In this episode, Bobby Ong, co-founder of CoinGecko is joined by Hugh Karp, Founder of Nexus Mutual. Bobby interviewed Hugh on the background of Nexus Mutual, insurance in the crypto space, protocols supported by Nexus Mutual, as well as their upcoming plans for Nexus Mutual.
[00:01:22] What is Nexus Mutual?
[00:06:46] Why does crypto space need insurance?
[00:14:11] Protocols supported by Nexus Mutual
[00:15:15] Does Nexus Mutual support multi-chain
[00:24:33] Comparison with other insurance providers
[00:26:03] Plans for the decentralization of Nexus Mutual
[00:30:20] Advice on security practices
[00:35:53] Plans for Nexus Mutual in the coming years
Quotes from the episode:
“I believe crypto is building a new economy. And every single economy in the world needs insurance because it allows other people to take risks, to like, you know, there's risks that they can't manage. And so it allows people to take risks and actually build new stuff.” [00:07:00]
“If you buy cover on SushiSwap, you get coverage on any of the seven all sorts chains that it's on, same with Aave and any other multi-chain deployment.” [00:15:51]
“We're looking to redo some of the core mechanics, just really make them DeFi native and have a stake in mechanics. Delegated staking is probably going to be a big one at the core level. ” [00:36:12]
Watch the Podcast on YouTube
Nexus Mutual - https://nexusmutual.io/
CoinGecko - https://www.coingecko.com/
Nexus Mutual (NXM) on CoinGecko - https://www.coingecko.com/en/coins/nexus-mutual
Bobby Ong [00:00:00]:
Welcome to the CoinGecko podcast. I'm your host, Bobby Ong. Each week we will be interviewing someone from the blockchain industry to learn more about this fast moving cryptocurrency economy. If this is your first time listening then, thanks for coming. The CoinGecko podcast is produced each week to help you stay ahead of the curve. Shownotes can be found at podcast.coingecko.com. I highly encourage you to join our newsletter, where we send out top news in the crypto industry every Monday to Friday. Come back often and feel free to add the podcast to your favorite RSS feed or iTunes. You can also follow us on Twitter and Telegram at CoinGecko.
Hey guys. Welcome to the CoinGecko podcast. My name is Bobby. I'm the co-founder and CEO at CoinGecko. For today's episode, we have Hugh Karp, founder of Nexus Mutual. Just wanna say, if you're watching this on YouTube, we at CoinGecko would really appreciate it if you hit that subscribe button below and yeah, so Hugh is insurance professional and actuary, 15 years of experience in a broad range of insurance and reinsurance roles, including the CFO of UK Life operations for a global reinsurer - Munich Re. He founded Nexus Mutual back in 2019 and Nexus Mutual is currently the leader in the field of decentralized insurance with active cover amount of $500 Million. Welcome to the CoinGecko podcast, Hugh.
Hugh Karp [00:01:20]:
Yeah, thanks for having me on.
Bobby Ong [00:01:22]:
Yeah. I guess to start things off, right. I guess, for some of our listeners who may not be really familiar with Nexus Mutual, can you kindly share a little bit about what Nexus Mutual is and what you guys do?
Hugh Karp [00:01:33]:
Yeah. Cool. I think like the main point here, what Nexus is trying to do is basically just provide an alternative way for individuals to share risk together, which is like a very, very old thing. Like, you know, thousands of years old, like people have been doing this forever. And it's they do it because, they wanna make this society or the community more resilient to risk. You know, people die and look after their family or whatever stuff like that. And so this is a very kind of old, old thing. And really what we're doing is just using new technology to make a much more efficient and much more scalable and allow anyone in the world to kind of join and to make it global. And so that's kind of like the really kind of big concept, but I guess where we've started is crypto risks because with crypto native, the early adopters are going to be crypto native, and so we need products that they want to buy essentially. So we're covering things like smart contract risks, custodian risks with exchanges or lenders, like, you know, Blockfi or Nexo or something. And so basically those very native crypto risks that it's very hard to get regular insurance products from the traditional industry right now. And so that's kinda where we started, but it's really just about a community sharing risk together.
Bobby Ong [00:02:46]:
Yeah. It's interesting. I mean, you provide, certainly provide a service that's much needed in DeFi. I mean, everyone's kind of YOLO-ing into all these things and sometimes you just want to pass the risks to someone else, but there was no way of doing it before Nexus Mutual, and I'm glad that you took the opportunity to build Nexus Mutual. But before you get into Nexus Mutual, right, I mean let's get into your background. You were the CFO of Munich Re in the UK, so one of the largest reinsurers of the world. I mean, obviously you've got something really good going on in corporate. And why do you choose to leave? And end up in crypto insurance?
