Guidelines for an Idle protocol insurance

Summary

The discussion about a cover for user deposits started initially in December 2020 here and after that, it has been brought up by the Idle community several times. The Pilot League Committee, therefore, decided to gather in the governance forum ideas from previous discussions within the community and help to create a framework for all insurance partners that want to propose their services and join Idle´s B2B affiliate programme.

Motivation

This post is a starting point, Idle cares a lot about security and insurance and is open to feedback and proposals from all.

As mentioned by @Teo in the discussion here:

Previous insurance initiatives put in place by Idle did not lift off due to lack of liquidity. Idle learned that before adopting any insurance policy in the future, it’s definitely worth first analyzing the possible outcomes.

Generally, it is useful to research how much affordable coverage affects TVL and what could happen in case of loss of funds.

There are many insurance options to protect the customer base, but the options favoured by the Pilot League committee for Idle are:

1. Purchase liquidity coverage through 3rd party protocols.
2. Add a backstop mechanism (similar to Aave), and provide $IDLE staking and coverage protection at the same time
3. Create a CDP with $IDLE in case of a shortfall event (deficit for the liquidity providers), and repay the debt with protocol fees along time.
4. Let users buy protection at their own discretion from 3rd party protocols, and eventually discuss a shield mining program to ease the premium.
5. Another option is to add tranches strategies to protect investments, this option however would not fall under the category of full spectrum protection but will open the door to proposals from other protocols beside insurance.

The Pilot League would like to hear more about the alternatives listed here and learn more from the community and insurance providers. Benchmarks, statistical insights and examples will go a long way providing clarity to the discussion moving forward.

Guidelines

For a more comprehensive framework overview, these are the risks that the Idle protocol should cover to have full-spectrum protection (many reported also in Immunefi bug bounty program):

High-priority coverage features:

• Idle Smart Contracts and logic errors.
• Oracle failure/manipulation regarding lending protocols used by Idle
• Governance attacks
  Description: protect the customer base on potential losses coming from bugs on Governance contracts, that lead to vote manipulation.
• Underlying protocol exploits
  Description: Idle deploys funds in the mentioned protocols. Current coverage solutions protect only direct attacks. Having the coverage extension to face third-party hacks that consequently lead to fund losses on Idle side would be a strong added value. We expect that this feature provides third-party smart contract and logic errors coverage.
• Underlying asset failure

Description: Stablecoins might lose the peg and deposits could be affected. DeFi LPs are aware of the risk but uncertainty might block TradFi institutional funds. The risk is lower with battle-tested assets (DAI, USDC, USDT) and higher with next-gen stablecoin (FRAX, RAI). The policy might activate reimbursements when an asset goes under a certain peg rate for a minimum timeframe. Due to the high costs associated with innovative stablecoins, the first batch might cover only assets with a long track record.

Other nice-to-have features can be added by the protocols that propose to insure Idle.

The Pilot League Committee is looking forward to listening to the feedback from the community and possible partners .

Posting here to further push along the insurance discussion

Upfront Disclosure: I am a long-time member of the Mutual and hold NXM. I have not invested nor LP’d in Armor.

The previous discussion brought up by @AzFi had two parts: one around the purchaser of cover (individuals or protocol), and one around Armor/Nexus.

After further thought and discussions with @hughkarp, I personally believe the best course of action is a shield mining campaign directly with Nexus. Some of the benefits include:

• Token Distribution: $IDLE gets distributed to a larger audience, increasing stakeholders and decentralization
• No $IDLE sale up-front: There is no need for the protocol to market sell $IDLE, just distribute it in kind (however receivers of shield mining could liquidate their $IDLE)
• Closer Collaboration: Opportunity to work directly with the Nexus team, not through a 3rd party
• One-time cost: The deal with Armor would be on an annual basis, whereas Shield mining campaigns tend to be a one-time offering (note: another campaign could be ruin if additional incentives are needed to provide enough cover)

One other benefit down the line will be creating a covered strategy, where users deposit into a “Protected Pool” which buys cover from Nexus on behalf of the pool. This is possible via a new product coming from Nexus in the near future.

With this solution, the protocol would have a strategy that is protected, and users who have deposited into other (uncovered) strategies could still purchase their own cover.

Hugh did share with me that all shield mining campaigns have successfully dropped cover to the minimum price of 2.6%. I would like to open up the floor and invite the Nexus team to contribute here as well as anyone else with ideas/questions/concerns.

