Understanding the fundamental mechanisms that ensure an insurance protocol can meet its financial obligations to policyholders.
LABS
Guides
How to Evaluate DeFi Insurance Protocol Solvency
Chainscore © 2025
core_concepts
Core Concepts of Protocol Solvency
01
Capital Pool Structure
Capital pools are the core reserves backing insurance policies. They are typically segregated by risk type (e.g., smart contract, stablecoin depeg).
-
Multi-token support allows deposits in assets like ETH, stablecoins, or protocol tokens.
-
Risk-adjusted weighting may assign different capital efficiency scores to deposited assets.
-
Liquidity fragmentation across pools can impact the protocol's ability to cover large, correlated claims.
02
Claims Assessment
The claims assessment process determines if a payout is valid and is a critical solvency gate.
-
Decentralized voting involves staked token holders voting on claim validity, aligning incentives.
-
Security council models use a multisig or expert committee for final approval on large claims.
-
Time-locked challenges allow for community dispute periods, preventing fraudulent payouts.
03
Risk Modeling & Pricing
Risk modeling quantifies the likelihood and potential size of insured events to set sustainable premiums.
-
Historical data analysis from past hacks and exploits informs base probability estimates.
-
Dynamic premium adjustments may occur based on real-time protocol TVL, audit status, and market volatility.
-
Inadequate modeling leads to mispriced risk, threatening long-term pool solvency.
04
Reinsurance & Backstops
Reinsurance involves external capital providers taking on a portion of the protocol's risk, enhancing capacity.
-
Capital efficiency is improved as primary pools can underwrite more coverage.
-
Correlation risk must be managed; a systemic event could trigger both primary and reinsurance layers simultaneously.
-
Protocol-owned reinsurance involves a dedicated treasury acting as a final backstop.
05
Solvency Ratios
Solvency ratios are key metrics comparing available capital to potential liabilities.
-
Capital-to-coverage ratio measures total pool value against the sum of all active policy limits.
-
Stress test scenarios model the impact of multiple large, concurrent claims.
-
Transparent reporting of these ratios is essential for user trust and protocol oversight.
06
Liquidity & Withdrawals
Liquidity management ensures capital providers can withdraw funds without triggering insolvency.
-
Lock-up periods and unstaking delays protect the pool from a rapid drain of capital.
-
Withdrawal queues manage exit order during periods of high demand or after a major claim.
-
Instant liquidity features often come with a penalty fee to disincentivize runs on the pool.
A Step-by-Step Solvency Assessment
A systematic process to evaluate an insurance protocol's capital adequacy and ability to cover claims.
1
Analyze the Capital Pool Structure
Examine the composition, sources, and accessibility of the protocol's reserves.
Detailed Instructions
Begin by identifying the capital pool's smart contract addresses (e.g., the main vault or staking pool). Use a block explorer to review the token holdings. Assess the liquidity composition: what percentage is in stablecoins (USDC, DAI), volatile assets (ETH, stETH), or the protocol's own token? High native token concentration increases correlation risk. Check for lock-up periods or vesting schedules on deposited capital that could impede withdrawals during a crisis. Review the protocol's documentation for any capital efficiency mechanisms like yield strategies or reinsurance pools, as these introduce additional risk vectors.
- Sub-step 1: Locate the vault contract address from the protocol's docs or Etherscan.
- Sub-step 2: Use DeFiLlama or a Dune Analytics dashboard to analyze the historical TVL and asset breakdown.
- Sub-step 3: Query the contract's
getTotalAssets()ortotalSupply()functions to verify on-chain data matches reported figures.
solidity// Example: Querying a simple vault's total assets interface IVault { function getTotalAssets() external view returns (uint256); function asset() external view returns (address); }
Tip: A healthy pool maintains high-quality, liquid assets and has transparent, real-time reporting.
2
Evaluate the Claims Process and Payout History
Investigate the procedure for filing claims and the historical success rate of payouts.
Detailed Instructions
A solvency assessment is incomplete without stress-testing the claims adjudication process. Review the protocol's whitepaper to understand the governance model for claims: is it automated via oracles, delegated to a committee, or subject to token holder votes? Each model has different latency and reliability risks. Scrutinize the historical claims data. A protocol with zero paid claims may be untested. Use The Block's data or platform-specific dashboards to find the claims paid to premiums earned ratio and the average claims processing time. Examine rejected claims for patterns that might indicate overly restrictive coverage.
- Sub-step 1: Find the claims board or assessor contract address and review its governance parameters.
- Sub-step 2: Search for past claim proposals on the protocol's governance forum (e.g., Discourse, Snapshot).
