Insurance Mining | The Future of DeFi Protocol Protection? #XIOfeedback

Projects offer liquidity mining programs to bootstrap their protocols. Why not insurance mining?

#XIOfeedback What do you think of this idea? Is it feasible? How would you setup the governance of claims? What are the downsides to this system? Do you know of any projects that have done this in the past?


I like the idea of adapting a LP module for specific application. A startups “Premium” would be their allocation of tokens to reward “Insurance providers.” It may be able to motivate community code audits and debugging if Insurance providers are betting there will be no exploits.

I wonder how a yield would be determined based on the security risk the protocol faces. Also how could the Insurance pool prevent a “Death spiral” if it faces multiple exploits in a short period of time?

Additionally, would this be intended to replace an insurance function, or compliment a more traditional insurance provider?



What do you think of this idea?

Im still trying to wrap my head around this thought because it make sense if there is an exploit to know that your protected, and even if there is not one you will be compensated.

Is it feasible?

It is possible for us to come with an idea for this but how beneficial will it be in the long run and for how long would we have the “insurance mining” running for.

How would you setup the governance of claims?

For the claiming of the tokens to persons who provided insurance it could be claim on a monthly basis at a set percentage if there is no exploit for that period, and if there is an exploit depending on how bad it is persons who were affected would get back what they had before the exploit.

What are the downsides to this system?

Depending on how big an exploit was it cud severely damage the product if the insurance fund is not sufficient to cover it.

Do you know of any projects that have done this in the past?

Im very new into crypto not alot of knowledge on projects developing but ill keep an open ears. hopefully we could come up with a project to provide insurance for other projects.

PS. Im still brainstorming on this thought.

1 Like

The benefit about Insurance, is it’s not a 1-1. The example you gave of the insurance provider you reached out to is 1-1, that’s not insurance tbh as you rightly pointed out.

The premiums from each person buying insurance are pooled together and that’s the claims pool. The risk in traditional insurance is mostly on an individual basis. What you’re describing about protocol insurance is not an individual, but a protocol. As such, the claims pool would need to be the collection of premiums paid by the protocols.

Let me see if I understand you correctly:

  • 5 protocols = P1, P2, P3, P4, P5

  • each protocol puts 10% of their total supply into the insurance pool.

  • let’s say each protocol has an ICO that makes the list market cap:
    P1 = $10M
    P2 = $20M
    P3 = $30M
    P4 = $40M
    P5 = $50M

  • the protocols all launch on the same date and so the pool has $15M worth of protocol tokens in it.

  • users can lock their ETH for 100days and mine a single project or the entire pool?

  • let’s say the pool is completely mined, so the pool now has $15M worth of ETH (assuming no price fluctuations in that 100days).

Claim Scenario 1:

  • On day 99, P1 has an exploit, and the insurance pool pays out $10M ETH to P1 wallets.
  • ~$5M ETH still remains in the pool.

Claim Scenario 2:

  • On day 99, P5 has an exploit, and the insurance pool pays out only $15M ETH to P5 wallets. This is only fractional coverage for P5.
  • The entire pool is now at ~0 ETH / ~0 protocol tokens.


I’m not seeing how the pool can raise enough ETH to cover all the protocols. You’d need many many protocols signing up, and still mostly likely only get fractional coverage for users.


What if instead of ETH being pooled that acts as collateral, if it is the APY interest the pooled tokens earn that acts as collateral? Specifically if it is upfront yield by a future Zynthetics protocol? If for example 100M ETH locked up for 1 year can earn 5% APY upfront for 1 year, then that creates a 5M ETH insurance pool, at no risk to the original stakers 100M ETH that they are guaranteed to get back. I would have no problem staking ETH in this situation because it is no risk of losing it.

It’s an interesting idea. There are a number of small projects trying to provide some sort of insurance model to defi. One I know of I thought was doing ok but just checked and they ended their project. They just said they had trouble hiring a development team. It’s not such a hot area as far as I can tell, which means there is plenty of room for innovation.

A product like that would actually be helpful for the blockzero system itself. If a new token is not needed, I wonder if there was a way to integrate an insurance mechanic into xio itself. Similar to how zynthetic would operate on top of the flash protocol.

1 Like

It is a very interesting idea.
From user perspective: I feel like the yield will have to be very high for people to use this. If you have a token of a project you take the risk, but the general assumption is that if a project is exploited you will somehow be compensated. If you do the insurance mining then obviously, if an exploit happens you will lose your money. I am trying to decide if I would be willing to insurance mine some protocol and I am not sure. Maybe Uniswap?

This will create interesting arbitrage opportunities for users with something like Nexus mutual. Imagine you insurance mine Flash but then also buy flash cover on Nexus. So if it does get exploited you get some money back there?

