Nexus Mutual is the largest on-chain cover provider: a member mutual that pays on hacks, but at its own discretion, there is no legally enforceable claim.
Nexus Mutual is the largest on-chain cover provider for crypto. This profile combines live on-chain data with a sourced analysis of what is actually covered, who decides on claims, and which risks the buyer keeps. Facts, not advice.
Nexus Mutual is insurance without an insurer: three roles share one common capital pool. Pick a product and click through the two cases.
Alice. Has money in the protocol, pays a premium, gets reimbursed if a covered loss hits.
Stake NXM on Uniswap v3. They carry the risk and earn the premium.
Shared vault (ETH, stablecoins). Pays the claims. Shared across ALL products.
The payout is discretionary, not a legally enforceable claim, so the assessors can decline. And only specific events like an exploit are covered. The classic LP loss (impermanent loss) or a depeg are NOT covered.
Transparent, battle-tested, well capitalised relative to active cover. The structural weakness is legal: payout is a discretionary member decision, not an enforceable claim.
How to read this page: where each value comes from
Only on-chain values are verifiable without trusting anyone. Everything off-chain, including binding documents, ultimately relies on trust in the source.
Reading the chain…
The key legal point: Nexus Mutual states explicitly that cover is not a contract of insurance. Members vote on claims; the mutual has discretion, not an obligation, to pay. The $18.5M claims record is real, but it is a track record, not a legal right.
Extracted from the current cover terms (the binding document, linked in the sources). The product name suggests broad protection; the wording is narrower.
Claims are assessed by a Claims Committee of three publicly known members: founder Hugh Karp, CTO Roxana Danila, and Head of Risk BraveNewDeFi. At least 2 of 3 accept votes are required. Voting stays open for at least 72 hours, followed by a 24-hour cool-down in which the Advisory Board can reverse fraudulent votes. A denied claim can be re-filed with more evidence; there is no independent appeals body.
Paid claims per provider documentation, including bZx (2020), Yearn (2021), CREAM (2021), Rari Fuse (2022), FTX and BlockFi withdrawal halts (2022) and Euler (2023). Individual outcomes and rationales are public in the claims database.
Caution: these figures show paid claims only. The overall acceptance rate and processing times across all filed claims were not verified in this analysis.
A structured assessment across seven categories, 0 to 100 points in total. The score is an opinion based on the sources below, not a probability of payout and not a guarantee.
Precise wording with defined thresholds and explicit exclusions. Deduction: several exclusions (depeg, rug pull, bridges, frontend) narrow what buyers may expect from the name "Protocol Cover".
Pool and MCR ratio verifiable on-chain in real time. Deduction: asset composition and per-protocol exposure not verified in this analysis; pool is largely ETH-denominated against partly USD-denominated liabilities.
Documented process, public rationale, $18.5M paid across documented events. Deduction: decisions rest with a 3-person committee including the founder and CTO; appeal means re-filing to the same body.
Long audit trail (iosiro, most recently March 2025, plus earlier firms), Immunefi bug bounty. Deduction: bounty capped at $50k, small relative to pool size; upgradeability and admin scope not audited here.
Member governance with public forum and on-chain votes. Deduction: Advisory Board can reverse assessment votes and replace assessors; voting power delegation concentrates influence with pool managers.
Discretionary cover: no legal obligation to pay, payout depends on the assessment vote. Membership agreement exists, but there is no enforceable insurance claim.
Contracts verified on Etherscan, public claims database, Dune dashboards, full cover wording on IPFS, per-claim rationale published.
Payout is discretionary. There is no legally enforceable claim: an automatic warning under the Assecura methodology, regardless of the track record.
Claims are decided by a 3-person committee that includes the founder and the CTO. The mutual pays, insiders decide: a structural conflict of interest.
The Advisory Board can reverse votes it deems fraudulent and replace assessors: a fraud safeguard, but also concentrated power.
The capital pool is largely ETH-denominated while cover obligations are partly USD-denominated. A sharp ETH drawdown compresses real capacity. Exact composition: not verified here.
Key exclusions (depeg, rug pull, bridges, frontend attacks) contradict what many buyers colloquially understand as a "protocol hack".
NXM is not tradable outside the mutual. Exiting requires the in-app redemption mechanism, which depends on pool liquidity.
Points this analysis could not verify. Anyone buying significant cover should clarify these first.
Analysis as of 2026-07-14. Live figures update every 5 minutes from the contracts. Not affiliated with Nexus Mutual. Informational only, no legal, investment or insurance advice.