DeFi Insurance Protocols Compared: Coverage, Cost, Claims
Compare DeFi insurance protocols by coverage types, premium costs, claims history, and supported protocols. Nexus Mutual, InsurAce, Neptune Mutual, and more.
DeFi Insurance Protocol Overview
Less than 1% of total DeFi TVL carries any form of exploit or depeg coverage. The crypto industry lost $2.2 billion to hacks in 2024, $3.4 billion in 2025 (including the record-breaking $1.5 billion Bybit breach), and over $1 billion in the first half of 2026. The protection gap in decentralized finance remains one of the sector's largest unsolved problems.
DeFi insurance protocols attempt to fill this gap by pooling capital from underwriters and selling coverage to users who want protection against smart contract exploits, stablecoin depeg events, oracle manipulation, and custodial failures. The total insurance category TVL across all providers is approximately $96 million: a fraction of the $70+ billion in DeFi deposits it aims to protect.
| Protocol | Status | Token | TVL (est.) | Claims Model | Cumulative Claims Paid |
|---|---|---|---|---|---|
| Nexus Mutual | Active (market leader) | NXM / wNXM | ~$82M | Expert committee (V3) | $18.6M+ |
| InsurAce | Functionally inactive | INSUR | ~$132K | Advisory + community vote | ~$11.7M |
| Neptune Mutual | Shut down (late 2024) | NPM | $0 (refunded) | Was parametric | None documented |
| Unslashed Finance | Dormant (late 2024) | USF | ~$0 | Was parametric + DAO | None documented |
| Bridge Mutual | Defunct | BMI | ~$56K | Was community vote | None documented |
Four of the five protocols listed above have effectively ceased operations or are in terminal decline. Only Nexus Mutual operates at meaningful scale. The sections below analyze each protocol, including the defunct ones as cautionary references for anyone evaluating DeFi insurance counterparty risk.
Coverage Types Compared
DeFi insurance covers a range of risk categories. Not all protocols offer the same types, and the definitions of what qualifies as a covered event vary significantly. Understanding these distinctions is critical before purchasing coverage. Smart contract failures account for approximately 65% of DeFi insurance claims, followed by stablecoin depegs at 22% and bridge or oracle failures at 10%.
| Coverage Type | Nexus Mutual | InsurAce | Neptune Mutual (closed) | Unslashed (dormant) | Bridge Mutual (defunct) |
|---|---|---|---|---|---|
| Smart contract exploit | Yes | Yes | Yes | Yes | Yes |
| Stablecoin depeg | Yes (protocol cover) | Yes | Yes | Yes | Yes |
| Oracle failure | Yes (protocol cover) | No | Bundled | Yes | No |
| Custodial / CEX failure | Yes | Yes | Yes | Yes | Yes |
| Bridge exploit | Yes (protocol cover) | Yes | Limited | Yes | No |
| Validator slashing | Yes | No | No | Yes | No |
| Governance attack | Yes (protocol cover) | No | No | No | No |
Nexus Mutual's V3 architecture offers the broadest product range, including single-protocol cover, multi-protocol cover, DeFi Pass ( ecosystem-wide protection), fund portfolio cover, bug bounty cover (partnered with Immunefi and Sherlock), and BTC-denominated slashing cover developed with Babylon Labs. The "protocol cover" product bundles oracle manipulation, governance attacks, and severe liquidation cascades under a single policy.
InsurAce differentiated early with dedicated depeg coverage, which proved critical during the Terra/UST collapse. Neptune Mutual used parametric triggers: coverage activated automatically when predefined conditions were met, without individual claims assessment. However, Neptune Mutual closed its marketplace in late 2024, citing insufficient adoption across the entire DeFi insurance sector.
Premium Pricing
DeFi insurance premiums vary based on the protocol being covered, the coverage amount, duration, and the insurer's capital utilization. Nexus Mutual uses dynamic staking-based pricing: when more NXM is staked against a protocol, premiums drop. The protocol applies a 0.2% price bump per 1% of pool capacity used and a 2% daily decay toward the target price when demand is low.
