only 3 months after launching.

History

Audits & Exploits

  • Bug bounty program can be found here (27-7-2021) up to $50k (still as of 19-3-2023). There used to be none according to Blockchain Security DB (29-6-2020), which did show 1 audit (4-2019).
  • "The V2 code has been extensively audited by iosiro over the course of November, December, February, and early March." (15-3-2023)
  • Scored 80% on DeFi Safety (15-9-2021). With the comment: "Their access controls are solid. However, it would be suited for the alternative insurer in getting a Formal Verification done."
  • Has added a third audit done by iosiro (5-2021).
  • Previously scored a 87% (9-2020); "Nexus Mutual has two independent detailed audits where the changes were incorporated and witnessed by the auditors in most cases."

Bugs/Exploits

"We have received two responsible vulnerability disclosures. None of them have been exploited and no mutual funds have been compromised. 

On Tuesday evening, February 18th, we received a report of a potential issue related to governance discovered by Mudit Gupta. After a careful analysis we confirmed the issue exists and impacts the Advisory Board and the Owner; unintentionally granting them additional privileges.

On Thursday morning, February 20th, we received another report from security researcher samczsun detailing a vulnerability that could have potentially put part of the funds in the mutual at risk. We confirmed the vulnerability shortly after. Within 4 hours of receiving the report, we killswitched the system’s interaction with Uniswap which meant the vulnerability could not be exploited."

Also goes into their audit:

"Our code has been audited at launch by the Solidified team in April of 2019. We have been pretty conservative when it comes to code updates, and have only ever made three minor upgrades since then:

  1. Dynamic Capital changes which added an additional parameter to the Minimum Capital amount.

Before the change, the minimum capital amount was 7000 ETH.
After the change, the minimum capital amount is 7000 ETH plus a variable minimum capital that increases each day the MCR% exceeds 130%.

  1. Enabled members to switch their address.
  2. Replaced the MakerDAO feed with Chainlink for the ETH-DAI price.

Prior to the disclosures, we had scheduled a new full audit set to begin at the end of the month in order to integrate the pooled staking upgrades."

Governance

"Nexus Mutual’s Foundation is a Collective Risk Services CIC (CRS) operating as a non-profit which is responsible for employing the core team in addition to paying other operating expenses including website, marketing, audits and more.

The proposal requests that the current 2.5% sell spread on any NXM redemptions (i.e. Mutual members selling NXM) is allocated to the Foundation rather than being burned. While today the potential revenue is not too substantial, the funding mechanism would provide more flexibility and options to support Nexus Mutual’s Growth. In the future, as the Mutual grows, the revenue model could sustain the foundation, ensuring there’s a dedicated team working on the growth and adoption of the Mutual at large.

For those unfamiliar, the initial funding of the Foundation was sourced from an initial grant of 1,000,000 NXM tokens where the Mutual launched back in May 2019. Given the Foundation is running as a non-profit and in the interest of the Mutual and its members, the core team also disclosed their current funding position as of the end of March 2020.

With all of that in mind, the estimated burn rate for the Foundation currently stands at approximately $72,000 per month. With the proposal, Founder Hugh Karp released historical NXM burns from redemptions in order to model the potential revenue stream. Generally speaking, the 2.5% sell spread has averaged around ~1,000 NXM in burns per month. At today’s price of $2.5 / NXM, this would generate an additional $2,500 per month for the Foundation or about 3.4% of the approximated monthly burn rate."

"Initially, we have a member token-voting process overseen by an advisory board (comprised of experts from the worlds of insurance, mutual management and smart contract security). Note that any member can replace an Advisory Board member via a vote at any time.

Any member may delegate their vote to any other member with rewards available for participating in governance actions. Nexus Mutual will launch with some aspects which are not fully decentralised. These will be reduced over time as the system becomes battle-tested and gains scale."

Admin Keys

"The access controls are easily located in the documents.

a) All contracts are clearly labelled as upgradeable (or not) -- 30% -- the contracts & how governance can change them are clearly explained.

b) The type of ownership is clearly indicated (OnlyOwner / MultiSig / Defined Roles) -- 30% -- governance percentages necessary to change these alongside unilateral board interventions under specific circumstances are clearly explained in the documentation.

c) The capabilities for change in the contracts are described -- 30% -- the potential ways in which these contracts can be modified is clearly explained.

