Cover analysis · Nexus Mutual

The safety net,
dissected.

In plain words

Nexus Mutual is the largest on-chain cover provider: a member mutual that pays on hacks, but at its own discretion, there is no legally enforceable claim.

Nexus Mutual is the largest on-chain cover provider for crypto. This profile combines live on-chain data with a sourced analysis of what is actually covered, who decides on claims, and which risks the buyer keeps. Facts, not advice.

How the mutual works

Nexus Mutual is insurance without an insurer: three roles share one common capital pool. Pick a product and click through the two cases.

Example Alice has $100,000 in Uniswap v3. She wants to hedge against a hack of the contracts.
Buyer

Alice. Has money in the protocol, pays a premium, gets reimbursed if a covered loss hits.

pays ~$70 premium
Stakers

Stake NXM on Uniswap v3. They carry the risk and earn the premium.

keeps the premium
Capital pool

Shared vault (ETH, stablecoins). Pays the claims. Shared across ALL products.

untouched
  1. The stakers stake NXM on the Uniswap v3 listing. That creates capacity and sets the annual premium (currently about 0.28%).
  2. Alice buys $100,000 of cover for 90 days and pays about $70 in premium. The premium goes to the stakers.
  3. No hack. After 90 days the cover simply expires.
Buyer −$70
Stakers +$70
Pool untouched
The catch

The payout is discretionary, not a legally enforceable claim, so the assessors can decline. And only specific events like an exploit are covered. The classic LP loss (impermanent loss) or a depeg are NOT covered.

70/100 Solid

Transparent, battle-tested, well capitalised relative to active cover. The structural weakness is legal: payout is a discretionary member decision, not an enforceable claim.

Data confidence: medium · Assessment as of 2026-07-14 · Methodology: Assecura Score

How to read this page: where each value comes from

On-chain Read from contracts, verifiable by anyone at any time.
Contract doc From a binding written document, off-chain but checkable.
Provider claim Stated by the provider, off-chain: a matter of trust.
Third party From a third-party source, off-chain: a matter of trust.
Our assessment Our judgement under the Assecura methodology.

Only on-chain values are verifiable without trusting anyone. Everything off-chain, including binding documents, ultimately relies on trust in the source.

Product analyses

Live on-chain On-chain

Reading the chain…

Profile

Provider Nexus Mutual (DAO, discretionary mutual) Provider claim
Live since 30 May 2019, Ethereum mainnet Provider claim
Product analysed Single Protocol Cover (current cover terms) Our assessment
Legal nature Discretionary cover: payout is a member decision, not a legal obligation Contract doc
Recovery entity Terrapin International Foundation (per cover terms) Contract doc
Membership KYC plus membership fee required, sanctioned jurisdictions excluded Contract doc
Token NXM: members only, not listed on exchanges, redeemable for ETH in-app Provider claim

The key legal point: Nexus Mutual states explicitly that cover is not a contract of insurance. Members vote on claims; the mutual has discretion, not an obligation, to pay. The $18.5M claims record is real, but it is a track record, not a legal right.

What is covered Contract doc

Extracted from the current cover terms (the binding document, linked in the sources). The product name suggests broad protection; the wording is narrower.

5 covered 1 conditional 7 excluded
Covered
Smart contract exploit / code bug Protocol used in an unintended way due to a code bug.
Covered
Oracle failure Price error above 1% (stablecoins) or 2.5% (other assets), defined causes.
Covered
Oracle manipulation Deliberately corrupted price feed causing loss of funds.
Covered
Liquidation failure Bad debt socialised to lenders, or collateral sold below 80% of fair value.
Covered
Governance takeover Malicious actor forces a malicious contract upgrade.
Excluded
Depeg of a protocol-issued asset Explicitly excluded (clause 9.6).
Excluded
Rug pull / team confiscates funds Excluded when done within the permissions of the protocol (clause 9.7).
Excluded
Bridge components Losses from bridging components are excluded (clause 9.9).
Excluded
Frontend / UI compromise UI and website errors excluded while the protocol acts as intended (clause 9.8).
Excluded
Phishing, private key theft, malware Excluded while the protocol acts as intended (clause 9.2).
Excluded
Known vulnerability before cover start Prior events, public disclosures, also for parent protocols of forks (clause 9.4).
Excluded
Pure market price movements Excluded unless the movement itself meets the oracle failure/manipulation definition (clause 9.5).
Conditional
Deployments on non-EVM chains Only with Native Protocol Cover (Part A) or a special annex (clause 9.1).