Hugh Karp [00:03:16]:
I guess, I kind of discovered Bitcoin, like, you know, like lots of other people, a fair while ago now, 2010/11 or so. And I played around with it for a bit, but, and I guess the technology fascinated me. Because I just thought it was fundamentally very interesting that you could send money between people without anyone else in the middle. But I guess at that point I didn't really know what to do with it. So, I was kind of aware of the industry and stuff for a while. And so, you know, I just continued working in insurance for a while, but I got a little bit jaded over time. I kind of felt that I guess there's a big range here. You're kind of at the backend of the value chain of insurance. And all we were really doing is like big, massive transactions between different insurance companies and stuff. And if you boil it down, it was possibly basically just regulatory arbitrage, regulatory capital arbitrage, just making sure it's the most efficient place to hold the capital. And it kind of felt much too distant from me. Kind of end consumer to me. And so I guess I was kind of looking for something new, just to do something different. And then I kind of, I heard about Ethereum again. I heard about Ethereum a bit after it launched. And I guess that was kind of the aha moment for me, but basically, you know, if you can do, I was interested in the underlying tech, but if you could write code, like the defense statements, then you can do an insurance contract and therefore you can rebuild like kind of mutual from the ground up. So that kind of where I was coming from and how Nexus started.
Bobby Ong [00:04:44]:
Interesting. Because when you started, I mean, DeFi definitely wasn't a thing. It wasn't even called DeFi. There was no such thing. And when you had this idea, I mean, it was possible to be on a smart contract and you kind of did this, was it when 2017, 2018 or so. Some kind of in the bear market and I've heard that you kind of almost gave up because there was kind of a lack of funding back then. I mean, there wasn't any money back in the crypto space back then and ultimately you decided to invest your own funds and kind of continue. And I guess wanted to find out, like, what gave you the conviction to kind of go all in, obviously it's a big risk, right?
Hugh Karp [00:05:15]:
Yeah. So we raised around like, we built a proof of concept late 2017. We raised kind of seed around end of 2017, nearly 18. And then that was kind of the rough peak of the last, you know, peak of ETH price. And then like, it's just obviously kept going down and, you know, we probably should have sold more ETH before, but you know, I think a look treasuries are like that. And when we got to early 2019, and we weren't quite launched yet, but we didn't really have any money left. And so asked around a lot of people and we've got a few people that would commit, but we needed a bit more to get to launched. And so I decided, yeah, I decided to put my money together on the line and I don't know, what's the conviction, I'm not, I'm not exactly sure. I probably just really stubborn. I think we got so close and to me in my mind, if we launched and no one used it, I'd be like, "Oh, okay. Fine." I'd be able to move on to and go like, go and do something else. That's okay. But I think it had just always frustrate me that we never really got to see if it would actually work. And so I just wanted to really get it to launch. And I guess I was lucky enough to have bought some ETH for quite a, you know, a while ago and managed to use that to I'd say took out a loan on Maker to fund...
Bobby Ong [00:06:26]:
Hugh Karp [00:06:28]:
Yeah, so make a version one, single flashloan, DAI and use that to kind of get us to launch. So that, you know, that was pretty cool. You know, takes you 20 minutes to get a loan. So, yeah, that was great, even if you had to click through 13 transactions or something at the time. But yeah, so I think a bit of stubbornness, but just really wanted to see it live and working.
Bobby Ong [00:06:46]:
And the next question I have is actually about insurance, right? Why do you think the crypto space needs insurance? I know you've written extensively about this, but it will be interesting to hear from your point of view on why is it important?
Hugh Karp [00:06:57]:
Yeah, I mean, I think it's, the way I, at a very high level, I believe crypto is building a new economy. And every single economy in the world needs insurance because it allows kind of other people to take risks, to like, you know, there's risks that they can't manage. And so it allows people to take risks and actually build new stuff. If you want to launch a rocket, someone's going to have insurance. And if you want to build a train line and you got to have insurance, if you're going to build the house, you can have insurance. Like it's all kind of fundamentally there. And I think in the same way, crypto needs fast for other more and more people to join and build new things and get adoption. There's a whole bunch of early adopters, which are very, and they're generally very, they're happy to take on risks, right. And so they've had to perhaps don't want to do as much, but a whole wave of new people that are going into the space want that. And, you know, we've seen a lot of especially over the past six months to a year, a lot of institutions asking questions and coming to us directly because they're very interested on what's going on in DeFi, but they a bit hesitant to deploy without the appropriate kind of compliance and insurance check boxes ticked. And so they come and talk to us to understand what's going on and things, and you know, they're getting close and I believe that more and more people will come across because of insurance solutions.