Pause controls are defined without evidence of regular testing."

DAO

  • From their blog on DAO governance (14-6-2018):

"While we are still working out some of the details, this has lead us to the following key elements for our initial governance model:

  1. There is a board of, say, 5 members that “white-list” proposals (with some exceptions).
  2. The board provides a recommended outcome for each proposal.
  3. Votes are put to the entire member base for a token weighted vote (capped at 5% maximum weight).
  4. Majority outcome prevails if the quorum of 15% is reached.
  5. If the quorum isn’t reached the board recommendation proceeds.
  6. Tokens are locked for a period of time after participating in voting, to ensure those voting have a vested interest in the outcome of the votes (see EIP1132: Extending ERC20 with token locking capability)

In addition we have several elements to encourage wider participation:

  1. There are token rewards for participating in the vote. We recognise voting requires members attention and strongly believe attention must be paid for.
  2. Rewards are split between the number of members voting, rather than number of tokens voting. Making it worthwhile for all members to participate.
  3. A member can delegate a proxy to vote on their behalf and still receive all their rewards in the vote. A proxy can be any other member and may be revoked at any time.

To reduce the elements of centralised power sitting with the board:

  1. Any member can raise a proposal to replace a board member with themselves which bypasses the “white-list” gate.
  2. If accepted by the membership then they automatically join the board.
  3. The board has no input on this process apart from voting in their own capacity as a member.

This model results in low levels of pragmatic centralisation on a day-to-day basis which is balanced by the ability to over-throw that power at any time. We believe this is a good trade-off between relying on experts to both move faster and respond to any emergencies vs what the community might view as full decentralisation."

Treasury

“When Nexus launched, it granted a bunch of NXM tokens to our foundation, which has gradually sold them to cover operational costs,” Nexus Mutual CEO Hugh Karp said in an interview. “We expect to wind down the foundation as the protocol becomes more stable and fully decentralized.”

"Nexus recently invested 10% of the capital pool into Lido stETH to earn yield on the capital pool. Right now, Nexus is the fourth-largest holder of stETH. The mutual earns around 2.4 ETH per day and has earned 181 ETH since late May."

Token

 Launch

Token allocation

Utility

  • Premiums earned from selling covers.
  • From Delphi Daily (1-9-2020):

"As a mutual, its long term source of growth is fees. 90% of every cover goes into the mutual, with 50% of the value of the cover resulting in NXM being issued to reward stakers. The objective is to grow those fees with a focus on efficiency and maximizing reward/risk."

"NXM is the governance token for the Nexus Mutual protocol. It is used to buy cover, vote on governance decisions and participate in risk and claims assessments. It is also used to encourage capital provision and represents ownership to the mutual’s capital."

"NXM token differs from other governance tokens because a formula controls the token price. So if the mutual is earning a profit, it will help increase the capital available and increase the price of NXM. There are two sources of profit:

  1. Premiums collected - Claims paid - Expenses.
  2. 2.5% spread when users sell NXM from the bonding curve"

Token Details

"ETH and DAI from expired insurance covers are added to the capital pool, increasing the value of the NXM token."

"The NXM token represents membership rights in the mutual along with the ability to participate in the ecosystem through claims and risk assessment and governance. The token model leverages a bonding curve  (or a continuous token model) to determine the price of NXM driven by two main factors:

How much capital the mutual has
How much capital the mutual needs to meet all claims within a certain probability.

A bonding curve is used so tokens can be purchased at any time but at variable prices based on the amount of capital is locked in the mutual and how much of the capital is needed to payout the covers within the system. Moreover, members are entitled to a share of any capital held in excess of what’s necessary to pay potential claims. In other words, the more capital in the mutual, the higher the price of NXM.

This is important to note as Nexus Mutual is not conducting a traditional ICO nor is it planning on listing on exchanges in the near future."

"Given that Nexus Mutual uses a bonding curve, new token issuance occurs when capital is contributed to the mutual or through rewards for participating in the ecosystem. As such, the NXM token supply issuance can be broken down into these main areas: 

  1. Initial tokens = NXM set aside for founders and early contributors when the contract was deployed.
  2. Purchased via Token price model = NXM created when purchased via the bonding curve. 
  3. Claims assessment rewards = NXM allocated as an incentive to perform claims assessment. 
  4. Risk assessment rewards = NXM allocated as an incentive for participating in risk assessment 
  5. Governance = NXM allocated as an incentive for participating in governance"
  6. For more details check the Nexus Mutual page on their Token Model."

