Why is no one buying DeFi insurance?

Writing: Thejaswini M A

Translation: Luffy, Foresight News

"Insurance is just a scam," this is almost a consensus among everyone in the market.

It's not unreasonable for everyone to think this way. US-based Cigna Insurance has developed an algorithm that can deny claims directly without reviewing medical records. UnitedHealth Insurance stops paying for care costs once the algorithm's set period expires, completely ignoring the treating doctor's medical opinions. The traditional insurance business model has always been: collect customer funds first, take a large cut of the profits, and layer barriers to hinder claims.

Today, bank deposits are insured by the Federal Deposit Insurance Corporation (FDIC), but the payout limit is only $250k, a standard that has hardly been adjusted since 1934. Brokerage accounts are protected by the Securities Investor Protection Corporation (SIPC), with a limit of $500k. Once account assets exceed this amount, protection is essentially meaningless. Public perception of the protection level is far less than the actual, as the payout cap is entirely set unilaterally by insurance companies.

DeFi insurance has the potential to completely solve this pain point: removing intermediaries, and as long as the smart contract's preset conditions are triggered, payouts are automatically executed, eliminating human malicious denial of claims.

But the reality is that almost no one is willing to buy it. Insurance premiums significantly erode investment returns; after deducting premiums, the remaining gains are simply not enough to match the investment risks users undertake.

This article will explain the current market situation and why, even if everyone wants to solve this problem, the core root causes make it difficult to turn the tide.

Nexus Mutual is currently the largest DeFi insurance provider. Since launching in 2019, total claims paid out have only reached just over $18 million.

Data source: Dune Analytics

In April 2026, Kelp DAO was hacked, losing up to $292 million. This single theft amount is equivalent to 16 times the total claims of this leading insurance platform over seven years.

This starkly contrasts with the crazy denial of claims in traditional insurance. Traditional insurers charge high premiums but do everything possible to block claims; whereas DeFi insurance has slim premium income, fundamentally because almost no investors are willing to insure.

The stability of traditional insurance relies on the fact that risks are not correlated. A house fire in one household won't cause damage to others. An insurance company can sell policies to 1 million users, and a single fire claim can be fully covered by the total premiums collected. But DeFi lacks such risk isolation mechanisms: oracle failures, cross-chain bridge vulnerabilities, and other security incidents can cause chain reactions affecting all funds pools and lending protocols relying on that underlying asset. In March 2023, the USDC de-pegging event caused all protocols using USDC as collateral to be affected on the same day. For DeFi insurance pools, risks are highly correlated, and underwriters can only bet that losses from security incidents are manageable, with enough funds in the insurance pool to cover them.

In March 2023, Euler Finance was hacked for $197 million, and chain risks rapidly spread: Angle Protocol suffered a loss of $17 million due to Euler liquidity token losses, Yield Protocol was forced to shut down operations, and other platforms like Inverse Finance were also affected.

Once a protocol has a security vulnerability, it often impacts multiple projects, and extreme incidents in a single day can even deplete the entire insurance reserve.

I have compiled the current premium rates of Nexus Mutual and InsurAce, comparing them with the native annualized yields of their insured protocols: Aave V3’s USDC deposits yield about 3.14% annually, with insurance premiums ranging from 1.5% to 2.5%. After deducting premiums, net returns are only 0.6%–1.6%. Investors take on on-chain security risks, but their final gains are only slightly higher than ordinary bank savings.

Morpho, Compound, Spark have similar yields, with native annualized returns of 3.5%–4%. Premiums eat up one-third to half of the returns, so while there is still a slim profit, the cost-performance ratio is extremely low.

Maple Finance’s institutional lending pools offer annual yields of 4.77%–4.90%, but insurance premiums are as high as 3%–6%. After insuring, the net returns range from -1.1% to 1.9%. Ethena staking yields 3.6%–4%, with premiums also at 3%–6%, resulting in net returns of -2.4% to 1%. Buying insurance on these platforms can even lead to principal losses in extreme cases.

Only the original MakerDAO (Sky) performs well. Its savings product yields 3.6% annually, with the lowest insurance premium at just 0.11%. The market generally considers it the lowest-risk DeFi asset, and after insurance, net returns stay at 2.8%–3.5%, with most gains retained.