- Sub-step 3: Calculate the historical loss ratio:
Total Claims Paid / Total Premiums Earned. A ratio consistently below 1 is essential for solvency.
javascript// Pseudocode for calculating a simple loss ratio from on-chain events const totalPremiums = await policyContract.totalPremiumsAccrued(); const totalPayouts = await claimsBoardContract.totalPayoutsMade(); const lossRatio = totalPayouts / totalPremiums;
Tip: Look for protocols with transparent, on-chain claims histories and reasonable resolution times (e.g., under 14 days).
3
Assess Risk Exposure and Underwriting Quality
Determine if the protocol's insured risks are adequately modeled and diversified.
Detailed Instructions
Solvency depends on accurately pricing risk. Analyze the protocol's underwriting framework and risk exposure concentration. What specific perils are covered (smart contract failure, stablecoin depeg, custodian failure)? A protocol covering many similar DeFi lending protocols has high correlated risk. Evaluate the maximum probable loss (MPL) for the portfolio versus the capital pool size. Check if the protocol uses actuarial models or external risk assessors like Risk Harbor. Review the policy parameters: coverage caps, deductibles, and exclusions. High deductibles can protect the pool but reduce utility for users.
- Sub-step 1: List all active coverage policies and their underlying protocols (e.g., "Cover for Compound v3 USDC market").
- Sub-step 2: Estimate the total potential exposure by summing the coverage caps for correlated risk groups.
- Sub-step 3: Compare the aggregate exposure to the capital pool's liquid assets to calculate the coverage ratio.
solidity// Example: Checking a policy's coverage limit interface IPolicy { function coverageLimit() external view returns (uint256); function coveredProtocol() external view returns (address); }
Tip: Prefer protocols with clear, conservative underwriting, exposure limits per risk, and avoidance of highly correlated coverages.
4
Stress Test with Scenario Analysis
Model the protocol's resilience under extreme but plausible market conditions.
Detailed Instructions
Apply scenario analysis to evaluate tail risk. Model a black swan event like a simultaneous major stablecoin depeg (e.g., USDC) and a hack of a large, covered protocol (e.g., Aave). Estimate the resulting claim volume. Calculate if the liquid portion of the capital pool can cover these claims without relying on illiquid or depreciated native tokens. Consider secondary effects like a bank run on the insurance protocol itself, where stakers withdraw capital, further depleting reserves. Use the protocol's published solvency ratio (Capital / Value-at-Risk) and test its sensitivity to a 50% drop in the value of its volatile asset holdings.
- Sub-step 1: Define a severe but plausible scenario (e.g., 30% drop in ETH, 10% depeg of a major stablecoin).
- Sub-step 2: Estimate claim submissions based on active policy coverage for affected protocols.
- Sub-step 3: Model the new value of the capital pool post-market shock and compare to the estimated claims.
javascript// Pseudocode for a simple stress test calculation const shockFactor = 0.7; // 30% market drop const postShockPoolValue = (stablecoinHoldings) + (volatileHoldings * shockFactor); const estimatedClaims = calculateClaimsFromScenario(); const isSolvent = postShockPoolValue > estimatedClaims;
Tip: A robust protocol should remain solvent even when its volatile asset holdings lose 40-50% of their value, assuming average claim volumes.
5
Verify Governance and Emergency Controls
Review the protocol's mechanisms for handling insolvency or severe stress.
Detailed Instructions
Examine the contingency plans and governance levers available in a crisis. Read the protocol's documentation for a circuit breaker or pause mechanism on new policies or withdrawals. This can prevent a bank run but adds centralization risk. Check the multi-sig or timelock configurations for the treasury; overly centralized control is a single point of failure. Understand the process for activating emergency assessments or minting recapitalization tokens—these tools can restore solvency but dilute existing stakeholders. Review governance proposals to see how the community has historically voted during periods of stress.
- Sub-step 1: Locate the timelock controller and multi-sig wallet addresses for the protocol's admin functions.
- Sub-step 2: Read the smart contract code for functions like
pause(),setEmergencyMode(), orassessCharge(). - Sub-step 3: Analyze past governance votes related to treasury management or parameter changes during market downturns.
solidity// Example: Interface for common emergency functions interface IEmergencyControl { function pauseClaims() external onlyGovernance; function setMaxCoverage(uint256 newMax) external onlyTimelock; }
Tip: Effective governance balances decisive crisis response with sufficient decentralization and stakeholder oversight.
