Hey DeFi'ers, thanks for checking out the DeFi Podcast! This week's episode features Hugh Karp, founder and board member of Nexus Mutual. Nexus Mutual provides insurance against smart contract failure. During the interview, Hugh explains what smart contracts are, how Nexus Mutual automates the process of providing and obtaining coverage, and the role he sees Nexus playing in the Ethereum ecosystem.
Nexus Mutual - https://www.nexusmutual.io/
Hugh Karp - https://www.linkedin.com/in/hughkarp/
Helis Network - https://www.helis.network/
Kerman Kohli - https://www.linkedin.com/in/kermankohli
Kerman Kohli: 00:54
Hey everyone. Welcome to the DeFi podcast! Today we have Hugh Karp from Nexus Mutual. Hugh has been in the insurance industry for 15 years and he is here with us today to tell us about smart contract insurance and why we need it. Before we get there, can you tell us briefly what smart contracts are and what issues they have?
Hugh Karp: 01:16
Yeah, I think smart contracts are neither very smart or a contract, so that’s kind of the starting point. They are actually just small computer programs that run that can’t be stopped. I think that’s the key difference. If I think if it’s easiest to think of an example, like if I want to transfer to you Australian dollars and you want to transfer me British pounds as an example, then we have, and we don’t trust each other or we don’t know each other, then we’ve got this issue that who transfers money first because then the other person can just take some money and go away. So one of the things smart contracts can do is basically go as long as both people commit to transferring the money me at the same time, they will do it in one transaction and make it happen, and so there’s no kind of escrow type of issue. And in that way, I think it kind of replaces contracts in the real world. So in the real world, you may have needed a contract to make that happen because then you have legal recourse if someone doesn’t do anything. So they’re smart in the sense that they run automatically and they’re contracts in the sense that they can replace real work contracts.
Kerman Kohli: 02:35
Sure! And what issues do they have?
Hugh Karp: 02:39
The main thing is that once you’ve coded them, they always run as they have been coded. That doesn’t necessarily mean they run as intended because the code could have a bug bugging in that the developers have you haven’t quite caught. It’s very hard to encourage it to be a 100% quality over time.
Kerman Kohli: 03:02
Perfect. Suppose these contracts, which hold a lot of money, have a bug in them. Obviously, that means that the money is at risk. How does Nexus Mutual fit into this entire scenario? Smart contracts, bugs, risks, et cetera?
Hugh Karp: 03:19
Essentially we provide an insurance-like structure. We’re not actually insurance but we provide a claim or we have smart contract coverage that will pay a claim if there is a bug or a hack in a smart contract that leads to a financial loss. So basically, you can get covered just like you would with a normal insurance policy on your house or your car or whatever.
Kerman Kohli: 03:44
Wow, that’s really cool! How exactly does the structure work in comparison to say a traditional insurance contract?
Hugh Karp: 03:57
It’s basically very, very similar but there are some key differences. The main one is that you join a mutual or a kind of a membership club or a cooperative and that group of people decides which claims are valid. So you, instead of trusting the insurance company to pay out on claims, you’re trusting the group of people that you sharing risks together with to pay out of claims. The main difference there is that all of the money kind of leftover is owned by the members of the club, so there’s a stronger alignment of interests. They might be with the traditional insurance company.
Kerman Kohli: 04:40
In terms of insurance, it’s always certain claims which are paid out and certain claims which aren’t. What are examples of things which Nexus Mutual would pay out to holders or people who have been insured and what are things that they might not get paid out for?
Hugh Karp: 04:57
Yeah, so examples would be if the code just clearly has a kind of bug in it that just doesn’t work as intended. That’s the main thing. One example of something we wouldn’t pay out on is if the deployers of the contracts have the ability or the kind of administrative rights to update the contract or change the code and they use those rights to steal funds or update them in a malicious way, then we’re not covering against that.
Kerman Kohli: 05:27
In the case that a smart contract relies on another, our contract, assuming someone has purchased insurance for the first smart contract, what happens if the second one fails? The first one depends on the second one, so there’s this dependency.
Hugh Karp: 05:45
Yeah. So, and that’s where it gets a bit more complicated. You can basically buy cover on a system basis. So for example, let’s use MakerDAO as an example of a system and Compound as an example of a system. If you buy coverage on Compound and MakerDAO, then you’re not covered, you’d have to buy cover on MakerDAO as well.
Kerman Kohli: 06:10
Is this obvious to people when they first sign up for insurance? How do you make sure that you’re transparent about the whole process?
Hugh Karp: 06:23
It is complicated. We have an open check where we go through a whole bunch of questions that we kind of siphoned as possible with that. There documentation about it, exactly what’s coming and what’s not. The information is there. This stuff is complicated and it’s new so we’re just trying to be as open and transparent as possible and communicate to people what it covers and what it doesn’t.
Kerman Kohli: 06:47
When is it ready for “normal” people to use or what are the barriers to mainstream adoption?
Hugh Karp: 06:56
It’s open and people can use it now but I guess you have to be on the kind of crypto naked side. You kind of know what you’re doing for it to make sense. In terms of what would be ready for normal people to use, it’s when we can make it easy to you know, if you want to do something with Ethereum, like DeFi or something, that we can get it to a point where you can get what you want to cover with that and add it on you know, you’re going on your flight and do you want travel insurance with that. So that type of process. I think we were working on the technology to get there but right now we’re not quite at that point.
Kerman Kohli: 07:38
Very cool. And how exactly are prices calculated? Do you have something which sets them; are they determined algorithmically?
Hugh Karp: 07:48
Yeah, so it’s a combination of two things. There’s an algorithm which is kind of one big of insurance companies do, but we supplement that with an economic process. People stake on specific smart contracts they think are secure and the more money that’s behind a particular smart contract system, the lower the price. That’s a pretty interesting piece of what we’re doing that’s quite different from traditional insurance which relies entirely on historic experience because we don’t have much historic experience with this. It’s only been operational for four or five years or less than that from any materials might contracts then, and so we have to take a different approach. So we’re kind of using this kind of betting or staking process.
Kerman Kohli: 08:38
Have there been any payouts so far?
Hugh Karp: 08:42
No, we haven’t had a payout yet. I found him in line for a couple of months. I’m actually very much looking forward to the first payout to demonstrate that the whole system works and not the fact that someone might lose money, but you know, to prove that the system works and it’s valuable to people. That would be really cool!
Kerman Kohli: 08:59
Sure! Can people buy insurance on the Nexus Mutual contract itself?
Hugh Karp: 09:08
Yes, it’s a bit recursive. Technically yes, but it’s a bit pointless because if I come back to attack, then there’s no money to actually pay the claim.
Kerman Kohli: 09:19
Of course, but that’s a very, very edge case scenario in that whole process. Last of all, why did you choose to solve this problem in particular?
Hugh Karp: 09:32
Ironically, smart contracts are built to minimize the need for trust between two people and you have to actually trust the smart contract to operate as intended. Unless you have the skills to look at all the data and code, and we’ve obviously seen events in the crypto space wherein hundreds of millions have been lost. We think it’s a key risk for the Ethereum community to advance and pretty much any industry needs insurance services and financial infrastructure that operates effectively, so we’re trying to do that for the Ethereum community.
Kerman Kohli: 10:19
What makes your team and skills unique in solving these challenges?
Hugh Karp: 10:28
It’s our deep knowledge of the insurance industry and how these things work, both economically and structurally. That’s a key difference. We’ve got a strong tech team but I think combining that with the actual insurance knowledge is where we can bring value to the community.
Kerman Kohli: 10:48
Cool; that’s about it! Was there anything else you’d like to add?
Hugh Karp: 10:56
Yeah. People buying coverage are using the platform buy cover mainly right now on the key Defi smart contracts, Compound, dYdX, UO, and MakerDAO and Uniswap and stuff. So it’s being used and people can come and check it out, too, if you want to have a look.