Bobby Ong [00:08:11]:
You guys have been live for the past two or three years and selling insurance directly to clients on your website and indirectly via resellers and all. So I'm curious to hear, right, who are the main purchasers of insurance from the past two, three years of experience and then do you think there is a gap on the demand side? Or is it more on the supply side of people kind of staking to open up capacity for insurance?
Hugh Karp [00:08:33]:
Yep. I think first point I just want to make is we don't actually legally sell insurance. We just resell cover. It's called discretionary cover so the members have the final say, I guess on what claims are valid. So just to get that out there, but in terms of the customers, I think It's basically, there's a wide range obviously, but at one end we've got a whole bunch of smaller, kind of more retail side of things. But I think our main traction so far has been the high end of retail into whales and into funds. So basically, if you're managing a larger amounts of money, or if you're risk aware because you're managing other people's money, then you're much more likely to take out cover on Nexus because if it was there and if the cover was there and then you had a loss event, then you have to explain it to your investors or your LPs, then you can potentially have a bit of a problem so that's definitely a skew to our user base. But that's also due to the fact that that kind of UX right now is a little, I guess, overall it's a little on the clunky side because you kind of have to go to whichever site you're interacting with as the primary purchase. So like a Compound, or on Aave, or Maker, or Uniswap, whatever, you go and do what you want to do there. And then you come into Nexus. So that overall user flow is a bit clunky. But when we get like kind of more distribution built out, it's going to be much more easy to add on like one-click purchases or embedded cover and that type of stuff. Then we strongly believe that we might as well take up on the kind of more retail side of things.
Bobby Ong [00:10:04]:
And what do you think about a supply side? Do you think there's enough capacity from the community to kind of stake and open up a capacity for the insurance, the cover? Yeah.
Hugh Karp [00:10:14]:
Yeah. So we have been, I guess supply side capital constraint. Ever since we launched, we've probably spent, it was about two years ago and we spent about 18 months being supply side capital constraint. And now we've kind of flipped around a bit and the main thing we're going to be focusing on is demand because we've got enough supply side capital in, in the mutual. However, staking is always something that you know, we've got enough capital and then we also need stakers to actually actively kind of deploy that capital, I guess, more specifically. And so more stakers is obviously always good, but we've got enough. It's okay for right now, given the demand levels, but we also need to start scaling them both up in tandem. So that's always the game you've got to match the supply and the demand.
Bobby Ong [00:10:52]:
So I'm curious, right? You said like a few months ago you had the supply side that was constrained, but now it's the demand side. What kind of change in the past few months, did you see demand going down or do you see like supply growing like in the past few months that's why there's more capacity these days?
Hugh Karp [00:11:06]:
Yeah. So we had a massive, like we had about three to 5 million of assets of TVL up until just before DeFi are on. And then we went up to, you know, it depends on the ETH price cause a lot of that capitals are ETH. But then we went up to like 500 million, like, so we, we 100X the TVL like the supply side capital in a very short space of time and so the demand is still kind of catching up to that. So we can still write like two to three times the cover that we have at the moment without any more supply side capital.
Bobby Ong [00:11:37]:
So it was mainly driven by the increase in ETH price because your capital is held in ETH and then your covers kind of written in, denominated mostly in USD amount I suppose, right?
Hugh Karp [00:11:45]:
Yeah, I guess it's a, it's a combination of two things. One that it is denominated in ETH but also the fact that we attracted a lot more ETH as well. So the combination of both of those compounded to give kind of a really big increase.
Bobby Ong [00:11:59]:
Yeah. And earlier you mentioned about the UX element is kind of clunky to kind of buy cover these days. How do you see kind of your insurance space progress in the coming years? What do you think needs to be done so that more retail users buy insurance covers?
Hugh Karp [00:12:14]:
Yeah. I think one of the really interesting things that crypto can do that it's really hard in regular insurance world is embedded or bundled products, the composability of the blockchain, basically. And so what we can do is [inaudible] really hard to make this work on technical level is basically like a covered vault or a, you know, like a, a Yearn Vault or an Idle Vault, or some other type of product like that, where retail users just want to park their ETH, or stable coins, or whatever. And then. The idea being that you can create a kind of covered version of that, which effectively take some of the ill pays for the cover and it's automatically bundled in and it's just an embedded product. And so the user, all they do at the front end is choose, do I want the normal vault or do I want the covered vault for a slightly lower APY. So that's the kind of user experience we're aiming for. And it's something that to me is really exciting that we can't do in the tradfi world.