Risks: I worry about something like a rug pull with this. I am not sure how it would work. But I wonder if there are some ways to exploit it for neferious project creators.


Actually, are we thinking of insuring the protocol or the individual. Two very different kettle of fish.

A very interesting idea. But my bottom line up front opinion is that you won’t be able to make APRs high enough to incentivize long term insurance when their are low risk alternatives. Math below:

Looking at it from a mathematical perspective - Early projects are usually only work 1-10 million USD Marketcap. Being very optimistic, let’s look at a 10 million USD project using a 10% of its tokens to incentivize insurance. Therefore token value creating insurance farming incentives: 1 million USD.

If you wanted half of your projects value covered then you want 5 million USD in Eth being perpetually locked up. For a years worth of cover, burning through your entire token allocation for insurance, you would have to have an APR of 20% on the ETH.

5 million USD insurance target x 20% APR = 1 million USD for a years cover.

Consider that staking ETH is 5-10% profitable, and has virtually no risk. You are instead asking ETH owners to have 100% more risk for only double, or 10% more APR, in the native token of the project in question, & that only covers you for a year at half your projects value.

The owners have 100% risk of liquidation, & have to gamble that the new project will go up in value faster than ETH for their tokens to be valuable. I don’t see these risks being acceptable when high APR options for yield are everywhere these days!

Just my thoughts!



The idea is good, there are no other projects that are doing the same thing as far as I know. For sure it would bring something original, and we could advertise our app as the only one with internal and automatic insurance. The only problem is that the insurance would only cover part of the funds lost in the event of a hack. This is because the insurance fund would hardly get as big as the app. Furthermore, if the fund is made up of the same currency that is hacked (for example flash) the fund would probably go to zero value as well. So it is better if the fund will consist solely and exclusively of eheter or Bitcoin, safe and non-hackable coins.


Interesting idea, I got a bit confused during the explanation. To sum up in an example for Flash:
Blockzero would give Flash in some amount (10% of initial supply) to the insurance pool.
Insurance providers would stake for example ETH for a given period of time and earn a percentage of Flash from the insurance pool.
In case of exploit, the users would get proportionately ETH from the insurance pool.

Project - has insurance, does not have to get insurance with an insurance company, which they might not be able to afford/or the ratio of staked tokens is unreasonable (e.g. stake value of 100 million to get insurance 100 million)
Users - they know their funds are insured to some degree. Means more/better security
insurance providers - can earn for staking their tokens

Project - who governs the amount in the pool? who has access/controlling power and decides, when the insurance will be paid out? Is it the project team itself, an extern actor or can this be programmed on a blockchain (not sure about the technicalities). Thought being: who ensures, that the tokens in the insurance pool won’t be taken out prior exploit?

insurance providers - the yield my need to be very high as the risk is very high as well, mostly for new startups. Who will the insurance providers be? Members of project, community, outsiders, whales?
Insurance companies (as you mentioned want a ratio 1:1) what would be the threshold of the other insurance providers (not insurance companies)?

It is definitely a good idea worth exploring further



i don’t really understand what would be the point to be an insurance provider… i mean, maybe i’m not seeing it but the thing would be like: i lock (stake) let’s say 10ETH for example.

in exchange for that i get daily farming rewards. but the point is: if the token is hacked? i mean, my 10 eth would be lost because they are there to repay (cover) the hack isn’t it?

the point would be so: how much APY do i need to make this worth it. or… what is the probability of a token of being hacked?

doing a calculation of that is extremely difficult: it depends on too many things (you know, what are the developers of that poject? was it audited?, does it have a strong and big community and regular improvements?, etc…). That’s the most difficult point in my opinion.

than, the apy should decrease with the passing of time because that means that the token is less unsecure (since noone exploited it for so much time)…

there are projects that offers insurance such as polkacover for example… but i don’t know how it works (maybe they want you to buy their token as you said…)

why would you stake any ETH if the rewards are for the insurance? i mean are you staking eth for no rewards at all?

that could be ok if it is the team of a project that put like 10% of tokens for the insurance since noone would ever stake some of his tokens to get no APY

1 Like

I like the idea but for this to take off ground, a project would need to offer really high apy in order to get users to come in. There are plenty of farming pools with high apy’s in which the token used for farming is not in risk. 20% apy wouldn’t cut it for me

That being said, i believe it’s an idea that is worth exploring. Are we considering creating our insurance token where projects would create insurance farming pools against our token Y? We would need to careful, because very easily the exploited could become the exploitee but with some careful considerations might be worth to assess

1 Like

What do you think of this idea?

