A list of the most common questions we get.
Nexus Mutual is a decentralised alternative to insurance. We're combining blockchain technology and the UK's legal framework for risk-sharing pools (known as "discretionary mutuals") to bring back the peer-to-peer structures from which insurance originated.
Built as a platform on the Ethereum public chain, it will allow anyone to become a member of the mutual, buy cover, and earn rewards by participating in risk assessment, claims assessment and governance. This replicates the workings of an insurance company whilst crowd-sourcing some aspects by providing economic incentives for members to contribute to the platform.
When Ethereum and smart contracts came along we realised we could apply our deep insurance industry knowledge to our passion for decentralised technology.
Specifically, we could see a solution to the problem of agency (where an insurer looks after customers' money on their behalf) as well as significant improvements in cost efficiency compared to the traditional insurance model. Furthermore, being already based in the UK, we have the perfect base to build out this concept due to the historic significance of mutuals.
The ultimate aim is to provide our members with simpler, cheaper, more transparent, and more accessible ways of accessing financial protection against their risks.
Initially, we will launch with only one product, Smart Contract Cover, the purpose of which is to provide the Ethereum community with a layer of protection against hacks in the value-storing applications (known as smart contracts).
Down the line, we intend to move into more mainstream products. We actually started building the platform on the premise of providing cover against Earthquake risks.
We've currently largely been talking to the cryptocurrency community at Ethereum developer conferences, targeting an initial base of advanced users.
However, Reddit and Discord launches are on the way, watch this space.
We're established as a company limited by guarantee in the UK and recently received approval by the Financial Conduct Authority (Bank of England) to use the protected word "mutual" in our company name.
By becoming a member, each participant in the mutual becomes a part-owner of the mutual, with membership rights represented by NXM tokens. This structure has no shares or equity by definition, it is a company run solely by members for the members.
An overview of the Token Model can be found here, and a page explaining the initial Token Generation Event is coming soon.
A token is needed in order to bind together the internal economics of the mutual, so that the platform can;
dynamically react to the prevailing conditions and capitalisation levels; and
reward active members for participating in the day-to-day operations of the mutual.
Nexus Mutual uses a token bonding curve (also known as a continuous token model), with the price in ETH driven by two main factors:
The capitalisation level of the mutual - the level of funds available vs. funds required to meet all claims with a certain probability.
The number of minted tokens.
For more details see our Token Model explainer page.
This is not an ICO, as Nexus Mutual will launch with a live, working product on main-net and then ask the community to crowd-fund the initial Capital Pool that will enable the platform to start selling covers.
Another important difference is that the platform and tokens will be immediately available for use by the community.
In the initial phase we intend to crowd-fund a high percentage of the Minimum Capital Requirement at a single price, allowing contributors of all levels to come in at the same price, before switching to the token curve. The token model will determine the price from then on.
The current plan is to launch on main-net in Q1 2019.
We currently don't have plans to be listed on exchanges and don't expect to be in the near future. Due to the nature of the token model and the requirement for tokens to belong to members only, any exchange listing would have to be highly bespoke.
Tokens will be redeemable directly from the platform for ETH, subject to some restrictions.
Yes, as long as the address being transferred to is also a Nexus Mutual member - the transaction will fail if this is not the case.
When the platform is live, Cover will be available for purchase by members from the dApp interface using a Metamask account.
We're making the process as simple as possible:
Specify which smart contract address you want Cover for.
Specify the Cover Amount, currency (ETH or DAI) and Cover Period.
Generate a quote and make the transaction using Metamask.
You are now covered!
We use a combination of two price drivers:
Parameters relating to the smart contract, including:
amount of time the contract has been live,
amount of value held on the contract (30-day average),
how complicated the code is (based on initial gas cost), and
how many transactions the contract has experienced.
Risk Assessors staking NXM to vouch for the security of the contract and hence lower the price.
Some of the parameters are still in the process of being fine-tuned, but we fully intend to publish the pricing methodology for community scrutiny and feedback before launch.
All smart contract addresses on the Ethereum blockchain that are verified on Etherscan can be covered by the platform.
However, the quote may return an un-coverable price (that is, above 50% of the Cover Amount per annum) for some smart contracts. These contracts have not been battle-tested or have sufficient value staked against them by Risk Assessors. In particular, newly deployed contracts are likely to require Risk Assessors to firstly stake value against them before the price drops into a coverable range.
Risk Assessors for the Smart Contract Cover product are likely to be those with smart contract audit expertise.
They can stake value in the form of NXM, thus vouching for the security of the contract and dropping the price of cover. This stake gets gradually released back to the Risk Assessor over a period of 250 days.
If a Cover is then subsequently sold on that contract, the first Risk Assessor to have staked value on it gets a reward of 20% of the price of cover, up to a maximum of 50% of their stake, at which point the next assessor begins earning rewards and so on.
If there is an accepted claim on this contract, the Risk Assessors' stake up to the Cover Amount are burnt.
For more detail, please see our Docs Page (in progress).
Smart Contract Cover is intended to provide protection against material loss of value resulting from "unintended uses" of smart contact code. In practice, this means that a vulnerability in smart contract code has been exploited and a material amount of value has been drained or made permanently irrecoverable.
All other security events (for example, loss of private keys or centralised exchange hacks) are not covered.