Bobby Ong [00:13:12]:
So you are thinking more partnerships with players like Aave, Compound, Yearn and then users got a choice of, like, do you want to deposit ETH or stables into the covered or a non-covered pool and then you kind of make a choice, or do you kind of foresee Nexus Mutual building like a Yearn front end and kind of allowing people to kind of stake and deposit their ETH, and USDC, and kind of invest, I guess, directly with covered insurance provided?
Hugh Karp [00:13:37]:
Yeah. I think the exact strategy on how we do the distribution is still open. But there's multiple options there. I mean, the fact of the matter is someone can build that product. And then, so that's kind of step one and then, but you can also work out, like there are multiple ways of distributing it. So you can distribute it through like the platforms themselves. So like Aave's and the Compound's or whatever of the world, or you can create your own portals, or you can pack into existing user portals, like, you know, Zapper, or DeBank, or Zerion, or other places like that. So there's a whole bunch of different options there, which we're continuing to explore.
Bobby Ong [00:14:11]:
So you guys support, maybe you can correct me, like how many protocols do you guys support these days? And how do you guys onboard a new protocol, a new exchange to Nexus Mutual?
Hugh Karp [00:14:21]:
We support close to a hundred, maybe it's just slightly less than a hundred, but close to a hundred different risks right now. So yeah, we've got quite a lot and the cover purchases are actually really well spread across a whole bunch of different risks. So we've got a lot of diversification, which is from an Insurance conceptual point of view diversification, then sharing a risk is kind of really key to making it work. So getting that diversification is key. In terms of like how we decide to list protocols, currently that's done by the team just for a few reasons, we're trying to work out how to do that on a sustainable ongoing basis. And we've been working towards that one as well, but it's usually driven of people asking to "Oh, we want to buy some cover on these [inaudible] and then we kind of do it. But we do some basic investigations just to make sure that it's legit and aren't any quirks or whatever. And then we list in and from that point on, people can stake. And the price is determined from there, and then if that's okay, then people can buy cover.
Bobby Ong [00:15:15]:
And this year, right, we start seeing how the crypto space kind of morph from a very ETH centric landscape to a multi-chain blockchain world, right? So I'm curious to hear like how do you guys at Nexus Mutual take into account this change with the multi-chain world? Do you guys support for example, we saw SushiSwap deploying on seven different chains now, Polygon among Phantom and a bunch of other. Do you guys support SushiSwap on all these different chains?
Hugh Karp [00:15:38]:
Yeah, we do. So our new protocol kind of a product basically covers the risks on any chain. So you have to buy a cover on the Ethereum chain with Nexus, but we cover any risks on any chain. So for example, if you buy cover on SushiSwap, you get coverage on any of the seven all sorts chains that it's on, same with Aave and any other multi-chain deployment. So we've kind of already built for that. I guess there's two kind of angles to multi-chain from the Nexus perspective. One is do we cover risks on other chains? And yes, we do already. The second one is can you buy Nexus cover on other chains, so Nexus deploying on other chains. And right now we're just on Ethereum, and then we're kind of looking at that from a, how do we do that, or how do we deploying. Just copying and pasting Nexus and deploying it on another chain doesn't actually work because you need supply side capital, you need liquidity and so splitting the capital pool is quite inefficient. So looking at ways of bridging cover across buy tokens and other things like that is probably the more likely solution. But right now we're focusing on a few other things first and then we'll come back to that one.
Bobby Ong [00:16:43]:
Nexus Mutual is kind of one of the more interesting models around. I mean, especially for your token, right? The token that you have, NXM token, the price is not determined by the demand, I mean, to some extent, via the demand and supply. But I mean more concretely via a bonding curve and there's some complex formula involved. I'm interested to hear, why do you guys choose to use a bonding curve? How do you even come up with that formula? And why not just use a normal demand supply pricing mechanism, like all the other tokens?
Hugh Karp [00:17:12]:
I think the main point here was when we were, it's all about capital efficiency, but the bonding curve is primarily to manage capital efficiency of the mutual. That's its main goal. So it's to make sure that their mutual has enough capital to be confident in paying claims, but not too much capital that it's not being actively used or efficiently used. That's the entire rate. And so we were struggling with this idea that at the time, where you had like all the ICO's going on, where people would basically do an ICO, here is the token supply. We raised one lot of capital and then we don't really ever come back for more capital. So that didn't really work from Nexus point of view because Nexus needed to kind of get some capital to start, so that it can start selling cover, and then it needed to attract capital on an ongoing basis to match supply and demand. And so we needed a continual way of matching that supply and demand. So that's all that's about. So basically when we write lots of cover, the capital that we need to back it increases, and so what happens then is that puts a dampening effect on the price so that it attracts more capital.
