Armor and Idle Finance

The Idle Finance community has previously expressed a desire to get cover for their investments.

Armor enables protocol-level coverage for Idle Finance underwritten by Nexus Mutual. This coverage protects Idle Finance assets against smart contract risks. From 26 April 2021 this cover will extend to the full spectrum of protection against oracle attacks, severe economic attacks, and governance attacks.

Currently the yearly premium is about 40%, which isn’t attractive, however, this cover premium can be brought down by staking on the Nexus Mutual Idle Finance contract. With a sufficient amount staked - 50,000 NXM or more - it will lower to the minimum 2.6% annual premium.

Armor is the largest staker in Nexus. As Idle Finance is part of the Armor Big Bounty Alliance, Armor can shift part of its stake to the Idle Finance contract and lower the premium on armor.fi

In order to do so, Idle Finance may choose to buy a minimum of $2.5m in cover, with up to $5m / $10m being available for the community as that would cover most cases before active exploits are plugged following automated alerts.

The minimum costs for this would start around $65,000 DAI per year for $2.5m DAI coverage, when Armor stakes 50k NXM or more.

Idle Finance can purchase this cover to protect users at a protocol level. This way, the users don’t have to cover their own positions; instead any trader and staker will have their positions covered up to the covered amount.

In addition to cover, Idle Finance will be eligible to receive a grant equalling the USD value of the coverage secured in the first cover purchase.

Idle Finance could stake the grant tokens into the Balancer 98:2 pool for ARMOR rewards. Soon, it will also be possible to stake into Bancor single-sided pools or a vARMOR vault for rewards. Following Armor’s Cream listing (coming up shortly), Idle Finance may collateralize the tokens to earn lending fees and enable borrowing too.

Thoughts and feedback are welcome!

6 Likes

Welcome to the IDLE community!

Will all depositors be insured at no extra charge?
How much % of each deposit will be insured?
What risks are insured (hacks/protocol/3rd party)?

1 Like

Disclaimer: happy $ARMOR holder here.

I believe Protocol Coverage would be beneficial for Idle. If used well, it’s a great boost for marketing and publicity. It’s very user-friendly. The incentives offered by Armor are quite attractive. The big question, of course, is whether Idle can afford the 65K yearly cost at this point; I’m not too sure about that, would like to hear League’s opinion.

3 Likes

full disclose: not an armour bagholder :joy:
on the topic of “price” , regardless of what is used for insurance, the way i see it is that insurance must be treated the same way as security audits in terms of budgets.

2 Likes

Hi @unicorn and @idal thank you for the warm welcome!

  • All depositors in this scenario would be covered without extra charges
  • Rather than a % of each deposit, it would focus on users who lost money in a covered exploit. Usually when an exploit occurs, it is stopped by the project team fast enough to prevent further losses. When a payout through this method occurs, it would be sent to the project team who will then distribute to users who experienced losses. If you have any suggestions they are most welcome.
  • “This coverage protects Idle Finance assets against smart contract risks. From 26 April 2021 this cover will extend to the full spectrum of protection against oracle attacks, severe economic attacks, and governance attacks.” + You can review current policy wording from Nexus Mutual here: https://nexusmutual.io/pages/SmartContractCoverWordingv1.1.pdf
  • The coverage can be secured for 30 days and renewed based on needs on a monthly basis. This would reduce up front expenditure.
4 Likes

Thanks @AzFi for posting this idea, Idle Governance cares a lot about security and extensively discussed many coverage options in the past.

In the previous discussion, Cover protocol got integrated into Idle website, but the initiative did not lift off due to lack of liquidity hence high coverage premium. As you noticed, the annual premium on Nexus is not affordable and counterproductive with the current deposited liquidity.

Yet Nexus is one of the leading coverage providers on the market, and it’s definitely worth analyzing our possible outcomes.

I have some follow up queries that came up last week:

  • Would the $ARMOR grant be fully unlocked or there’s a vesting period?
  • Would Nexus cover underlying dependencies of the protocol (Idle’s underlying protocols’ exploits)?
  • The role of ArmorFi for liquidity provision in Nexus would be crucial. How would you ensure that liquidity doesn’t get removed?
  • Do you have any reference to this policy extension? I can’t see any mentions in the provided link.

Generally, it would be useful to investigate how much affordable coverage affects TVL and what could happen in case of loss of funds.

Today there are many options to protect the customer base, but the options I see for Idle are:

  1. Purchase liquidity coverage through third-party protocols (ArmorFi or other protocols)
  2. Add a backstop mechanism (similar to Aave), and provide $IDLE staking and coverage protection at the same time
  3. Create a CDP with $IDLE in case of a shortfall event (deficit for the liquidity providers), and repay the debt with protocol fees along time.
  4. Let users buy protection at their own discretion, and eventually discuss a shield mining program to ease the premium.

I think it’d be great if the Pilot League (@emixprime, @Salome) could schedule a recap post in the forum about the opportunities listed here and investigate the community sentiment, with more benchmarks and insights.

For a comprehensive overview, these are the risks that the Idle protocol should cover to have full-spectrum protection (many reported also in Immunefi bug bounty program):

  • Smart Contracts and logic errors
  • Oracle failure/manipulation
  • Economic/financial attacks
  • Governance attacks
  • Cryptography problems
  • Compound, Aave, dYdX (and future integrations) exploits
  • Underlying asset failure
6 Likes

I’m generally of the opinion that users should be buying their own insurance, so #4 seems like a reasonable route to me:

I understand we need to bring the cost down to make this feasible for users, and as you mentioned, one way is Shield Mining (incentivized staking behind the Idle contracts).

Indeed, another way is with Armor, where the protocol gets insurance and lowers the cost for the community; however, if we go this route, it should be explicitly for lowering the cost of insurance that users still need to purchase themselves. We don’t want users thinking their positions are insured when only $2.5M of TVL is, and must make this known to the community if implemented.

We know the cost of the Armor (minimum 65,000 DAI), which would involve liquidating ~6,700 IDLE at current market rates (accounting for slippage):

What would the proposed cost be for a Shield Mining campaign?

We should also consider the costs in the context of the expected increase in TVL and protocol fees generated from this additional capital. Let’s consider a simple case:

  • Idle generating 10% yield on capital
  • Protocol receiving 10% of the yield (1% on AUM)
  • Needed increase in AUM to offset costs: $6.5M

There are additional non-monetary benefits that having accessible coverage brings, so this shouldn’t be the only factor, but one with significant weight.

3 Likes

@ETM612 are you an investor or LP in Armor? Asking for a friend.

1 Like

I am not an investor nor a LP in Armor

6 Likes

Thanks @Teo for the questions. We fully support the shield mining idea proposed by @ETM612.

  • The Armor grant would be fully unlocked with the expectation that it will be staked and not dumped.
  • Nexus is developing stacked risk cover which would cover underlying dependencies of the protocol. Current coverage does not cover underlying protocol risks. Coverage for underlying protocols can be bought separately. Armor can ensure pricing and availability for this too.
  • Armor’s mission is to make DeFi safer by forming meaningful partnerships and maximizing coverage across DeFi. As long as there is demand for coverage, Armor DAO will stake on those contracts - this is how Armor generates revenue for our stakers.
  • New cover wording can be found here.
2 Likes