Great idea, fully support it and look forward to an update on this. When might this go live?

Thanks @ETM612 for raising this.

We’ve run over 10 successful shield mining campaigns on Nexus so far and all have opened up material capacity and lowered the price to minimum 2.6%. Would obviously love to support IDLE in the same way.

We generally recommend a budget of around $100k-$200k in the native token, $IDLE in this case, which would run a campaign of 2-4 weeks.

The campaign works by depositing $IDLE into our rewards distributor contract, and choosing a rate, so it’s very easy to set-up.

Happy to answer any other questions you need.

Thanks @AzFi @ETM612 @hughkarp for following up to this League Committee Governance initiative.

Can you guys please share some details of how the shield mining for idle will work?

Since there are 3 protocols involved I feel it’s crucial that the rest of the community understands how the money legos all would fit in this case:

• @AzFi stated “in addition to cover, Idle Finance will be eligible to receive a grant equalling the USD value of the coverage secured in the first cover purchase.”

@AzFi Would this grant be vested?
@Teo what is your favorite application for this grant in ARMOR tokens since the smart treasury right now only supports ETH and IDLE?

• @ETM612 mentions " We should also consider the costs in the context of the expected increase in TVL".
  Is it fair to expect ARMOR and/or NEXUS to contribute to IDLE’s tvl?

• what happens to the IDLE rewards allocated to shield mining? Are they vested or can Nexus and/or Armor stakers dump them weekly?

• @hughkarp said “We generally recommend a budget of around $100k-$200k in the native token, $IDLE in this case, which would run a campaign of 2-4 weeks.”

In this format we are talking 1.2M-2.4M per year in shield mining IDLE rewards. Imo this is inline with Idle’s LP staking program costs and would not inflate circulation too much.

I fully support both insuring the protocol AND giving depositors the option to buy their own insurance.

If ARMOR and NEXUS stakers are incentivized to hold their idle rewards, shield mining is a great way to introduce idle to new investors and raise the utility of the token.

In this regard I would highly suggest that shield mining is timed in sync with the single IDLE staking program.

Shield mining directly with Nexus is separate to Armor’s proposal. I’m not pushing one or the other here, just providing extra detail to help you make a decision:

Shield Mining with Nexus

• Tokens aren’t vested, they are redeemed weekly.
• One-off budget is relatively small here, higher end is $200k over about 4 weeks.
• 24 hour trading volume on IDLE is about $500k from coingecko, so vesting for this level of tokens wouldn’t appear to be a big concern on the surface.
• Shield mining would open up capacity for Idle cover on Nexus, which can be purchased directly with Nexus or via Armor.
• Armor stakers can claim part of the shield mining rewards as they stake on Nexus (via delegation)
• the protocol can use this capacity to buy cover itself, allow users to opt-in or some combination.

Thanks for the additional info @hughkarp!

One follow up: How much cover is generally available after these campaigns? Do you expect this to materially change with the new product?

If we pursue a campaign and go the insured strategy route (with the new product), it would be good to know what the “cap” on that strategy would be. For example, if only $5M of cover can be acquired, we can only have $5M of TVL in that strategy.

If that cap is not hit, then users could also purchase insurance themselves for other strategies they are in; if the cap is hit, then users would need to be in the insured strategy to have coverage (and there could be higher demand for that strategy then availability).

Stats on recent shield mining campaigns.

Capacity is existing current capacity at 13th May 2021. Some would have decreased since the campaign other have increased.

In general, we’d expect a $100k - $200k campaign to open up at least $20m of capacity but with strong ongoing demand for cover, like with Bancor, this should be much larger.

At present global capacity on any individual risk is around $100m (regardless of staking), and this grows as Nexus grows in general.

New Product: Yield Token Cover

We have a new product coming soon that is specifically designed to cover vault/strategy products like Idle. The idea is we cover all risk for a particular vault by allowing the user to swap $100 worth of LP tokens for $90 DAI at any time (or ETH for an ETH based vault). It’s like a put option on the same currency, which therefore covers all technical risk of the LP token depegging.

If you wanted to run shield mining I’d suggest waiting until then and perhaps running 2 or 3 campaigns across the vaults you want covered. eg DAI and USDC as they seem to be your two largest vaults.

Thank you for the additional details, they are quite helpful.