And when we've got excess capital, we generate surplus et cetera. And that remains in the pool and that gives us excess capital. Then the price is pushed up and that encourages people to take money out, and then the NXM token of the same point. So that, that, that's the in time mechanic, it's all around the capital efficiency. And I mean, the curve is there and it's a structure, but it does effectively allow supply demand because there're more people that want to buy that pushes it up a little and there's people want to buy it pushes it down as well. I guess the key difference right now especially in that perhaps this is might fall into your next question is we're currently at like the minimum capital, so you can't actually sell on the bonding curve right now. And that's really important. Like insurance entities need permanent capital so that they can be confident that they can write risk that occurs over a longer term period, and they need to make sure that the capital is actually there to pay potential claims.
Bobby Ong [00:19:17]:
Yeah, I mean, so this is where the wrapped NXM token come about, I mean, I guess, the community kind of launch a wNXM token, because I mean, to get NXM token, you can only get it from the bonding curve. You need to KYC with this mutual, which is a UK entity and so on. And then, MCR percentage at one point was really high, 200 plus percent sometime during DeFi, some of it, but it's going down to the minimum, which is a 100%, 99, 900%, and there's a gap between the wwNXM price and the NXM price right now. It's been like these for the past few months, I think since the start of the year, I think since late last year or so, right? So I'm curious to hear, right, I mean, this gap hasn't been closed for some time. Do you see this gap ever closing, what do you think it would take for the MCR percentage to go above 100% again?
Hugh Karp [00:20:01]:
Yeah, it's kind of market and sentiment driven a lot, so it's hard to know exactly when it will close, but however what does happen though, kind of describe the mechanics like, anytime the mutual generate surplus or investment earnings and surplus is basically cover costs or premiums less claims. So anytime it kind of gets writes good business, that extra surplus remains in the capital pool and the same thing with investment earnings, anytime the capital pool was in like starts earning returns, which it currently is, then that remains in the capital pool. And what happens then is the, that just pushes the MCR up. And so it pushes it over a hundred and then what happens is someone burns NXM and to extract the excess capital over a hundred percent. And then, because essentially they can buy wrapped NXM at a low price and then burn NXM at a high price and get a bit of a, like 20 to 30% up, essentially. And so that will keep going. So if the market doesn't push, the wrapped NXM price up, then that burn just keeps on going and NXM supply keeps going down. So in my mind, if we have adoption, we write good business and there's solid investment and eventually they'll just be enough buy-side pressure from the burning that the [inaudible].
Bobby Ong [00:21:21]:
You raised an interesting point about investment earnings from the mutual, right? The capital that you guys hold, that the community holds I suppose. I believe that the ETH that you guys hold that is held these days is invested in Lido's stETH, earning some, I don't know, 8% return or so per annum. When did you guys started doing this and is that the only investment that is done right now, or is there plans to add more investments?
Hugh Karp [00:21:46]:
Yeah, so this is a really critical part of any kind of insurance business. Insurance businesses basically have two revenue streams. One is the kind of underwriting profit premiumless claims. And the second side is the investment side of the balance sheet overflow and Nexus hadn't really enabled the second, the investment earning side, and that's only kind of started about six weeks, something like that, maybe two months. And we've only just, we've allocated about 10% of the capital pool into stake ETH, into Lido's stake ETH. So we've just kind of started. That'a our first on investment, I guess, as a DAO. And there are plans to kind of add more and more over time. The key thing is that we need to make sure that we have the capital to pay claims. So we're not gonna like, be like apeing into really aggressive, risky stuff. It's more we want the comparable government bond or, you know, highly secure corporate bond world version in the crypto world, which is a lot of that is the staking derivatives and those types of things makes a lot of sense. So we're looking to expand that slowly over time and that will benefit all the members because, you know, just grow the capital pool that we've already got.
Bobby Ong [00:22:53]:
When you start investing into other DeFi protocols, right, and that obviously incurs risks, right. I mean, you guys invested in, Lido's stETH, but if you guys made the wrong decision to invest in Stakehound's stETH that would have been disastrous, right, because they custody their ETH with Fireblocks and they lost the keys. So now those stETH would be essentially would be worth nothing now. So as an insurance product, that's just obviously a big risk that is being taken on. How do you balance between the risk and risk that is incurred by investing in one or the other DeFi protocol that is supposed to be insured by the Nexus Mutual as well? Yeah.
