Open Finance Can Protect Those Who Legacy Insurers Can't Serve

Says Hugh Karp, founder of DeFi insurer Nexus Mutual

Hello defiers! Sharing with you today an interview with Nexus Mutual founder Hugh Karp, who is taking on the massive task of helping protect users from the many risks if decentralized finance.

In our chat he explains how the system works and what risks are covered (DAO-like hack? Yes. Oracle failure? No). Hugh also shared some updates coming up, for example, Nexus Mutual will eventually start investing part of its pool of capital, it plans to add coverage areas around slashing risk and wallet recovery, and it will soon start taking Dai (it currently only holds ether).

He also says builders are just starting to scratch the surface with DeFi and we’ll soon see them make applications that traditional finance simply can’t do. He shares his bigger vision for how the insurance can leverage open finance to increase access for those who traditional insurers can’t serve.

Image source: Insureblocks

The interview has been edited for length and clarity and I’ve bolded my favorite parts.

Hugh Karp: In terms of background on myself, I've been doing insurance for about 15 years. I'm an actuary by training, we basically price and calculate reserves for insurance companies. And so do all the numbers side of things. Been in insurance for quite a while, I was most recently the CFO of Munich Re's life operations in the UK, so had a pretty big balance sheet. So kind of know the insurance world inside out.

I went down the Bitcoin rabbit hole quite a long time ago. I didn't really understand how it worked or anything, but I was fascinated that you could send money to someone else without anyone in the middle. That's what got me really interested in it. I explored things for a little while, but I left it alone because I found it interesting, but I didn't really know what to do with it because it was payments and that wasn't my knowledge base.

Then Ethereum came along and I heard about it a little while after it launched and I put the two pieces together and thought if you can write an if then statement, then you can essentially do an insurance contract. Ans I've been fascinated by cooperatives and DAOs, and the insurance version of that type of structure is a mutual, where it's community-owned and run and the benefits are for the community.

Camila Russo: Did you start thinking of how you could incorporate that to your business?

HK: I got a little disillusioned with the insurance space because I felt like we were just shifting capital around to allocate it in the most efficient way and we kind of lost sight of the customer a bit. Essentially there are a whole bunch of rules that you have to abide by and how much capital you have to hold and all the rest of it. And so we spent a lot of time doing that rather than focusing on how we could make the products better or distribute them in a different way and help people out. And so it seemed to be very much back-end focused. I know that that's needed, but it didn't fit with what I would like to do. And we just spent a lot of time, in my opinion, with this big rule set that we were trying to optimize rather than actually helping people.

CR: So when did you make the complete jump from traditional insurance into blockchain insurance?

HK: Early 2018, so pretty recently. We had been working on the project for a little while before then, doing a lot of research on my spare time to kind of make sure that it could work and we could actually sell something without getting shut down. But yeah, early, 2018 I went in full time.

CR: You went full blockchain at the very start of the bear market. How was that like?

HK: We raised a seed round right at that point. That was the jumping off point and yeah, it was a bit of a trial by fire because it was obviously a tough year in 2018 and early 2019. Aside from the kind of money side of things not being as available, we were focused on just building stuff anyway, so it didn't impact us too much. It probably had a bit of an impact a bit later on when we were trying to raise more money to launch and we had to delay and change things and cut the team down a bit.\

CR: Around when were you trying to raise your second round?

HK: Basically Devcon4. I had a feeling we were pretty close and then ether dropped. And then people decided to just sit on their hands for a bit, which makes sense. We struggled through and managed to release the product May this year.

CR: To me it's always amazing how DeFi basically was born in the middle of a bear market. Can you tell me more about the basic idea, the pillars, behind Nexus Mutual?

HK: On a higher level our aim is to to rebuild the mutual model and allow it to scale. That's what we want to do. More specifically, we're trying to build a new version of an insurance company, one that's much more flexible and quick and can handle new risks as they come out. I think if you just look at crypto as a good example, it's very hard or impossible to get cover for certain risks from the regular insurance industry. They offer some cover things like cold wallet storage for an exchange and sometimes very, very small amounts of a hot wallet, but there's very limited capacity out there and a lot of people would just say no straight away.

