Who Insures the Insurer? Cover Protocol Attack Exposes DeFi’s Promise and Peril


Monday’s $ 4 million attack on Cover Protocol, a decentralized insurance company, reminded me of the classic nursery rhyme: “There was an old lady who swallowed a fly.”

You know, the one where an unhappy woman eats bigger and bigger animals to catch the one that was swallowed earlier.

Decentralized financing faces a similar problem with decentralized insurance. There is decentralized insurance in place to protect people from loss if the coding errors of a DeFi protocol allow someone to attack it. But what happens if there is a security breach in the insurance log? What are you swallowing to fix this?

I don’t think DeFi ends up like the old lady – “dead of course” – because at some point she will have to swallow the blockchain equivalent of a horse. These kinds of live, public situations with real losses drive open source developer communities to build better, stronger systems. This prospect is reinforced by the fact that this attack came from a “white hat” hacker rather than a real crook.

But the cover story offers a sobering coda to a year of surprising innovations that sparked the imagination for a new financial system that wasn’t weighed down by centralized gatekeepers. It shows how far this system has yet to develop.


This year, the DeFi Degens showed us how we can turn the old, centralized system into a full decentralized batch of virtually anything, with open protocols for exchanges, lending, borrowing, collateral management, credit default swaps, and even virtual dollars.

This is exciting not only because removing Wall Street intermediaries could lower costs, or at least pay off more fairly, but also because it promises to end counterparty risk, a core problem of the closed, centralized architecture of the established system.

In the credit default swap crisis of 2008, market participants had no insight into the diverse, hidden financial risks of their counterparties, which is a recipe for distrust. CDS and other contract-based instruments to hedge their risks depended on the ability of the contracting parties to keep their promises. When people stopped believing these promises, the rush to the exits meant that these hedges were not only worthless, but made matters worse. They presented nothing but systemic risk.

DeFi promises to avoid this. If a contract to deliver collateral in the event of a price drop is executed through a protocol that relies on funds locked in a decentralized escrow account over which no one party has control, the counterparty risk is theoretically gone. The same theory applies to decentralized exchanges (no longer Mt. Gox or QuadrigaCX), decentralized CDS, and other parts of the DeFi ecosystem.


The problem is, we traded counterparty risk for software risk. And one could argue that it is even riskier. DeFi’s reservation ethos lends itself perfectly to daring innovation and speculative enthusiasm. However, if no central service provider can be held accountable and hackers who use incomprehensible pseudonyms can easily escape prosecution, there is little or no legal recourse after an attack.

For most of humanity, especially the big institutions that manage our fiat savings, this scenario is untenable.

It doesn’t matter that all of these institutions face their own software vulnerabilities. (A recent report from the Center for Strategic and International Studies and computer security firm McAfee estimated the total cost of cybercrime, including losses and security spending, to be over $ 1 trillion in 2020.) When “Too Big To Fail” The institutes’ losses are becoming too great, be it through crime or financial panic. The government and the central bank will ultimately find ways to socialize these losses. They just need an identifiable perpetrator to blame.

A decentralized system does not allow this, which is why a new model of non-life insurance is required. The problem with this is what happened to cover.

One way forward

For now, the solution may be with centralized insurance systems, with someone holding the bag who can be identified and sued. These services are in place, and by insisting on thorough, ongoing, and high-level code audits, some will become comfortable enough to bear the risk – at a cost.

However, this not only increases costs, it also brings us back to the same counterparty risk. What if there is a 2008-level system-wide crisis in DeFi? What if everyone fears collapse and no one trusts the overexposed insurers – or their reinsurers – have the funds to cover the consequences?

For this reason, decentralized insurance is required to achieve the ideal insurance. It’s just that its development has to be done live in real time, tested in the real world so that bugs can be detected and fixed.

And so today’s attack is actually good news. An unidentified person who appears to be involved in Grap Finance finds a bug in a log and uses it to dump many COVER tokens, causing a brief period of panic for everyone involved. In a classic white hat move, he / she / she returns the money to the cover minutes and publicly announces on Twitter that they did so.

Since then, guys like Band Protocol’s CTO Sorawit Suriyakarn have worked to explain in a similarly public way how the hack took place. While some see this as an invitation to other hackers, for others in DeFi it is mostly a warning to fix similar bugs. Cover has already developed a new token.

What doesn’t kill you makes you stronger. This is the thought that will ultimately drive the DeFi ecosystem to create a scalable new model for global funding.

It just won’t happen tomorrow.