My personal opinion is that our best course of action is what you suggested here:

We could run a $50-100k campaign for each of those two vaults, and potentially an additional $50-100k general campaign (current product) for the protocol overall (if needed, for those who want to remain in an uncovered vault yet still have protection)

I would like to hear from other league members and the community as we progress towards finalizing a solution

First, want to thank @ETM612 and @hughkarp for the overview and effort they’ve put into research for our shield mining program.

I personally really like the Yield Token Cover because it gives easier access to covered strategies, lowers entry costs for security-oriented users, and generates synergy effects from additional capital inflow into Idle and Nexus.

Also, it would cover all Idle’s underlying protocols dependencies, which is a quite compelling value proposition.

From what I see, this product looks like a protective put option that sets a floor price below which our users will not continue to lose any added money even as the underlying asset’s price continues to fall – it would be a good fit for our architecture. If a shortfall event happens, idleTokens (idleDAI, idleUSDC, …) price would fall (as idleToken price = strategy NAV/number of tokens). A loss of funds would lead to a reduction in NAV, hence lowering the idleToken price.

Options’ premiums are based on many factors including the current price of the underlying asset ( for idleTokens, it’s underlying token value + yield), the time until expiration, and the implied volatility (negligible for idleTokens). Usually, different strike prices and expiration dates are available, giving investors the ability to tailor the protection, and the premium fee.

@hughkarp are there any write-ups/docs regarding the Yield Token Cover regarding the above? It would be definitely helpful for us to understand the pricing model, so we can better evaluate how to integrate it into our strategy and model out some expected payoffs for our users.

In terms of timing, I agree shield mining should be in sync with $IDLE staking program, as it would give an immediate use case for Nexus and Armor stakers.

Regarding the program structure, running $50-100k bootstrapping programs for DAI and USDC with Yield Token Cover would make sense. For the overall protocol, however, I’m wondering that we could have another way to let our users diversify their risk, which is tranches.

In general, the next steps here are:

• officialize and structure this shield mining program as an official post in #proposals
• have a snapshot poll regarding the parameters to signal community consensus
• initiate the on-chain proposal to move the required budget (this program would be out of scope for the Treasury League’ budget)

Keen to hear more inputs from our community, particularly about their willingness to buy coverage on their deposits.

@Salome @emixprime, in the meantime, what do you think about making some surveys across our social channels to gauge our users’ demand for this coverage? Same thing with our B2B or D2D partners.

We have now released Yield Token Cover. This product is designed to provide comprehensive stacked risk coverage for yield bearing tokens like Idle LP tokens.

How it Works
Yield Token Cover allows the cover buyer the option to swap their LP tokens for 90% of the underlying value in DAI (for stablecoin vaults) or ETH (for ETH based vaults).

The means the cover buyer is covered for any event that would cause the Idle LP token to depeg, whether that’s an issue with Idle contracts, Compound contracts, Aave contracts or even USDT depegging. Full terms here: https://nexusmutual.io/pages/YieldTokenCoverv1.0.pdf

Conceptually this differs to Protocol Cover as follows:

• Protocol Cover protects against Idle contracts, across all vaults.
• Yield Token Cover protects against the full stack of risk for a particular vault.

image943×586 54 KB

I believe Yield Token Cover is much better suited to Idle’s aims.

The minimum price of cover is 2.6% should enough staking be obtained.

Proposed Next Steps
We’d like to propose the following to the Idle community:

1. Nexus lists the Idle DAI and USDC vaults for coverage on Nexus.
2. Idle includes a simple buy cover integration in the Idle UI, allowing Idle users to purchase cover on the Idle site.
3. Idle runs two shield mining campaigns (one for each DAI and USDC vaults) in line with the listings.

The leagues spoke with the Nexus Mutual team and discussed internally, and have now proposed an initial plan for action for the community to vote on

Time to cast your Snapvote to indicate if you are for or against the proposed Shield Mining campaign

The poll will be open until Monday at 11am EST

The temperature check has passed with 100% of the community voting for it! Excited to see unanimous approval.

From here, the Leagues will speak with Nexus and design a program with the goal of maximizing cover capacity; the details of the program will be included in the IIP for the community to confirm.

We will also consider factors like breadth of token distribution (we’d like to distribute the $IDLE in this program to as many people as possible to build the community)

If there are other factors you’d like to bring up, please let us know on this thread so we can consider them in designing the program

Thank you for making this happen, amazing to see “insured” deposits on Idle. This will for sure be very interesting to institutional investors and a good argument in B2B negotiations.