For well-audited protocols like Aave or Compound, annual rates on Nexus Mutual can be as low as 1-3% of coverage. Newer or riskier protocols see rates of 6-15% or higher. InsurAce offered portfolio-based pricing, bundling coverage across multiple protocols at a discount with rates of 1-4% annually. Neptune Mutual's parametric pools used algorithmic pricing based on pool utilization ratios, with premiums adjusting dynamically as coverage demand shifted relative to available capital.
Context: A 5% annual premium on $100,000 of DeFi coverage costs $5,000 per year. If the covered DeFi position yields 3-5% annually, insurance premiums consume most or all of the return. This cost-to-yield ratio is the primary reason DeFi insurance adoption remains below 1%.
Claims Process and History
The claims process is where DeFi insurance protocols diverge most sharply. Claims models range from expert-led discretionary assessment to fully parametric (code triggers payouts automatically). Each approach carries tradeoffs in speed, fairness, and edge-case handling.
Nexus Mutual: Expert Committee (V3)
Nexus Mutual's V3 upgrade (announced January 2026) shifted from open community voting to a permissioned expert committee of three publicly known assessors. At least two of three must vote to accept a claim, with a minimum 72-hour voting period and a 24-hour cool-down for Advisory Board fraud review. The protocol has paid over $18.6 million in cumulative claims since 2019, including approximately $7.3 million for FTX collapse claims, $5 million for Rari Capital Fuse, $3.4 million for the Euler Finance exploit, $2.5 million for BadgerDAO, and $1 million for Hodlnaut. Some claims have been denied, particularly those involving economic exploits that fell outside the strict definition of a smart contract vulnerability.
InsurAce: Advisory Committee + Community Vote
InsurAce uses a two-step process: an advisory committee provides an initial assessment, followed by a vote by INSUR token holders. The protocol's defining moment came during the May 2022 Terra/UST collapse, when it paid approximately $11.7 million to 155 claimants. This was among the largest DeFi insurance payouts in history. However, InsurAce had collected only $94,000 in UST depeg premiums: a payout ratio of 124:1. The catastrophic loss depleted the capital pool from a peak of ~$150 million to roughly $132,000 today, a decline exceeding 99.9%.
Neptune Mutual: Parametric Triggers (Now Closed)
Neptune Mutual eliminated individual claims assessment entirely. When an incident was reported and confirmed by NPM token holder attestation, all cover holders in the affected pool received automatic payouts within approximately 20 days. Witnesses could stake tokens for or against reports, with 60% of incorrectly staked tokens distributed to correct voters. Despite never being hacked itself and delivering on its roadmap, Neptune Mutual closed its marketplace in late 2024 and refunded LP capital. No documented claims payouts occurred during its operational period.
Capital Efficiency and Sustainability
The fundamental challenge for DeFi insurance is capital efficiency. Protocols must attract enough capital to underwrite meaningful coverage while offering yields competitive enough to retain underwriters. This creates a structural tension: higher yields for capital providers mean higher premiums for coverage buyers, but premiums that consume most of a DeFi position's yield make coverage economically irrational.
Nexus Mutual's capital pool of approximately $82 million (down from a $780 million peak in November 2021) makes it the only protocol with enough capacity to cover large positions. It generated $5.7 million in cover fees and $3.2 million in treasury investment returns in 2025, with $14.3 million in net cash flow. The protocol has integrated with Symbiotic to create a reinsurance layer that allows capital to simultaneously secure proof-of-stake networks while underwriting coverage, improving capital efficiency by an estimated 40%.
The failures of Neptune Mutual, Unslashed Finance, and Bridge Mutual demonstrate what happens when capital pools fail to reach critical mass. Without sufficient premiums, underwriters leave, reducing coverage capacity, which drives away buyers. Neptune Mutual's post-mortem was explicit: no DeFi insurance protocol achieved significant growth in the 18 months prior to its closure.