Premium pricing strictly corresponds to risk levels, but emerging platforms charge excessively high premiums, directly consuming the high returns users seek.

Crypto investors choosing to forego insurance are not lazy or reckless; they understand that in most cases, buying insurance results in zero returns. Even if all DeFi depositors tomorrow choose to insure fully, the industry cannot meet this demand: Nexus Mutual’s total fund pool is about $250k, and the entire industry’s effective coverage is only a few hundred million dollars, while the total assets locked in major protocols reach hundreds of billions—an enormous supply-demand gap.

In the event of a large-scale security incident like Kelp DAO, a single claim could wipe out most of the industry’s insurance reserves.

The $500k in total claims exposes the fragility of the industry’s fund pools; the entire market has never experienced a catastrophic risk event capable of breaching the coverage reserves.

After users submit claims to Nexus Mutual, the payout decision requires voting by all token-holding members of the platform. Members supporting the claim, if the payout ultimately fails, will have their own assets directly at risk. This mechanism naturally fosters a tendency to deny claims. Traditional insurance employs underwriters and claims adjusters to balance these conflicts, but DeFi insurance merges ownership and responsibility within the same group.

Before the 2008 financial crisis, risk pricing agencies generally believed that a U.S. housing market collapse was impossible, as they had never experienced it firsthand. Insurance giant AIG sold large amounts of risk protection contracts, but when the crisis hit, they were completely unable to pay out.

Before the FDIC was established, ordinary depositors had no safety net for their assets. The Great Depression forced the government to implement mandatory bank insurance, making it a mandatory cost of banking operations.

In DeFi, no one can force protocols like Aave or Morpho to buy insurance; deploying smart contracts is permissionless, and no entity can compel projects to allocate risk coverage. This results in a lack of a safety net to withstand extreme market conditions.

Nexus Mutual’s three largest claims in history are: approximately $7.3 million paid out in two installments for the FTX collapse, $5 million for the TribeDAO hack, and $3.4 million for Euler Finance’s attack. The total of these three claims nearly equals the platform’s total claims of $18.6 million over seven years.

Today, this mutual insurance platform is shifting toward proactive risk prevention, partnering with security audit firms like Immunefi, Cantina, and Sherlock to launch bug bounty insurance products. Protocols only need to cover 20% of critical bug bounties, with the remaining funds backed by Nexus Mutual, incentivizing white-hat hackers to find vulnerabilities early and prevent thefts at the source. Meanwhile, Nexus Mutual is also developing compliant insurance sub-pools, attempting to connect crypto risks with reinsurance pools and bring in larger external capital to expand underwriting capacity.

In March 2025, Cantina further launched an independent native protocol insurance product, allowing users to receive claims even if vulnerabilities are not discovered by bounty hunters before an attack.

Both of these transformations fundamentally acknowledge a core reality: on-chain funds are insufficient to cover on-chain risks. The insurance pools are too small, risks are highly correlated, and the claim adjudicators and capital providers are the same group—these three major flaws cannot be eliminated.

Nexus Mutual, with $81.56 million locked in according to DeFiLlama, accounts for 85% of the entire DeFi insurance market share. Other competitors are shrinking: InsurAce peaked at $150 million in locked assets but now only has $132k; after the UST de-pegging in 2022, it only processed one major claim; Sherlock’s pool shrank from $60 million to $505k within a year; Unslashed Finance’s millions of dollars are stuck in outdated code that stopped updating at the end of 2024. Other insurance projects have either shut down completely or shifted their business focus.

Lighthouses warn ships of reefs but cannot charge passing ships for using the lighthouse, so few are willing to fund building lighthouses. The benefits are shared by all, but the costs are borne solely by the builders.

The value of DeFi insurance lies precisely in preventing chain reactions of liquidations and crises. Since assets in the crypto market are highly interconnected, only if everyone insures simultaneously can the overall market remain stable. But if everyone relies on others to insure and is unwilling to pay premiums themselves, no one will buy insurance, and the risk protection system becomes a mere illusion. Without proactive backing, no assets can be truly protected.