"NXM's price is primarily a function of the Minimum Capital Requirement (MCR), MCR% (the size of the capital pool / MCR), and the price of ETH. It's also important to note the bonding curve formula prices NXM relative to ETH, so fluctuations in the latter will impact the price of NXM. Below is the formula for calculating NXM’s price (in ETH)."

wNXM

  • From the docs (6-2021):

"The Official Nexus Mutual Twitter account announced the creation of wNXM on 17 July, 2020.

The Nexus Wrapper application was created by the PepperSec team.

Both the Nexus Wrapper and the wNXM token are community managed."

Tech

Implementations

"Nexus Mutual announced their new Protocol Cover program on Monday morning, covering problems on other popular smart contract networks. The first group of projects includes Polkadot, Cosmos, and Binance Smart Chain."

How it works

Fees

Upgrades

  • Nexus Mutual V2, the infrastructure layer where anyone can share risk and build the future of on-chain protection went live 15-3-2023:

"Staking pool managers can underwrite existing cover products or propose new cover products to expand protection to new crypto-native and real world risks."

"Nexus Mutual members asked for the unstake lockup period to be reduced, therefore the team reduced it from 90 to 30 days."

"With some capital in the pool, the recent adjustment to enable pooled staking was a strong step towards increased capital efficiency. This allowed users to stake the same NXM to 10 different contracts simultaneously, while still adhering to existing capacity rules that protect the network from concentrated exposures that invite solvency risk. What this adjustment really took advantage of was the idiosyncrasies of smart contract risk. Smart contract bugs are typically smart contract specific, meaning a bug in the smart contract of one project doesn’t really increase the probability of there being a bug in the smart contract of another. They’re more or less independent."

Upgrade around 11-2019

"Nexus Mutual implemented a dynamic minimum capital floor. This upgrade creates a mechanism for increasing cover capacity when the mutual has excess capital. Prior to this update, the Mutual programmatically set the max capacity per smart contract at 20% of the minimum capital requirements. This meant that no single smart contract could represent over 20% of what the Mutual could cover and is used to ensure that the mutual has a high probability of paying out all future claims.

With that, whenever there’s excess capital (in the form of MCR%) over 130%, the mutual increases its capacity by 1% per day by lowering MCR% and increasing MCR. While most members in the mutual recognized this would be a short-term detriment to price, it was vital for the prospective long-term growth of the Mutual at large. Since the introduction of the dynamic minimum capital floor (DMCF), the mutual has increased the mutual’s minimum capital floor by “14% over the past few weeks”. In addition, according to Nexus Tracker, the mutual has seen a 16.38% increase in active cover amounts (denominated in ETH) to over 4,710 ETH of active covers."

Staking

  • From their FAQ (21-1-2021):

"If the platform begins denying legitimate claims, failing in the core purpose it is set up for, then no new users would come to the platform and make contributions to it. While it's true that claims would lower the value of the pool and hence the value of the NXM tokens the Claims Assessors hold and earn in the short- term, Claims Assessors are also financially incentivised to take a longer-term view as they are required to lock up a stake.

This stake can be burned if there is deemed to be clear fraudulent voting activity by Claims Assessors (see Advisory Board section for details). The threat of losing their stake is a significant deterrent to voting fraudulently."

"Nexus Mutual members asked for the unstake lockup period to be reduced, therefore the team reduced it from 90 to 30 days."

Staking stats

As of 8-12-2022, staking is seemingly dominated by 3 addresses, together holding close to 2/3rds of the staked supply. According to their tracker, 9.49% of the token is staked. 43% of the NXM token is however in the tradable wNXM contract.

Shield Mining

"Stakers (risk assessors) deposit NXM and stake on contracts that they think are secure and this, in turn, allows other members to purchase smart contract cover on that system. Now, with shield mining, stakers will also be rewarded in the native token of partner projects, starting with tBTC."

Scaling

Interoperability

Other Details

Oracle Method

"Oracle Method

Members will act as judges, with each claim subject to a yes/no vote by members who have chosen to stake a portion of their tokens to act as Claims Assessors. The Claims Assessors earn rewards for voting with the consensus outcome. If anyone is deemed to have voted fraudulently, their stake may be burned via the Governance process.

Nexus Mutual is using Chainlink’s price reference data contracts for valuations of the multi-currency capital pool. Nexual Mutual performs daily on-chain updates and rebalances of its minimum capital requirement (MCR) by consistently recalculating the value of each capital asset (currently ETH and DAI) in the multi-currency pool using Chainlink’s Price Reference Data Contracts.

Source

Privacy Method

Compliance

"Membership involves a KYC process and a small membership fee of 0.002 ETH.

KYC requires an ID document such as a driver's license or passport and is mostly complete in a few minutes but can take up to 24 hours for the team to check manual review cases. During the sign-up process, The Mutual will approve one ETH address as your Nexus Mutual member address. This is the address you must use to interact with the Nexus Mutual system, and only one address per person/entity is allowed."

  • From their FAQ (21-1-2021):

"We're established as a company limited by guarantee in the UK and have received approval by the Financial Conduct Authority (Bank of England) to use the protected word "mutual" in our company name.

By becoming a member, each participant in the mutual becomes a part-owner of the mutual, with membership rights represented by NXM tokens. This structure has no shares or equity by definition, it is a company run solely by members for the members."

"Operation Wartortle has been launched with the goal of sunsetting the legal entity behind Nexus Mutual, which would remove the requirement to KYC for NXM token holders."

Their Other Projects

Roadmap

"Secondary Purchases 

One of the biggest needs for Nexus Mutual is the ability to reach more prospective members who would benefit from insuring their assets locked in DeFi applications. With this, the team is currently exploring implementing secondary purchases into third-party applications. Imagine lending out Dai on Compound and upon signing the transaction, there was a call-to-action asking users if they would like to purchase insurance coverage on their assets being lent out. Implementing this feature in a handful of the prominent DeFi applications would widely increase the accessibility for the mutual at large. 

In order to make third-party integrations possible, the mutual will have to enable the option to operate memberships via smart contracts. By doing so, this would drastically increase integration options from third-party applications and allow aggregator-like projects to programmatically buy covers on behalf of users. 

Token Economics and Incentive Reworks 

As it stands today, users looking to participate in risk assessment are subject to queues for receiving rewards based on cover purchases. With that, users must lock their NXM tokens for 250 days and will only receive rewards once they’re first in the queue. Rather than relying on a queue-based rewards system, the team is exploring a new distribution model through a pooled reward system. With this system, risk assessors will be rewarded on a more consistent basis with a pro-rata rate based on the amount staked. The hope with implementing this type of rewards system is to encourage more staking activity and significantly reduce the barriers to entry when it comes to knowledge on risk assessment.

Investment Earnings 

One of the more interesting things that the team is currently exploring is leveraging the existing capital pool to earn investment returns on the float. As being discussed today, this is viable in two ways: (1) integrating the Dai Savings Rate (DSR) or (2) Staking in ETH 2.0. While third-party lending applications, like Compound, will likely offer higher returns, it’s too risky for a mutual whose purpose is to insure these applications in the first place.

With $1.5M currently locked in the mutual and growing, the potential for earning investment returns on the capital pool will increase over time. By integrating the Dai Savings Rate or staking in ETH 2.0 (or both), Nexus Mutual members can receive a passive income through price appreciation of the NXM token as the capital pool increases from investment returns over time. This could be vastly important in ensuring the long-term growth of the capital pool as this mechanism would empower the dynamic minimum capital floor to increase coverage capacity over time."

  • From an interview (27-1-2020) with the founder:

"There are quite a few things coming up in the coming months, such as a revised staking approach which is designed to enhance reward levels and simplify things from a user perspective. It’s more of an enabler but is a key building block that will allow to expand the product range in the future, things like slashing risk on staking networks and even centralised exchange hacks are some popular ones we’re looking into.

We’re also looking to enable investment returns on our pool of assets, which all of our members will benefit from, we just have to be careful where we put the funds, as we provide cover against DeFi protocols.

And, we also have some interesting developments on the integrations side which will make things much better from an end customer perspective."