Sherlock, an active protocol, explored an alternative model: combining smart contract audits with exploit coverage. Protocols that pass Sherlock's audit receive coverage up to $10 million, backed by a staking pool. However, Sherlock's own staking pool has also contracted significantly.
Supported Chains and Protocols
All major DeFi insurance protocols are anchored on Ethereum, where the majority of DeFi TVL resides. Multi-chain support varies:
- Nexus Mutual's capital pool remains on Ethereum, with 184+ listings spanning coverage for protocols on Arbitrum, Optimism, Polygon, Base, BNB Chain, Astar, and Avalanche
- InsurAce deployed capital pools across Ethereum, BNB Chain, Polygon, and Avalanche, though meaningful activity has ceased across all chains
- Neptune Mutual operated on Ethereum, Arbitrum, and BNB Chain before closing
Coverage for cross-chain bridge exploits is particularly relevant given that bridge hacks have accumulated over $2.8 billion in losses since 2022. For a deeper look at bridge-related risks, see our bridge security comparison and the research on stablecoin cross-chain bridging risks.
Reducing Risk at the Architecture Level
DeFi insurance addresses risk after the fact: it compensates users when exploits occur. A complementary approach is to reduce protocol risk at the architecture level by minimizing exposure to complex smart contract systems. In 2026, 72% of crypto hack losses came from stolen keys and credential theft rather than smart contract bugs, highlighting that operational security matters as much as code quality.
Self-custodial Bitcoin solutions operate with a fundamentally different risk profile than EVM-based DeFi. Bitcoin's scripting language is intentionally limited, which reduces the attack surface compared to Turing-complete smart contract platforms where reentrancy attacks, flash loan exploits, and oracle manipulation remain persistent threats. Protocols like Spark enable stablecoin transfers and Bitcoin payments without requiring users to deposit funds into complex DeFi contracts, removing the primary attack vector that DeFi insurance exists to cover.
This does not eliminate all risk: key management and protocol-level bugs exist in any system. But insuring against a smart contract exploit in a protocol with thousands of lines of Solidity is a categorically different problem from securing a self-custodial Bitcoin wallet. For users evaluating whether to purchase DeFi insurance, the first question should be whether the underlying architecture requires it at all.
How to Choose a DeFi Insurance Protocol
For users who hold funds in DeFi protocols and want coverage, the decision framework comes down to three factors:
- Coverage scope: does the protocol cover the specific risk you face (smart contract bug, depeg, oracle failure)? Check the exact terms, not just the marketing language
- Claims reliability: Nexus Mutual's expert committee model processes claims in 2-6 days. Parametric models offered speed and certainty but could not handle edge cases
- Capital pool size: a protocol with insufficient capital cannot pay claims. The collapses of Neptune Mutual, InsurAce, Unslashed, and Bridge Mutual are reminders that the insurance provider itself is a counterparty risk
At present, Nexus Mutual is the only DeFi insurance protocol with a capital pool large enough and a claims track record proven enough to be considered for significant coverage amounts. OpenCover serves as a marketplace aggregator that simplifies purchasing Nexus Mutual coverage and has processed over $1 billion in onchain value covered. For broader crypto custody protection options, see our crypto insurance provider comparison.
Lessons from Failed Protocols
Neptune Mutual, Unslashed Finance, and Bridge Mutual all launched with ambitious visions for DeFi coverage. All three failed to attract and retain sufficient capital to sustain operations. The pattern is instructive:
- Without a critical mass of coverage buyers, premium revenue is too low to attract capital providers
- Without sufficient capital, coverage limits are too small to be useful, deterring buyers
- Token incentives (coverage mining, liquidity rewards) can bootstrap initial activity but cannot sustain a protocol when organic demand is insufficient
- A major claims event can be existential: InsurAce survived its $11.7 million Terra payout but never recovered, declining from $150 million TVL to $132,000
- The entire DeFi insurance category TVL (~$96 million) is smaller than a single major hack: the April 2026 KelpDAO exploit alone was $292 million
The market has effectively consolidated into Nexus Mutual as the sole viable provider, supplemented by Sherlock's audit-plus-coverage model and OpenCover's aggregation layer. The role of fraud proofs and formal verification in reducing the need for insurance continues to evolve alongside the insurance products themselves.