In general mutuals are kind of like a community version of an insurance company, like a do-it-yourself version, and there's been instances in insurance history where the capacity from insurance companies is being withdrawn from the market for whatever reason. And then what happens is that the mutual sector steps in to to help out, like in the shipping industry it happened. So that's what we are aiming to do. We think that DeFi and Ethereum are building a parallel financial economy and any economy needs an insurance solution to work. Everyone can't take those risks on their own. They needs to share them. So that's essentially what we're trying to do.

CR: Can you walk me through how it works? Am I understanding correctly that this mutual is co-owned by the community and every participant in this mutual has to put up their own capital to participate? Can you explain the process?

HK: That's right. You can do multiple things, but everyone's in the same group under the same mutual. If you're a customer, then you just do what a regular insurance customer would do. You get a quote, you get a price, and then if you're happy with it, you pay your contribution in our case, or premium and that goes into the common pool of funds. You also partly own that common pool of funds and that ownership is managed by our token. Alternatively, if you want to help out on the capital providers side of things, then you can put in money and you get some of the native token and you can stop there if you wish. But you can also use the token for various functions like staking and governance and other things. But in general, if you just want to be a customer, the token just kind of sits in the background and gives you a small ownership of the mutual. So if it does well, then you can cash those tokens out or use them to contribute to your next cover for purchase or something.

Image source: Nexus Mutual website

CR: Is the token is meant to represent a stake in the total pool of capital?

HK: Basically it represents the membership rights of the mutual, and the members own the mutual, so yes.

CR: Okay. And do users receive correspond to the amount of money they put in?

HK: No, we have a bonding curve model or formula-driven price that determines how many tokens you get at a specific point in time. Basically you get more tokens when we need more money in the pool, you get less token when we're well funded. So it's dynamic to make sure we have enough money in the pool, but not too much. Enough to cover the risks that we're facing, but not that we're sitting on excess capital that's not being deployed effectively. So the idea is to balance that over time. I think if you compare it to the typical ICO model where you raise a bunch of money in one go and that's all you've got, the mutual needs to raise money as it grows to support its growth. So we needed a method to organically grow, with demand, and so that's what the bonding curve does.

CR: So you mentioned that you wanted to create a system that better serves the needs of users in this new financial system, which hasn't been well served by traditional insurers. Why is does your system adapt better to DeFi in this case?

HK: There's two elements. One it's just generally insurance companies are slow to take on new risks. The fundamental thing is insurance companies don't want to take on new risks until they have data to understand the risk. And if something's so new that it doesn't have any historic data, they really struggle. They will start entering the market when they see a big enough opportunity to do so. And they're willing to take the, the potential downside of getting it wrong. But DeFi is not there yet. There's a massive education gap and they're not willing to spend the time just yet. That's what will happen with all new technology or new areas.

In terms of our model, I think one thing that makes us different is that we're very efficient because everything's automated so we can move more quickly. The pricing mechanism we're using is probably the one unique thing that helps us address new risks quicker. So instead of relying on historic data, we rely on people's staking against risks that they think are good. So it has some elements of a prediction market to it. The more the more people stake against risks, the lower the price of cover, and if there's a claim, then they can lose some of the stake. We have an economic reward system built in to encourage that process. But it allows us to effectively price with without historic data because we're using economic incentives to drive the price. Therefore we can cover before the insurance companies get there.

CR: So much like the rest of DeFi, you’re using collateral and, in some way, staking in your case, to hedge against the risks of this decentralized system.

HK: Yeah, that's right. I think one of the interesting points versus most of DeFi is that insurance works because it heavily under collateralized. So everything in DeFi right now over collateralized, but insurance is all about spreading risk and being able to cover many multiples of potential claims with a lot less capital on the assumption that not every single claim will come up at once. That's one of the interesting things about us versus money markets or lending protocols or prediction markets.

CR: On your growth since launch, how have you seen the response? How much is available for cover right now?

HK: You can get about $250,000 worth of cover on any particular system right now. One of the challenges is we're still at a relatively small amount of capital in the pool, so we can't cover massive risks. There's a hundred million or so in Compound, but we have less than 2 million in our pools. So we can't cover all of that because if there was a claim then we couldn't pay it. We basically have to put caps on things. Right now you can cover about 250k in any particular system but more and more capacity will start opening up as people provide capital to the pool and as a surplus is generated.