Hugh Karp [00:23:28]:
Yeah. So there's a couple of things. Firstly, we have to make sure that we don't overexpose the mutual to any one particular risk. Whether that's on the claims side or on the investment side of the balance sheet, because, you know, if we put all of our money in Lido as an example, and later went down, then we've got a really big problem. But if similarly if we put all our money in Compound and Compound went down, we've got a really big problem. So the point here is we don't want to allocate too much of the investment pool into something. So we basically just trying to manage if anything fully went down, then we'd still be okay and be comfortable paying claims, which is one of the reasons we've only put in 10% of the pool into Lido right now. Some people suggested that we should be putting 70 or 80, and I'm like, "Oh", you know.
Bobby Ong [00:24:11]:
Hugh Karp [00:24:12]:
That put, yeah, that can put the whole mutual at risk if something was to happen. The probability of something happening might be very low, but that's not what we want to be at all. So that's a really key point from a risk management point of view that the community, and we've now got an investment committee run by the community and so then kind of making some recommendations to the broader community about which assets we should invest in.
Bobby Ong [00:24:33]:
You guys are the first insurance, DeFi insurance play in the space and ever since you guys launched, you guys had like runaway success, I suppose. Your TVL, your fully diluted valuation market cap has all been pretty high, and when that becomes high, obviously attracts competition. We start seeing a bunch of other insurance providers come up in the past one year. What do you think you guys need to do to maintain your leading position? Do you see any threats and how do you guys plan to counter those threats?
Hugh Karp [00:25:01]:
I think from my point of view, we're just playing our own game here. Insurance is, in my mind, like order of magnitude harder than some of the other financial protocols. And also it's quite trust-based a weird way. Right. We're trying to minimize trust but you kind of have to kind of trust the protocols to actually pay the claims in times of need, right. And that trust can only effectively be gained over time. And actual genuine peers we've paid claims before. This is how it actually works. And so we're a long way ahead on that side of things. But I think kind of experience from the insurance world and understanding about how the structures work. I think that puts us up. That's a key advantage for us. I haven't seen anything, other platform out there that I really liked from an economic point of view, and kind of see some fundamental flaws in most of the other stuff I've looked at. I mean, it doesn't mean things can't change and they can improve and all the rest of it, but maybe that's just version one, but that's kind of where we're at right now. But our goal is to just increase demands and focus on increasing demand. And if we do that, we'll do well for our members.
Bobby Ong [00:26:03]:
Let's talk about decentralization, right? I mean, I know you guys have been on a path towards decentralizing your governance. Walk us through some of, and you guys have a community fund recently as well, I believe. So maybe walk us through some of the initiatives that you guys have taken from the kind of the start of the journey and how you guys are decentralizing progressively over time and kind of what's the plan to decentralize further in the coming months.
Hugh Karp [00:26:25]:
Yeah, so this is a continual effort. And I think we've been making some really good strides recently. From a technical point of view, we've moved some key elements fully on-chain. We've kinda got one big, one extra to go, which is just moving the pricing on-chain. Currently working on that right now. And then I guess one of the other key elements is like the legal wrapper, and actually our community really pushing forward on that one and have started getting legal advice about potentially dissolving the legal wrapper. And so like the discussion started and the things are progressing. Yeah, that one's really interesting because we haven't really initiated that. That's all being community driven. And so there kind of a lot of elements there. I guess the kind of bigger, outstanding, we've got a community fund, which is kind of starting and starting to employ people and stuff. So it's not just the core team kind of doing development and other work. In terms of like bigger long term, I think the biggest kind of longterm is probably going to be potentially removing the legal wrapper, if that goes ahead. And secondly, I think we actually have an advisory board, which is basically a multisig. Legally they are the directors of Nexus Mutual Limited, so they are legal wrapper. And they have some extra powers in the system. And I think it's for, we're also working on mechanics to basically pass that to a subgroup of the membership base, because I think that's an important step that will probably happen. We need to do a bit more work and thinking there on the exact mechanics because there's risk involved. But that's one thing we're working towards as well.