  • From their forum (26-5-2020):

"More specifically, to make this work we likely require three levels of cover wording or terms, all of which apply:

1. Global Terms - this applies to all risks the mutual offers, and would likely include some “boilerplate” like terms. Global Terms should be set by governance and should only be changed very rarely.
2. Product Terms - this is a specific cover wording document for each product, eg Smart Contract Cover, that anyone can design and bring to the protocol.
3. Risk Specific Terms - for specific risks within a product line clarifications or adjustments may be required. For example, with the Curve pools that get released reasonably regularly users need to understand which pools are covered by the ID and which aren’t. For many new products, the unique identifier needs to reference a specific risk, eg earthquake cover at a specific longitude/latitude.

So how do we actually get there:

1. Pooled Staking - as mentioned previously this is a fundamental building block for most future development. Release coming soon ™
2. Simplified Pricing - we need the pricing model to work with only one input, the amount of NXM staked. Release coming soon ™
3. Partial Claims - we need the ability to pay partial amounts of cover for partial loss as this will open up the design space for new products enormously. Research currently ongoing.
4. Cover Wording Architecture - link the 3 layers of cover wording to an ID and make sure the details are stored on-chain so that it is clear what terms apply to each cover. Not yet started."

"It would be naive to think these smart contracts operate in silos, particularly with the growth of composability, but the knock-on effects are often in the form of economic risk rather than smart contract risk. The Nexus team are actually addressing these types of scenarios through the creation of Stacked Risk Cover, as seen in the road map. It allows a user to have coverage beyond just smart contract risk, with the inclusion of factors like economic incentive or governance failure. It would be contained by the need for proof of losses."

"In the coming week, Nexus will launch #shieldmining, which allows for projects to reward their native tokens to NXM holders who stake on their contracts. This will greatly increase the staking rewards of NXM, which will open up more cover capacity and make cover premiums cheaper. This is especially useful to offer cover for new yield farming projects like SushiSwap and Yam Finance that would otherwise be too risky to stake on (Source)."

NXM Use Cases

  • "While memberships (4-12-2019) rights is the core value proposition for NXM, the token is also used for governance over improvement proposals, claims assessment on any insurance claims, and risk assessment on smart contracts."
  • For a deep explanation check their own Use Cases page here.
  • Buy a cover for any contract verified on Etherscan.
  • Again from the DeFi Rate article:

"The NXM token is widely used within the ecosystem for a range of utility mechanisms and as the primary asset for accessing a membership in the mutual.

Purchasing a cover

Users who wish to become a member can do so by purchasing the cover in ETH, DAI or NXM. The system will automatically convert contributions to NXM for users who decide to pay for the cover in ETH or DAI. Once the cover is purchased, a member burns 90% of the cover price in NXM tokens and retains the 10% to be used as a stake when making a claim.

Claims assessment

Mutual members can stake to vote on claims assessment on whether or not a certain claim should be paid out. Members who vote with consensus are rewarded with NXM whereas users who vote against consensus have their tokens locked for an extended period of time. Lastly, any users who attempt to vote maliciously or fraudulently are subject to having their stake burned and kicked out of the mutual.

Risk Assessment

When assessing the risk on certain covers, users can signal their confidence in the security of the underlying smart contract by staking NXM. The more NXM staked on an individual cover, the lower the price of the cover.  If the cover is purchased, the stakers receives NXM. On the other hand, if a valid claim occurs within a certain period of time (250 days) from the cover purchase, a portion of the stake is burned.

Governance

The last major utility use case for NXM is its overarching role in the governance of the mutual. NXM is used as a voting weight where simply participating in governance voting earns NXM. When voting in governance decisions, any NXM used is locked for with transfer restrictions applied for a period of time."

"NXM is also used for governance and incentivization of honest risk- and claim-assessment. For risk assessment, members can stake NXM to show confidence in a particular smart contract's security. Stakers get rewards if cover is bought for that contract, but if the contract is deemed unsafe, the stake may be slashed. For claims assessment, members earn rewards by staking NXM in support of a legitimate claim; for fraudulent claims, stakers are penalized."

"In the latest governance call, the core team discussed how NXM staking will soon be integrated into all smart contract covers along with a rework on the rewards distributions. In practice, users who stake NXM stand to earn a portion of all fees relative to their share of the staking pool."