Conditions attached Contract doc

Deductible 5% of the cover amount (unless the annex states otherwise)
Waiting period 14-day cool-down after the loss event before a claim can be filed
Late filing window 35-day grace period after the cover period ends
Payout redemption Approved claims must be redeemed within 30 days
Proof of loss On-chain proof: signed message or 0-value transaction from the affected address
Double recovery Recoveries from third parties must be assigned or repaid, no double recovery

Who decides on claims Provider claim

Claims are assessed by a Claims Committee of three publicly known members: founder Hugh Karp, CTO Roxana Danila, and Head of Risk BraveNewDeFi. At least 2 of 3 accept votes are required. Voting stays open for at least 72 hours, followed by a 24-hour cool-down in which the Advisory Board can reverse fraudulent votes. A denied claim can be re-filed with more evidence; there is no independent appeals body.

YearClaims paid
2020$33,720
2021$2,716,958
2022$6,615,395
2023$8,883,213
2024$6,895
2025$245,957
Total$18,502,138

Paid claims per provider documentation, including bZx (2020), Yearn (2021), CREAM (2021), Rari Fuse (2022), FTX and BlockFi withdrawal halts (2022) and Euler (2023). Individual outcomes and rationales are public in the claims database.

Caution: these figures show paid claims only. The overall acceptance rate and processing times across all filed claims were not verified in this analysis.

Assecura Score Our assessment

A structured assessment across seven categories, 0 to 100 points in total. The score is an opinion based on the sources below, not a probability of payout and not a guarantee.

Coverage clarity 16/20

Precise wording with defined thresholds and explicit exclusions. Deduction: several exclusions (depeg, rug pull, bridges, frontend) narrow what buyers may expect from the name "Protocol Cover".

Capital & liquidity 15/20

Pool and MCR ratio verifiable on-chain in real time. Deduction: asset composition and per-protocol exposure not verified in this analysis; pool is largely ETH-denominated against partly USD-denominated liabilities.

Claims process 10/15

Documented process, public rationale, $18.5M paid across documented events. Deduction: decisions rest with a 3-person committee including the founder and CTO; appeal means re-filing to the same body.

Technical security 11/15

Long audit trail (iosiro, most recently March 2025, plus earlier firms), Immunefi bug bounty. Deduction: bounty capped at $50k, small relative to pool size; upgradeability and admin scope not audited here.

Governance 6/10

Member governance with public forum and on-chain votes. Deduction: Advisory Board can reverse assessment votes and replace assessors; voting power delegation concentrates influence with pool managers.

Legal enforceability 3/10

Discretionary cover: no legal obligation to pay, payout depends on the assessment vote. Membership agreement exists, but there is no enforceable insurance claim.

Transparency & data quality 9/10

Contracts verified on Etherscan, public claims database, Dune dashboards, full cover wording on IPFS, per-claim rationale published.

Total 70/100 · Solid

Red flags Our assessment

01

Payout is discretionary. There is no legally enforceable claim: an automatic warning under the Assecura methodology, regardless of the track record.

02

Claims are decided by a 3-person committee that includes the founder and the CTO. The mutual pays, insiders decide: a structural conflict of interest.

03

The Advisory Board can reverse votes it deems fraudulent and replace assessors: a fraud safeguard, but also concentrated power.

04

The capital pool is largely ETH-denominated while cover obligations are partly USD-denominated. A sharp ETH drawdown compresses real capacity. Exact composition: not verified here.

05

Key exclusions (depeg, rug pull, bridges, frontend attacks) contradict what many buyers colloquially understand as a "protocol hack".

06

NXM is not tradable outside the mutual. Exiting requires the in-app redemption mechanism, which depends on pool liquidity.

Open questions Our assessment

Points this analysis could not verify. Anyone buying significant cover should clarify these first.

Sources

Analysis as of 2026-07-14. Live figures update every 5 minutes from the contracts. Not affiliated with Nexus Mutual. Informational only, no legal, investment or insurance advice.