Bobby Ong [00:27:53]:
I find Nexus Mutual quite interesting in a sense that you guys have a legal wrapper and to use Nexus Mutual you kind of have to KYC until you like rWNXM and Armor came about, I mean, the only way to use that a couple of years ago was kind of the KYC version. Whereas if you look at the rest of DeFi, it was kind of no KYC needed for every other thing to use the rest of DeFi. And then I mean, if look at some of the regulatory discussions that's been going around, like some of the talks have been, how do you think regulators will look into DeFi? Do you think we will kind of reach a stage where everyone's going to be KYC-ed to use DeFi, or just like how NXM was in its early days or really kind of be like the rest of DeFi, where there's no KYC needed, and kind of free for all?
Hugh Karp [00:28:32]:
Yeah. I don't know, basically. But I think I would like to see it go. Because I fundamentally think that the regulators aren't going to be happy without some form of KYC AML in there somewhere. But what I would like to see is the DeFi protocols themselves essentially be permissionless software that is non-custodial in its entirety. And therefore it's like a neutral base layer. And then if people want to regulate something, they regulate the on ramps, on and off the access points. That makes it free for anyone to participate if they want to on their own terms. But they also gives the regulators the ability to control major retail flows and I guess other stuff, if they want to. So I don't know, that's the way I hope it goes. I'm not quite sure if that's the way it will go. But yeah, I guess we have to wait and see. I mean, fundamentally from a regulatory point of view, I think one of the things I'd really like the regulators to grasp is the fact that fundamentally this technology can provide a better solution than the existing financial infrastructure. In particular, like the non-custodial nature of it means you don't have to trust people. If we get it right and we do it right, and there are no admin case and the code's been battle-tested really hard, then the trust that you need to, you're not handing over trust to anyone and that's a fundamentally better financial infrastructure to build on then the current financial world, which is basically trusting a whole bunch of people and then regulating around it to make sure that they look after the money properly. And so I'm hopeful that the regulators view it that way, rather than trying to protect the existing interests and try and shut things down.
Bobby Ong [00:30:13]:
Yeah. I think you said it quite well. Let's see. I mean, it's kind of what we didn't see game and hopefully things pan out good for DeFi in a long-term. I think we're coming up towards the end of our podcast, but I would like to bring up something that happened last year, I suppose. There was an unfortunate incident that took place in December, where you lost 370,000 NXM token, or roughly $30 million in today's price. From what I read, it seems to be like a targeted Metamask exploit on you personally. Just curious to hear, has there been any update on the incidents since then and any advice on things for us so that we can kind of also improve our security practices here?
Hugh Karp [00:30:49]:
Yeah, basically very short answer is no. No update. We're just treating the money as gone like hakers took it. So I guess very quickly, the way it kind of worked was I use a hardware wallet through Metamask. Metamask, my entire computer was compromised. And it turns out that it was more than likely from a Word documents, so .docx file that was sent from my CTO to me, but it was a spoofed email. So the title of the document was something that we were discussing over the past day. So I guess the point being that the hackers were obviously in the Discord channels, in the Telegram channels, monitoring the chatter and then targeted the attack to give the most likelihood that I would open the file. So I opened the file and then I guess from that point on my computer was compromised. It probably took about a month or two for the hackers to kind of line up the attack as it were. And essentially what they've done from there is have a compromised Metamask, and then when I went to claim some Yield farming rewards the transaction I paid in Metamask, and it was fine. Everything looked okay. And then, so it confirmed, and then it goes to the hardware wallet. And because you can't read the exact details of what the transaction is on the hardware wallet, it just gives you a hexadecimal stuff and unless you really know what you're doing, you don't know what you're approving. I just clicked through and hit approve. So my private keys weren't compromised, but they tricked me into sending them a whole load of NXM. So I approved a transaction when I shouldn't have approved. So it is on me from a security point of view, but it's essentially a spoofed transaction.
Basically, we know it was crafted for me because I'm basically only one that could have sent that amount of NXM. So it was specifically targeted. So I think from the learnings point of view, I think that that's most important for everyone in the community. One is never click on links and stuff. Secondly always use a hardware wallet Also I would, if you have an immaterial amount of money, I would make sure that you have a different computer to sign transactions on. That basically doesn't do anything apart from go to a few websites to do the transactions and doesn't have email or any other social or anything else on it. And that way it would, I guess a bit more secure. I personally also make sure that I double check the "To" address on the hardware wallet and the exact details before approving it now, which is an absolute pain from a UX perspective. But you know I've got into that new habit now which is fine.
Bobby Ong [00:33:19]:
I mean, the scary part about this hack was, I mean, you actually use a hardware wallet and you still got compromised. So, that is absolutely hard to kind of be more secured than that. So basically your computer's compromised so that hacker kind of took over and uninstalled the real Metamask and kind of put in place a fake Metamask. And then when you kind of want to make a transaction, so it already spoofed the tool contract address to a wrong one.
