Revolutionizing crypto insurance with private biometrics


Insurance industry provides risk management services in the form of insurance contracts to their customers. One party, the insurer, guarantees payment for a future event that is unknown at this time. In the meantime, the insured party or the policyholder, pays a lower premium to the insurer in exchange for protection against an uncertain future occurrence that is covered by the insurance policy.

Aside from the above mentioned standard form of insurance, there are other forms of insurance and insurance companies.   Mutual insurance, which has also existed for centuries, is a good example. Unlike standard insurance companies, this type of an insurance company is entirely owned by its policyholders. A mutual insurance company's profits are either retained within the company or rebated to policyholders in the form of dividend distributions or lower future premiums. A stock insurance company, on the other hand, is owned by investors who have purchased company stock; any profits generated by a stock insurance company are distributed to the investors without necessarily benefiting policyholders.

Challenges in Insuring Cryptocurrency Losses

DeFi applications are the most attractive targets to hackers that have ever existed. At times, the (largely open source) software can give hackers instant, very large, payouts that can easily be made untraceable. One of the largest hacks in 2021 involved a hacker stealing $600 million in digital coins from Poly Network, only to return nearly all the assets less than 48 hours later. There have been almost 70 documented hacks and scams in the span of just two years.

Enormous hacks on many different protocols have made the industry painfully aware that users need the most protection possible.There are protocols that provide compensation for losses by managing risk using assessment based on analytics instead of voting or staking. These protocols are intended to help liquidity providers hedge their risk when there is potential of smart contract exploits.

Nexus Mutual being the leading project in the crypto space does not provide insurance because it is a discretionary mutual: a mutual fund that provides discretionary cover, which is an insurance-like product with only a discretion, rather than a legal obligation to pay out in the event of a material loss. Nexus Mutual's coverage products are not insurance contracts. Cover products provide discretionary cover between members who act as Risk Assessors and Cover Holders. Claims Assessors have complete discretion over whether or not a claim is approved for a successful payout. Members place their faith in the economic incentive model rather than an insurance company. Membership rights are represented by tokens. Tokens can be used to purchase cover as well as participate in claims assessment, underwriting and governance. All funds raised from token purchases belong to members.

Aside from price volatility and regulatory risk, theft seems to be one of the greatest concerns amongst crypto currency holders. Hence the demand for insurance to insure against adverse events. Private keys to large wallets should be, and commonly are physically protected in the same way that cash or gold would be. One other point to note here, is that hot wallets – which are called so because they are connected to the internet – are more vulnerable to security breaches compared to cold storage wallets, as they are not connected to the internet and are therefore less vulnerable to security breaches.

So, how does an insured party make claims in the crypto space? Proof of loss allows users to prove that they are the owners of one or more addresses that were subject to an incident before submitting a claim. The proofs can be either on-chain or off-chain depending on the evidence required. What happens in the scenario when a wallet gets hacked and the hacker submits the validity proofs instead? How can a system be made robust enough such that even when a wallet security gets compromised, there will be a liveness check against the biometrics of the original owner? Humanode proposes a viable solution for such circumstances.

On an organization level, many DeFi or NFT projects are DAOs, which are decentralized, which means they aren't governed by one person or entity. This calls for well-established, ordered, and open interactions between the stakeholders. Insurance claims for DAO treasuries is also a crucial element so that a robust system exists that prevents any Sybil attacks.

The role of Humanode

Humanode uses a friction-less and privacy preserving human attestation system that is performed on an encrypted server. Only the attestation result is communicated to the network. To ensure the server can verify the integrity of the transmitted result, the user must include a commitment of liveness detection. Identity fraud in the insurance industry will be reduced when no two different individuals can claim to be the same person because the underlying liveness detection system cannot be spoofed. Hence we present a novel mechanism that the insurance industry can adopt to bring about a robust identification system.