Having some kind of insurance definately sounds amazing … the question that comes in mind is if you provide 50ETH and there is an exploit they basically lose those 50ETH, because its destributed to other people? What would happen to those 50ETH if there never were any exploits?

Its basicaly like a federal reserve to spit it out when you need it :stuck_out_tongue:

Is it feasible?

Its definately feasible, if it is like you said … there also come questions of how many % to allocate and rewards and such.

What are the downsides of this system?

It is definately a good startup protection, but when the project lives longer there is not much point left in this insurance. Also if the providers lose their 50ETH because they provided it for compensation of those impacted by exploit, it sounds like a gamble.

Do you know of any projects that have done this in the past?

Not that i would know of.

A number of issues/questions come to mind:

  • Fraud. Intentional bugs in the protocol that lead to claims.
  • Since the insurance premium is paid in the insured native token, the premium/yield would be variable and could potentially become worthless if the native token’s price plummets.
  • Large portion of revenue for insurance companies comes from investing the premiums collected, e.g. into high yield bonds. Would this be possible in this environment?
  • How do we appropriately price risk to each project? Proper diversification of the risk pool is key for profitability.
  • Reinsurance would probably be necessary for starting up, but as you mention, finding worthwhile insurance in this space is few and far between.

I like the idea and I think it is feasible with a large amount of clients, but this would require a ton of work and most likely an active staff to sort through all the risk pricing, claims, investing, etc.


Do you really believe that the blockzero team would do such a thing, ever? I am ready to bet my money on it. Wait, I already did a bet, since I am invested in blockzero since day one :joy:

Yes, that is mymain concern as well. Could be easily avoided with the insurance fund being issued in a stable coin, bitcoin or ethereum.

Mmmh, that sounds risky, honestly. Maybe putting the fund in something like blockfi etc could be doable though, and we get an extra % yield on the fund

1 Like

Of course not! I mean that the clients who are purchasing the insurance could potentially commit fraud. People could create protocols with bugs in them for the sole purpose of getting hacked or hacking themselves and making claims to get paid out by the insurance we provide. Insurance fraud is an age-old problem and accounts for about 10% of losses in the insurance industry.


Hey Dash,

It’s a good idea, have a few thoughts:

  1. Will we have a separate insurance fund for each project or a combined insurance fund?
  2. If we choose a combined index fund, contributors can have AQUA like rewards over and above the tokens of projects
  3. Pros - new projects can leverage a lot, attract more people, Insurance providers - will get good amount of new tokens
  4. Cons - if the project fails to deliver insurance providers have to settle the downside

Can there be a way to give positive reward to insurance provider even if the project fails, something like flash staking? probably they can earn something from BlockZero as well + tokens from project

Also they can have an option to unstake early and burn some rewards.


1 Like

I share these, mathematically the alternatives seem to be hard to beat.
This was also illustrated by the pool example:

If the idea is about native tokens and not stablecoins or ETH the problem raised by Gnaru is sound.

Other trouble I see, thinking about the Flash exploit, that happened despite an audit, the risk assertion that an insurance should cover is almost impossible for most crypto investors.
I believe there are some very talented knowledgeable citizens around here that were surprised by the exploit. That said, if you cannot assert the risk, it’s equally difficult to assert the reward for coverage?

If you have for all projects a competitive high APY for insurance, it gives the impressions that all participating projects are high risk and that might not be in the interest of young projects.

Concerning the fact that most exploits are found at an early stage, there is also the chance that the best exploits are only revealed or possible later when the project has a significant higher market cap. Having an APY that balances capital at risk and likelihood of an exploit sounds to me very difficult.

Also everything that is connected to the scope and damage evaluation that needs to be somewhere documented sounds very complex. Personally I hope that insurance policies and small prints is one thing that blockchain won’t adopt.
Just an example: could/would/should this be a case for an insurance?

I just pulled the rug at my NFT collection on @opensea . Nobody got hurt.
It is pretty easy to change the jpg, even if it does not belong to me or it is on auction. I am the artist, my decision, right?
A thread from somebody making his living with art irl about the value of NFTs.

— neitherconfirm (@neitherconfirm) March 9, 2021

Despite all my concerns, I think the idea behind it is good. Stability and security is something that Blockchain needs. But perhaps there needs to be other ways that are less dependent on the financial competitiveness of an insurance APY. A different way to see insurance is sharing the risk, commonly investing in protection or distributing the damage. Defense expenses financed by tax are an example, social insurance for sick and unemployment is a different one.

This might not sound as attractive as high yield insurance provider reward, but perhaps one could think this thought further? It’s friday evening and I would like to enjoy a :beer:

PS: I am super excited about tomorrow! Feels like having bday twice this year :smiley:

1 Like