The precise cover wording is contained in the Product Document (coming soon!).
Importantly, there are several areas in the definition where human judgement is required. The idea is to pay claims where a genuine loss has occurred but not pay claims where members are trying to game the system. This can never be fully captured by words and must be interpreted by the membership base as a collective group.
Members will act as claims assessors with each claim subject to a vote by members who have chosen to stake a portion of their tokens to act as Claims Assessors.
The Claims Assessors earn rewards for voting with the consensus outcome. If anyone is deemed to have voted fraudulently, their stake may be burned via the governance process.
More detail is available in the Docs Page.
If the platform begins denying legitimate claims, failing in the core purpose it is set up for, then no new users would come to the platform and make contributions to it. While it's true that claims would lower the value of the pool and hence the value of the NXM tokens the Claims Assessors hold and earn in the short- term, Claims Assessors are also financially incentivised to take a longer-term view as they are required to lock up a stake.
This stake can be burned if there is deemed to be clear fraudulent voting activity by Claims Assessors (see Advisory Board section for details). The threat of losing their stake is a significant deterrent to voting fraudulently.
At present, cover can be bought in ETH, DAI or NXM. If paying in ETH or DAI, the system will convert the contribution to NXM in the background, then immediately use that NXM to purchase cover.
Yes, definitely. We actually started development with a product to cover earthquake risks, but shifted direction in late 2017.
There are still challenges regarding public blockchains, with scalability (in terms of transaction throughput) and user-friendliness being the key ones which make mainstream products quite difficult at this time. However, there are a large number of talented people working on solutions to these problems so we are optimistic that they will be solved within the next few years.
In the meantime, we're focusing on a market that has already adopted this technology.
No. However, we fully understand that due to being a smart contract that protects the community against hacks in other smart contracts, we need to be very, very secure ourselves.
Therefore, in addition to our ongoing checks and external reviews during the build phase, we will also conduct code audits from at least two of the top firms in the space, as well as a pre-launch bug bounty.
This is indeed a risk and it is why we will not only perform extensive internal testing, external audits and a bug bounty program but we will also launch with some emergency functionality (that is intended to be removed once the contracts have become more battle-tested).
From a cover holder perspective, by purchasing cover with Nexus Mutual you still get significant peace of mind from an additional safety net. As an example, say there is a 1% chance that the chosen smart contract has a bug and also a 1% chance that Nexus Mutual has a bug. By purchasing cover only one contract needs to be secure for you to either suffer no issue or receive a claim payment. Overall, you've increased your safety margin from 1 in 100 to 1 in 10,000.
Yes, absolutely. Please refer to our Docs Page (in progress) for further information.
We believe in pragmatic centralisation trade-offs to begin with while moving towards more complete decentralisation.
Initially, we will have a token-voting process overseen by an Advisory Board (comprised of experts from the worlds of insurance, mutual management and smart contract security). Note that any Member can replace an Advisory Board member via a vote at any time.
Any Member may delegate their vote to any other Member with rewards available for participating in governance actions.
We believe that pragmatic trade-offs are OK to start with, so in the interests of launching a viable product as well as ensuring the security of the smart contracts, Nexus Mutual will launch with some centralised aspects. These will be reduced over time as the system becomes battle-tested and gains scale. The following are the major points to be aware of:
Emergency Control - when Nexus Mutual is first launched it will also be able to be upgraded by the Advisory Board unilaterally. This control is entirely for safety reasons and will be permanently forfeited within 3-6 months after launch.
Emergency Pause - Advisory Board members will have access to an emergency pause function, which stops all transactions. All Advisory Board members have agreed to only using the functionality in extreme circumstances. The emergency pause allows a code upgrade to be completed before any further transactions complete. All code upgrades (outside the Emergency Control period) must be agreed to by the membership base.
Proposal White-List Process - The Advisory Board will white-list all governance proposals (with some exceptions, for example, replacing Advisory Board members) as well as assign them a default voting outcome (Yes or No). If the quorum isn't reached the default outcome proceeds.
Off-Chain Capital Model - The Capital Model is run off-chain due to gas requirements with results being notarised on-chain once per day. We plan to move this on-chain in the future once heavy computation solutions become viable, like Trubit. The Capital Model code will be made open source so anyone can verify the results if they wish.
Off-Chain Pricing Model - The pricing model is run-off chain due to gas requirements. Arguably, there is less need to run this in a fully decentralised fashion but it will still be made open source so anyone can verify the results if they wish.
Capital Pool Trades Require Manual Approval - Automated trading of the Risk Capital pool via the 0x protocol has not been fully automated, as the Advisory Board needs to manually sign each trading transaction. This is a current limitation of the 0x protocol that is on their road-map. We intend to fully adopt the automated signing process, via a member proposal, once it is enabled in the 0x protocol.
Claims Assessment Punishment - the Advisory Board has the power to burn staked NXM that participates in the claims assessment process if they deemed that clear fraudulent voting occurred. A decentralised way of punishing fraudulent voting is extremely hard to achieve as it needs to distinguish between genuine difference of opinion and fraud. We are investigating alternative solutions and aim to remove this aspect in time.
Several of the elements described above are significantly offset by the Overthrow control, which aims to put a decentralised check on the Advisory Board's power: