As the blockchain ecosystem matures, the security needs of the space are evolving. Initially, the security needs of the space focused on smart contract security, and for good reason: since 2017, well over a quarter billion dollars worth of cryptocurrency was lost or stolen due to bugs in smart contracts. Audits are still an essential component of blockchain application development, however, even audits do not completely eliminate the possibility of a bug being present in code.
This past year, the growth of blockchain applications was impressive. Despite a bear market, the value of cryptocurrency managed by decentralized finance (DeFi) applications went from under 1 billion USD to over 10 billion USD. In order to continue this growth and achieve mainstream adoption, the risk of a bug slipping through an audit needs to be accounted for.
Managing Risk in Traditional Finance
In our everyday lives, there is always the chance that an unlikely event takes place that leads to expensive one-time costs. For example, you might get into a car accident, get really sick, or your home might get damaged. Most people do not have the money onhand to deal with these situations, so they purchase insurance to hedge that possibility. Insurance also helps businesses manage unlikely, but expensive events so they can focus on making profit and delivering value to their customers.
The Status of Insurance in the Blockchain Industry
Insurance in the blockchain industry is still in its early days and, until recently, has focused on insuring exchanges. Coinbase insures its hot wallets up to 255 million USD. Crypto.com recently secured a 100 million USD insurance policy for its cold storage wallets, bringing the company’s total cryptocurrency coverage to 360 million USD. Binance insures its derivatives platform which protects leveraged traders during market volatility.
More recently, on-chain insurance was popularized by Nexus Mutual. DeFi users purchase coverage for specific smart contract applications. When an alleged exploit occurs, Nexus Mutual token holders vote to determine if users should be paid out from funds deposited by risk assessors. Risk assessors deposit funds in coverage pools that they believe are safe in exchange for rewards.
Quantstamp is Uniquely Positioned to Assess Risk
Quantstamp’s extensive experience in the blockchain space has made us uniquely qualified to assess risk in this industry. Quantstamp has secured over 5 billion USD worth of digital assets and worked with over 140 startups, foundations, and enterprises. We have worked with the Maker Foundation, Curve, Binance, eToro and OMG Network. We also have experience auditing Layer 1 protocols including Ethereum 2.0, Avalanche, Binance Smart Chain, and Cardano.
Quantstamp offers three types of services that help individuals and businesses protect themselves against smart contract security risk. First, Quantstamp serves as an actuary. We connect companies seeking to insure funds deposited into DeFi applications with insurance providers. Normally, these insurance providers would not insure DeFi deposits because they are not qualified to assess risk: however, they choose to insure these funds because Quantstamp assesses premiums and investigates reported vulnerabilities on their behalf.
Quantstamp also offers smart contract warranties to clients who received an audit from us. After performing an audit, we provide compensation to clients in the event that funds are lost due to a bug in audited code. Clients can use this compensation to refund users.
Clients can also provide coverage to their users using their own funds through infrastructure created by Quantstamp. Clients deposit their funds into a coverage pool that users can collect from in the event of a confirmed exploit that led to the loss of funds.
The Future of Finance
Blockchain technology has already demonstrated its ability to enhance finance: digital assets are hyper-liquid, DeFi composability enables powerful new applications, and many tasks that previously required human intermediaries are fully automated. Despite these innovations, mainstream institutions sit on the sidelines because risk assessment is underdeveloped in the blockchain industry. This prevents institutions from properly hedging against black swan events as they would in traditional finance. As the industry's security experts, Quantstamp is prepared to use our extensive knowledge to develop this portion of the industry and continue to push the DeFi space forward.