So we're definitely in the early stages right now and we need to grow. I think one of the really interesting things is there's a lot of people out there that are after quite substantial amounts of cover that we can't meet right now. But we will get there. I describe it like a flywheel. If you have more capital than you can sell more cover, that generates more surplus, that generates more capital and it continues to grow.

CR: Are you expecting it to kind of grow organically or, or what kind of strategies are you foreseeing to increase that liquidity?

HK: Definitely the aim is to get it to grow organically, but I think we need to step it up a little bit further to get to the next level of demand to then kickstart the growth a bit more organically. We're looking at various options to do that. And I think in general what we're doing, we are doing a lot of new stuff on economic incentive structures and things and we never expected to get all of it right in the first deployment. We're definitely iterating and experimenting with new things and we've got some new changes coming up on staking and we've recently released some stuff on how the capital works. So we're experimenting there to try and find the right model that clicks to get us to grow basically.

CR: Is raising more money in a VC round an option? Could you deploy those funds into your pools?

HK: Yeah. We're talking to different funds and different individuals and different people to contribute directly into the mutual because anyone can do that. So that's definitely an option.

CR: I want to understand what specifically what people are protecting against. Is a hack protected? Is a smart contract bug protected? What cases work and which ones are not protected.

HK: I find it easier to describe it in terms of the risks involved with interacting with a smart contract and then what we cover. There are three main risks of interacting with a smart contract. One is the technical risk of the smart contract failing. It was designed to do something but it wasn't coded correctly or had a bug and it was hacked. It did something that wasn't really ever intended by the developers. So like the DAO hacker or the Parity multisig, that type of thing. And that's what we cover.

There are other two classes of risks. The first one is the external risk. And that's oracles, or governance, or something outside the system, interacting with it in a way that wasn't intended or attacking it. The smart contracts still works, but say the oracle fails or gets co-opted or something like that, or the governance mechanism gets corrupted and they maliciously change a parameter because they've got the control. So that's not covered right now, that's a very hard one. I think we can make some inroads in that area in the future, but it's hard to cover that when as an example, one particular individual could change the parameters in the system and take all the money. It's very hard to cover that one.

The third one is the economic incentive failure, which we don’t cover. It doesn't necessarily apply in all circumstances, but for example, Dai losing its peg because the stability fees or whatever weren't adjusted in the right way or something else happens.

I think one really good example is actually Uniswap. With Uniswap there's actually no external risk or economic incentive value risk because those two things don't actually apply. So in that case we cover all of the risks. But for something like, as an example, Compound, then the Compound team still has some control over certain things and they can upgrade the contracts and if they want to do that maliciously, then that wouldn't be covered.

CR: In the first case where the smart contract doesn't work like it's supposed to, is there a tricky line there? Because you mentioned the DAO and there, the attacker exploited the code in such a way that they were able to drain the, the main DAO, but the code actually did work how it was supposed to, they just found this loophole. So how do you make that kind of distinction?

HK: I think there are definitely going to be gray areas in some of the circumstances, but I think it's going to be pretty clear in the absolute vast majority of cases. I mean, there was never the intention of the people that coded the DAO for someone to be able to drain it. The intension of the code was to create a common investment pool structure and share the rewards amongst people, at a very high level. And it did something that clearly they never intended to do. With the Parity multisig its the same thing. So to me, those cases are very clear. But there will be gray cases. I mean, in insurance, there are always gray cases. It's never, it's never always black or white. But it's going to be pretty clear if fund somehow just disappear.

CR: Are you planning on including other cases to protect against, like external failures and economic failures?

HK: We're definitely looking at it and working out how we can. They're not easy problems to solve, but it's definitely one thing we want to look at. In general what we want to do is absorb DeFi risks, whether that's slashing risks in staking networks or something else. We've started with what we thought was the most obvious, but we're definitely looking to add other products, depending on what makes the most sense. So it's definitely on the list, we just have to be very careful how we do it.

CR: Sure. Is there one that you think is more likely to come first?

[ … ]

Paid subscribers have access to the full interview! Subscribe now so you don’t miss any of The Defiant content :) Subscribers reading this post: Head to posts marked with the little lock to see the full content.