Key Solvency Metrics and Benchmarks
Comparison of capital adequacy and risk assessment metrics for leading DeFi insurance protocols.
| Metric | Nexus Mutual | InsurAce | Uno Re |
|---|---|---|---|
Capital Pool Size (USD) |
| ~ $15M | ~ $8M |
Capital Efficiency Ratio | ~85% | ~92% | ~78% |
Claims Payout Ratio |
| ~90% | ~88% |
Average Claims Processing Time | 7-14 days | 3-7 days | 10-21 days |
Protocol Coverage Ceiling | $5M per cover | $2M per cover | $1M per cover |
Minimum Capital Requirement (MCR) Buffer |
|
|
|
Staking APY for Capital Providers | 5-10% | 15-25% | 20-35% |
Solvency Models by Protocol Design
Capital Pool-Based Solvency
Capital pool models rely on a dedicated reserve of assets to cover claims. This is the most direct solvency mechanism, where protocol solvency is measured by the ratio of the pool's total value to its total potential liabilities. The primary risk is underwriting risk, where a black swan event could deplete the pool faster than premiums can replenish it.
Key Mechanisms
- Risk Assessment: Premiums are dynamically priced based on probabilistic models of the underlying protocols being insured.
- Capital Efficiency: The pool's size dictates the maximum coverage capacity. Protocols like Nexus Mutual use this model, where members stake capital (NXM) into a shared pool.
- Claims Assessment: A critical component where governance or specialized committees vote to validate claims, preventing fraudulent payouts.
Example
When a user purchases coverage for a smart contract hack on a lending protocol, their premium is added to the capital pool. If a validated claim is made, funds are paid out from this pool. The protocol's solvency is transparently trackable on-chain via the pool's balance versus its active coverage.
risk_factors
Critical Risk Factors to Investigate
Assessing a protocol's solvency requires a deep dive into its capital structure, risk management, and operational resilience. These factors determine its ability to meet claims under stress.
01
Capital Adequacy & Reserves
Capital reserves are the protocol's primary financial backstop. Investigate the size, composition, and liquidity of the treasury and any dedicated claim pools.
- Analyze the ratio of total value locked (TVL) to capital reserves.
- Scrutinize reserve asset diversification (e.g., stablecoins, ETH, LP tokens).
- Assess the protocol's defined minimum capital requirement and its adherence.
- This matters because thin or illiquid reserves can lead to insolvency during a black swan event or correlated claims.
02
Underwriting & Risk Assessment
Underwriting models define how risk is priced and which protocols are covered. Poor models lead to mispriced premiums and adverse selection.
- Examine the methodology for evaluating smart contract and economic risks of covered protocols.
- Review historical loss data and how it feeds into premium calculations.
- Check for coverage limits, exclusions, and policy wording clarity.
- This is critical as flawed underwriting can cause the protocol to accumulate unsustainable risk exposure.
03
Claims Process & Governance
The claims adjudication process determines if and how users get paid. Opaque or slow processes can render coverage worthless during a crisis.
- Determine if claims are automated via oracles, voted on by token holders, or managed by a committee.
- Analyze historical claims payout speed and dispute resolution mechanisms.
- Assess governance token concentration and potential for voter apathy or manipulation.
- This matters because a dysfunctional claims process is a direct solvency risk for policyholders.
04
Counterparty & Dependency Risk
Counterparty risk arises from dependencies on external entities and integrations. This includes oracle providers, bridge protocols, and custodians.
- Identify all critical external dependencies in the coverage and payout process.
- Evaluate the security and decentralization of price oracles used for claims triggers.
- Assess risks from cross-chain bridges if reserves or covered protocols are multichain.
- This is vital because a failure in a single dependency can cascade into a systemic protocol failure.
05
Smart Contract & Technical Risk
Technical risk encompasses vulnerabilities in the protocol's own codebase, upgrade mechanisms, and administrative controls.
- Review audit reports, bug bounty programs, and the time since last major audit.
- Examine the upgrade process: is it timelocked, decentralized, or mutable by a multi-sig?
- Analyze administrative privileges, such as the ability to pause contracts or drain funds.
- This is fundamental as an exploit in the core contracts can directly drain the protocol's capital.
06
Economic & Incentive Design
Protocol economics must sustainably align the interests of capital providers (stakers/underwriters) and policyholders. Flawed incentives can lead to capital flight.
- Model the premium yield for capital providers versus the expected loss rate.
- Assess mechanisms for recapitalization after major claims (e.g., assessment models, token minting).
- Evaluate the stability of the native token's value if it's used as reserve collateral.
- This matters because unsustainable economics will cause the capital base to evaporate, leaving policies uncovered.
Frequently Asked Questions on Solvency
Technical solvency refers to a protocol's immediate ability to cover claims based on its on-chain capital reserves and smart contract logic. Economic solvency assesses the long-term viability, considering factors like premium income, investment yield, and capital efficiency. A protocol can be technically solvent but economically insolvent if its operational costs exceed revenue, leading to reserve depletion. For example, a protocol with $100M in reserves but only $1M in annual premium income against $5M in projected claims is economically unsustainable despite appearing technically sound.