"The premiums for smart contract insurance are partly determined by the amount of NXM staked on a smart contract system – more NXM staked means cheaper premiums. Risk assessors earn staking rewards from the premiums of new covers taken out on the smart contract system that they staked on. So far 792k NXM (worth $2.2M) has been staked."

"Nexus Mutual's smart contract pools are protected by an admin key controlled by the Mutual's 5 known Advisory Board members. The admin key is capable of making changes to critical parts of the smart contract ecosystem which could affect user deposits. Smart contract upgrades can occur with the approval of any 3+ board members."

Usage

Which is a bit weird, since on 6-2-2020 it is once again at 1.6M, with a graph showing it was around 0 at July 2019. So something went wrong here.

"$1.6M worth of smart contract insurance is currently taken out on Nexus Mutual. Active cover amount is one of the two important KPIs for Nexus (the other being capital pool size). The growth in cover amount in Dec and Feb were from large covers taken out for Flexa and ParaSwap.

Breaking down the active cover amount by smart contract system. Flexa ($589k), Compound ($314k), ParaSwap ($265k), and Uniswap ($210k) currently have the most money being insured.

The current capital pool size (insurance fund backing claims) is $2.6M or 13.1k ETH. This is the second of the two important KPIs for Nexus. Note the USD graph has been fluctuating due to the volatile price of ETH, but the capital pool which is denominated in ETH has been steadily growing."

"After the hack, $1.3M worth of cover was taken out across a variety of smart contracts: 0x, 1inch, Aave, Compound, Curve, DDEX, dYdX, Flexa, Gnosis, HEX, Idle, iearn, InstaDApp, MakerDAO, Nuo Network, Set Protocol, and Uniswap.

Nexus Mutual became undercollateralized for the first time. The peer-to-pool (as opposed to peer-to-peer) liquidity model works well for insurance because there can be several times more cover than the capital pool size, so long as claim events aren't correlated. Currently the active cover amount to capital size ratio is 125%. By comparison AIG has a ratio in the order of 6000%.

There are now 531 unique addresses that hold NXM, a large number joining the mutual after the bZx attack."

"In the last month, 3672 ETH ($625k) was contributed to the capital pool, bringing the total capital pool size to 16735 ETH ($2.85M)."

  • From Our Network #22 (22-5-2020):

"Total value has more than doubled in the past 90 days to over $4M, according to Nexustracker.io. The largest covers so far are for $484k on Balancer Labs and $387k on Aave, Nexus Mutual tweeted."

  • NexusMutual has seen (4-10-2020) parabolic growth in total insurance coverage. Now at $226 million.
  • From Our Network (22-5-2021):

"May 2021 is on pace to generate the most monthly revenue ever for Nexus from cover premiums alone. Sep 2020 and Jan 2021 had spikes due to Cover Protocol and Armor.Fi farming, so May's revenue will be all organic. Annualized revenue run rate also reached an all-time high $32M."

First Claim and pay out

"It is worth noting a few things at this stage:

  1. The incident particulars were unclear at this time— so our claims assessors had to work with the information that was available at the time.
  2. Our documentation explicitly excludes activity where the smart contracts act as intended.
  3. Our members have the power to vote and pay the claim anyway.
  4. The claiming member can submit one more time if they wish (which we encouraged them to in light of the bZx report).

The first ever Nexus Mutual claims process finalised with the 30,000 DAI claim on bZx being declined. 7/8 assessors voted no after staking a combined 76,000 NXM (over $300,000) in the process.

We received two further claims after the release of the bZx report.

Claim #2 was accepted with 4/4 assessors voting yes, staking a total of 10,051 NXM (USD $43219).

Claim #3 accepted with 9/10 assessors voting yes, staking a total of 11,1183.45 NXM (USD $478,088).

Both claimants immediately received their pay-outs once the voting closed."

"After the bZx attack, Nexus Mutual paid out its first claims of 4 ETH, 30000 DAI, and 2600 DAI. The claims voting was not contentious (almost unanimous in fact!), showing that the mutual members agreed what was covered by Nexus and what wasn't."

  • From Our Network #37 (12-3-2020):

"Active cover amount reached a new all-time high of $64M covered. Cover capacity for Curve and yearn.finance are maxed out at $10.7M and $9.4M covered respectively. Aave, Balancer, Compound, and Synthetix are also close to having cover capacity maxed out. There are nine covers of more than $1M each, all of which were bought in the last two months (Source)."

Projects that use or built on it

"yinsure.finance also launched as the first third-party distributor for Nexus cover. This allows for DeFi users to buy cover without KYC, as the yinsure distributor contract forwards all new cover purchases to be underwritten by Nexus. yinsure.finance also tokenizes the covers with NFTs so covers can be freely tradeable."

Pro's and Con's

From Token Tuesdays (1-10-2019) (Who's writers disclosed that they owned NXM):

Pro's:

  • "Assuming that decentralized insurance becomes rather popular in the coming years, there’s a massive amount of upside for prospective investors looking to get into Nexus Mutual."
  • Was the first to gain traction and therefore has first movers advantage.

Con's:

  • Nexus Mutual only covers smart contracts based on Ethereum.
  • Asks KYC
  • "With the current framework in mind, potential buyers are largely limited to sophisticated traders either (i) supplying large sums of capital or (ii) very technically familiar with DeFi and actively participating in a number of different services including margin trading or lending. As such, it remains unclear whether or not Nexus Mutual would be a preferred insurance solution for anything outside of niche digital asset uses."
  • Still has centralized 'fail switches': "The mutual cannot cover its own smart contract in the instance of a hack. This makes sense however, it would require separate insurance funds to cover the mutual and the team must be highly cautious in assuring that their smart contract(s) are audited and secure. With this, the mutual currently has some emergency features (i.e. centralization features) to protect users during the early stages. The list of emergency controls can be seen here. While these controls do provide a certain degree of peace of mind, they also strongly challenge the notion of “decentralization” posed by the project from a high level. However, this is fairly common practice in DeFi today and the team does plan on removing these features once the Mutual has been tested and battle-hardened."
  • Growth in Nexus Mutual has been a bit slower (12-2019) than expected.

Competition

"Armor’s coverage is underwritten by Nexus Mutual’s blockchain-based insurance alternative, with added features:

  1. Permissionless access without sign-up requirements
  2. Pay as you go coverage across various protocols
  3. Flexible amount / duration coverage, only pay what you owe"
  • From this insurance deep dive (3-2021) on the difference between Cover and Nexus Mutual:

"Nexus Mutual allows capital providers to have 10x leverage on the capital they stake. This translates into higher premium income for the stakers. Capital providers do have to take on more risks, but this approach is more aligned with how the traditional insurance providers spread the risk across multiple distinct products that have different risk profiles. In the meantime, capital providers for the Cover Protocol could not leverage their capital as every pool is isolated. There are plans to bundle up different risks together in Cover V2, but details are scarce.

Cover Protocol’s covers are more expensive than those from Nexus Mutual due to less capital efficiency. For example, buying cover sold for Origin Dollar would cost 12.91% annually in Cover Protocol, while it only cost 2.6% in Nexus Mutual. We can calculate capital efficiency quantitatively by dividing the active cover amount over the capital pool. Nexus Mutual is having a capital efficiency ratio as high as 200%. While for Cover Protocol, by design, it will always be less than 100%.

Cover Protocol only has coverage for 22 protocols, while Nexus Mutual has coverage for 74 counterparties. Nexus Mutual offers more flexibility on cover terms where users can decide to start the cover on any day and have a coverage period up until one year."

Coin Distribution

Team, Funding, Partners, etc.

Team

"Currently, the Nexus Mutual team is around 8 members led by Hugh Karp who has over 15 years of experience in the insurance industry, including the role as CFO of UK Life Operations. Other notable team members include Board Member, Gareme Thurgood, who has 17 years of extensive experience launching mutuals in the UK and prominent Ethereum community member, Evan Van Ness."

Funding

"The company has raised an undisclosed amount from blockchain-based venture capital firms such as Kenetic, KR1, MilliWatt and 1kx."

"Although we do not have a lot of funding as a team, we take this seriously [there were bugs found] and have decided to launch our own bug bounty program."

"Received a $2.7 million boost to its foundation treasury, the not-for-profit umbrella organization charged with selling NXM tokens to fund core development of the protocol. The strategic contribution was led by Collider Ventures with participation from Nick Tomaino’s 1confirmation, Blockchain Capital, Version One, Dialectic, 1kx and several angel investors."

Partners