Hugh Karp [00:33:44]:
Yeah, that's right. So it basically, the private case are fine, cause they're still in the hardware wallet that hasn't been breached, but they've tricked me into approving something, thinking I was approving something else. So it's like that good access to your bank account, or something, and you've basically get all out, add a payee and you've clicked, "Yes, I will add that payee and incentive", instead you've sent someone a whole lot of money. So that's kind of what's happened.
Bobby Ong [00:34:04]:
So basically the TLDR is use a hardware wallet and then check the tool address as well, when you want to interact with any smart contract, yield farming or anything. Yeah.
Hugh Karp [00:34:15]:
Yeah, which I understand is pretty rough. And I've also, I've just been doing it every day now, but I guess there are other solutions out there as well. Like the Lattice I mean, haven't got one, but the Lattice from GridPlus.
Bobby Ong [00:34:26]:
Hugh Karp [00:34:28]:
Yeah. Yeah. It gives you a full screen, which shows you the full details of the transaction, which is easier to read and understand what you're doing then a Ledger or Trezor, which basically has to provide small screen hard to see exactly what you're approving.
Bobby Ong [00:34:42]:
Yeah. I mean, it's quite scary that you got spoofed on a Microsoft word document, which was, I mean, it's kind of a very typical how to open and, were you using a Trezor or Ledger or a Windows laptop back then?
Hugh Karp [00:34:53]:
Yeah. So the key thing is it was a Windows exploit by the .docx file. So I guess you safer if you use Mac or Linux, but still.
Bobby Ong [00:35:01]:
If it's targeted, like, I mean the hacker could do anything and it was a Ledger or Trezor?
Hugh Karp [00:35:05]:
Yeah, it was a Ledger, but that doesn't matter so much really.
Bobby Ong [00:35:08]:
Yeah. It was kind of scary, like all these things, but really appreciate you sharing some of this. Sharings on how we all can improve our security practices. I mean, I wrote a thread on Twitter recently on several things that you could do. There was like 15 tips or so there, but I mean, this is like next level stuff, which is a lot more.
Hugh Karp [00:35:24]:
Yeah, I think, exactly. I think this one was pretty scary. Because I think in general, like, you know, I obviously made the mistake, I approved the transaction without question, but I think there are so many like DeFi, our users and people that have been in this space a while that would have probably also been impacted if they were in a similar situation, like they would have been tricked as well. So yeah, I mean, I think, I love self custody and everything, but we do have some challenges to address if we're going to be able to get this to retail.
Bobby Ong [00:35:53]:
All right. One final question before we end this podcast, what's kind of exciting upcoming plans for Nexus Mutual this year or next year, I suppose.
Hugh Karp [00:36:02]:
Yeah, we've got a lot coming out. I mean, a lot on the kind of distribution side and getting covered in demand out there. Also, you know, increasing investment earnings, that's big as well, but I guess on a more technical level, we're looking to redo some of the core mechanics, just really make them DeFi native and has a stake in mechanics. Delegated staking is probably going to be a big one at the core level.
Bobby Ong [00:36:22]:
Hugh Karp [00:36:25]:
And so that I think that can open up a lot of different opportunities and stuff like that. So yeah, there's a lot of stuff happening and yeah we've got some good releases coming up.
Bobby Ong [00:36:33]:
Thank you very much for sharing this updates and really appreciate you taking the time to come on the CoinGecko podcast, Hugh.
Hugh Karp [00:36:39]:
Cool! Yeah, thanks for being here and thanks Bobby. It's been great. Good chat.
Bobby Ong [00:36:43]:
Thank you. All right. That wraps up the show. Thank you for listening to the CoinGecko podcast with Bobby. If you like our show and want to know more, check out podcast.coingecko.com or please leave us a review on iTunes. If you have any feedback, do drop us an email at email@example.com. Join us for more next week. See ya.
This podcast is provided as part of the overall information on cryptocurrency contained on our website is for your general information only, and does not howsoever constitute any endorsement, financial or investment advice nor any solicitation or offer of securities or other financial instruments. CoinGecko and the podcast presenter makes no warranties, implied or express, of any kind in relation to this podcast, including without limitation the accuracy, and updatedness of its content. All opinions and recommendations there in the podcast are based on the personal opinion of the presenter. Please conduct your own research and procure professional advice should you at your own risk, decide to howsoever invest or trade in relation to the content contained in the podcast.