Frequently Asked Questions
What does DeFi insurance actually cover?
DeFi insurance typically covers financial losses from smart contract exploits, stablecoin depeg events, oracle failures, and centralized exchange hacks. Coverage terms vary by protocol and product: Nexus Mutual's protocol cover includes governance attacks, severe liquidation events, and validator slashing. Always read the exact policy terms, as "economic exploits" (like sandwich attacks or MEV extraction) are generally excluded.
How much does DeFi insurance cost?
Annual premiums typically range from 1-15% of the coverage amount, depending on the protocol being insured, the insurer, and current capital utilization. Well-established protocols like Aave attract lower rates (1-3%), while newer or more complex protocols see higher premiums (6-15%+). Coverage cost should be weighed against the value of assets at risk: if a DeFi position yields 3% and insurance costs 2.5%, the net return drops to 0.5%.
Has any DeFi insurance protocol successfully paid claims?
Yes. Nexus Mutual has paid over $18.6 million in cumulative claims since 2019, including payouts for the FTX collapse (~$7.3 million), Rari Capital Fuse (~$5 million), and the Euler Finance exploit (~$3.4 million). InsurAce paid approximately $11.7 million to 155 claimants during the Terra/UST depeg in May 2022. These are the two most significant claims histories in DeFi insurance. The overall claims approval rate across the sector is approximately 28%.
Is Nexus Mutual safe to use?
Nexus Mutual is the most established DeFi insurance protocol, with the longest track record of claims processing and approximately 85% of total DeFi insurance category TVL. It operates as a DAO governed by NXM holders and requires KYC for membership. Risks include smart contract risk in the Nexus Mutual contracts themselves, governance capture by large token holders, and the possibility that a correlated event (multiple protocols exploited simultaneously) could overwhelm the capital pool. The protocol itself has not suffered a smart contract exploit, though its founder lost approximately $8 million in a targeted personal phishing attack in 2020.
Why is so little of DeFi TVL insured?
Multiple factors contribute to the sub-1% insurance adoption rate. Premiums of 1-15% annually are expensive relative to the yields many DeFi positions generate, making insured positions net-negative in many cases. The claims process can be uncertain: the overall approval rate across DeFi insurance is approximately 28%. Many DeFi users underestimate exploit risk or assume that audited protocols are safe (audited protocols get hacked regularly). The UX of purchasing DeFi insurance remains complex, and the failure of most insurance protocols has eroded trust in the category itself.
What is parametric insurance in DeFi?
Parametric insurance pays out automatically when predefined conditions are met, without requiring individual claims assessment. In Neptune Mutual's model (before it shut down), when an incident was reported and confirmed by token holder consensus, all cover holders in the affected pool received payouts. This contrasts with discretionary models where each claim is individually evaluated. Parametric models offer speed and certainty but cannot handle nuanced scenarios where some users in a protocol were affected and others were not. Despite their theoretical advantages, no parametric DeFi insurance protocol has achieved sustainable scale.
Do Bitcoin users need DeFi insurance?
Users who hold Bitcoin in self-custodial wallets or use native Bitcoin payment protocols face a different risk profile than users depositing into EVM-based DeFi contracts. The primary risks for Bitcoin holders are key management and custodial failures, not smart contract exploits. DeFi insurance is most relevant for users who have funds deposited in lending protocols, liquidity pools, or bridges: the systems where complex smart contract logic creates the exploit surface that insurance is designed to cover.
This tool is for informational purposes only and does not constitute financial advice. Protocol data is approximate and based on publicly available information as of mid-2026. Capital pool sizes, premium rates, and protocol status change frequently. Always verify current data directly with the protocol before purchasing coverage.
Build with Spark
Integrate bitcoin, Lightning, and stablecoins into your app with a few lines of code.
Read the docs →