On Friday, decentralized finance (DeFi) stablecoin project Origin Protocol announced a plan to compensate users affected by a $7 million November exploit — part of a wider trend from developers, users, and traders that has seen actors across the DeFi space more widely embrace insurance products and other exploit backstops.
On November 17th, Origin Dollar announced that its yield-bearing stablecoin project had been the victim of a $7 million flash loan attack. While the attack is just another instance of what has been a brutal summer and fall for DeFi protocols facing hacks and exploits, the Origin Dollar team’s response stands out for its attempt to fully compensate users.
In a blog post on Friday, Origin Dollar product manager Micah Alcorn laid out a multi-tiered plan that would immediately pay 75% of users their lost funds back in the “audited, and relaunched with new security measures in place” stablecoin OUSD.
For larger depositors, however, payments would be a more complicated process, involving a 1-year timelocked quantity of the e-commerce utility token OGN. Whether or not these larger depositors will be fully compensated for their loss therefore depends on the performance of the OGN token.
Even with the timelock, Alan, a semi-anonymous core developer at insurance-adjacent 'coverage' protocol Cover, says that the effort from Origin might help attract new users to the space.
“I believe protocols (and their auditors) need to start taking responsibility for the code they push out,” he said. “Whether it is through they themselves providing coverage, or reimbursing funds, this type of behavior sets a strong precedent and allows users to feel more confident in the platforms they use, which helps boost TVL, so a win-win.”
In the past, DeFi protocols have offered users little more than a “don’t risk more than you can afford to lose” disclaimer, but market movements appear to be trending towards better protections.
According to Alan, Cover has nearly tripled its total value locked since its users decided to cover the Pickle Finance hack, rising to $39 million.
Likewise, Nsure Network — another coverage protocol in testnet phase and set for launch in Q1 2021 — has been on a tear, rising nearly 60% on the month.
As these coverage tools develop, Alan recommends that developers seriously investigate launching with coverage plans and including clear exploit contingencies as a core feature of DeFi protocols.
“DeFi needs to set a precedent that the protocol themselves need to be held accountable if they get hacked. From what I have seen with the recent exploits, getting hacked simply means ‘Oops, we'll patch this bug and do better next time’. [...] Having an "insurance fund" really comforts users knowing that if the protocol they deposit in gets hacked, their deposits are covered.”
Moreover, he adds, if DeFi is ever going to really break mainstream, these kinds of protections might be a requirement and not just a luxury for skittish depositors.
“Having a coverage/protection fund is the way to go in the future if DeFi really wants to truly gain mass adoption.”