Quick answer
DeFi insurance protocols offer coverage against smart contract exploits, stablecoin depegs, and exchange insolvency — risks that traditional insurance does not cover. Users pay a premium (typically 1–5% annually) to purchase coverage. If a qualifying exploit occurs and a claim is approved, the protocol pays out from its underwriting pool. Claims are decided by decentralised governance rather than insurance company adjusters.
Why DeFi Insurance Exists
Traditional insurers do not cover smart contract exploits. The risk is new, technically complex, and difficult to price actuarially. Lloyd's of London and specialist firms offer some crypto custodian insurance (covering centralised exchange theft), but DeFi smart contract coverage from traditional providers is rare and prohibitively expensive for most users.
DeFi insurance protocols fill this gap with decentralised, on-chain coverage underwritten by capital providers who earn premiums and governed by token holders who vote on claims. The model mirrors mutual insurance: members pool capital to cover each other, with no insurance company extracting a profit margin.
Real payouts have occurred. Nexus Mutual paid $2.4M after the bZx exploit (2020). InsurAce paid approximately $11.7M to UST/LUNA holders after Terra's collapse (2022) — one of the largest DeFi insurance payouts in history. Sherlock paid $4.5M after the Euler Finance hack (2023).
Leading DeFi Insurance Platforms
| Protocol | Coverage Types | Claims Process | Notable |
|---|---|---|---|
| Nexus Mutual | Smart contract exploits, stablecoin depegs, slashing, custodian hacks | NXM staker governance vote | Oldest and largest; launched 2019; ~$500M coverage sold |
| InsurAce | Smart contract, stablecoin depeg, exchange insolvency | Advisory board + token vote | Multi-chain; cross-protocol bundle discounts available |
| Sherlock | Smart contract exploits at protocol level | Auditor assessment + UMA arbitration | Unique audit + insurance combined model |
| Neptune Mutual | Parametric (no claims submission needed) | Automatic on-chain trigger | Instant payouts when predefined event occurs |
| Unslashed Finance | Slashing, smart contract, exchange hacks | UMA oracle arbitration | Ethereum-focused; underwriter yield strategies |
How Nexus Mutual Works
Nexus Mutual is the oldest and largest DeFi insurance protocol. Members buy NXM tokens (representing membership) and can purchase coverage or stake capital to underwrite coverage on specific protocols.
Coverage types: Protocol Cover (smart contract exploits on specific DeFi protocols), Custodian Cover (centralised exchanges), Yield Token Cover (yield-bearing tokens affected by underlying protocol exploits), and ETH Staking Cover (validator slashing).
When a covered exploit occurs, a member submits a claim. NXM stakers who have staked on that protocol assess and vote on its validity. Approved claims pay out from the capital staked against that protocol. Stakers who vote correctly earn additional NXM; those whose staked protocols get exploited can lose part of their stake — creating incentives for careful risk assessment.
Nexus Mutual requires KYC verification and is restricted to non-US users due to regulatory constraints. Non-US individuals can join and purchase coverage through their platform at nexusmutual.io.
What DeFi Insurance Covers and Doesn't
- Typically covered
- Smart contract code exploits resulting in direct fund loss; stablecoin depegs beyond a defined threshold (e.g., USDC falling below $0.90); validator slashing; custodian insolvency (for Custodian Cover products).
- Typically not covered
- Market price declines (falling ETH price is market risk, not insurable); user errors (wrong address, lost keys); rug pulls by founders; economic attacks that don't exploit a code bug.
- Grey areas
- Flash loan attacks that exploit protocol mechanics without a clear code bug; governance attacks; bridge exploits (covered by some protocols but not all — always read the specific policy wording).
Is DeFi Insurance Worth Buying?
Whether coverage is worth the premium depends on position size, protocol risk, and personal risk tolerance. For a $10,000 position in Aave — a multi-audited protocol with years of clean operation — paying 2% annually ($200/year) is arguably excessive. For a $100,000 position in a newer or more complex protocol, insurance is worth serious consideration.
Coverage is most valuable for: large positions in protocols without a long security track record; positions in bridge contracts (historically the most exploited category); and institutional participants who need to quantify and cap their DeFi risk.
Important caveats: DeFi insurance protocols themselves carry smart contract risk. Claims processes can take weeks to months and may result in partial payment. Always review the specific coverage terms before purchasing.
Frequently asked questions
How much does DeFi insurance cost?
Premiums vary by protocol risk and coverage type. For established protocols like Aave on Nexus Mutual, annual premiums are typically 1–2% of the covered amount. For newer or more complex protocols, premiums can reach 5–10%. Neptune Mutual's parametric products have simpler fixed pricing per coverage amount and duration.
Has DeFi insurance actually paid out?
Yes. Nexus Mutual paid $2.4M after the bZx exploit (2020). InsurAce paid approximately $11.7M to UST/LUNA holders after Terra's collapse (2022). Sherlock paid $4.5M after the Euler Finance hack (2023). These are real, documented payouts — though claims processes were contested and took time to resolve.
What is parametric DeFi insurance?
Parametric insurance pays out automatically when a predefined on-chain event occurs, without requiring a claims submission or governance vote. For example, Neptune Mutual covers pay out if a stablecoin falls below a defined price threshold — near-instant and process-free. Parametric covers are faster but cover only the specific defined event, not all possible exploits.
Can you insure an entire DeFi portfolio?
Some protocols (InsurAce) offer bundled portfolio coverage across multiple DeFi positions at a discount compared to individual covers. However, full portfolio insurance is expensive and multi-protocol claims are more likely to be contested. Most users insure their largest individual positions rather than entire portfolios.