ChainScore Labs
All Guides

DeFi Insurance Coverage Exclusions Explained

LABS

DeFi Insurance Coverage Exclusions Explained

Chainscore © 2025

Common Exclusions in DeFi Insurance

Understanding what is not covered is as critical as knowing what is. This section details standard exclusions found in DeFi insurance policies, highlighting the inherent risks that remain the user's responsibility.

Smart Contract Immutability Risk

Immutable code risk refers to losses from exploits in a protocol's core, unchangeable smart contracts. This is a foundational exclusion.

  • Covers only the insured funds within the protocol, not the protocol's own treasury or token value.
  • Does not protect against the protocol becoming permanently unusable due to a bug.
  • This matters because it separates user asset loss from total protocol failure, which is often uninsurable at scale.

Governance Attack / Malicious Proposal

Losses resulting from a passed, malicious governance proposal are typically excluded.

  • Excludes theft via a vote that alters protocol parameters or drains funds.
  • May still cover technical exploits that occur during the proposal's execution.
  • This exclusion is crucial as it protects insurers from social engineering and coordinated attacks that are not purely technical failures.

Frontend/UI Compromise

Policies often exclude losses from a compromised project frontend or user interface.

  • Does not cover phishing sites, DNS hijacks, or malicious injected scripts on the official site.
  • Coverage is typically limited to the smart contract layer on-chain.
  • This highlights the importance of user security practices, as the insurance safety net does not extend to web2 attack vectors.

Oracle Failure

Losses stemming from oracle failure or manipulation are a common exclusion.

  • Excludes liquidations or incorrect swaps due to stale or manipulated price feeds.
  • May have carve-outs for specific, verifiable oracle exploits on major providers like Chainlink.
  • This matters because oracle reliability is a systemic risk that is difficult and expensive to underwrite comprehensively.

Stablecoin Depeg

Gradual or permanent loss of value from a stablecoin depeg is usually not covered.

  • Excludes losses from algorithmic failures (e.g., UST) or loss of collateral backing.
  • May cover a technical hack that directly causes an immediate depeg.
  • This exclusion separates insurance for criminal theft from market and design risks inherent to specific assets.

User Error & Private Key Management

All forms of user error are explicitly excluded from coverage.

  • Includes sending funds to the wrong address, approving excessive allowances, or losing private keys.
  • Policies only cover losses from external, exploitative actions on verified contracts.
  • This fundamentally defines DeFi insurance as a product for smart contract risk, not a replacement for personal custody security.

Exclusion Examples by Protocol Type

Common Exclusions in Lending

Liquidation mechanics are a primary source of uncovered losses. Most insurance policies exclude coverage for losses incurred during standard, protocol-defined liquidations, even if the liquidation price is perceived as unfair due to market volatility or oracle lag.

Key Exclusions

  • Oracle failure: Losses from price feed manipulation or flash loan attacks that distort collateral valuation are typically excluded unless the oracle itself is formally compromised.
  • Governance attacks: Losses resulting from a malicious governance proposal that changes critical parameters (like collateral factors) are often not covered, as governance is considered a core feature.
  • Interest rate model exploits: While a direct hack of the interest rate smart contract may be covered, unfavorable shifts in borrowing rates due to market conditions are an inherent risk.

Example Scenario

When using Aave, if a sudden market crash causes your ETH collateral to be liquidated at a price lower than you expected due to normal oracle latency, this loss is excluded. Coverage would only apply if the loss stemmed from a validated bug in the Aave V3 liquidation smart contract itself.

Comparing Exclusions Across Major Providers

A comparison of common coverage exclusions and policy terms from leading DeFi insurance protocols.

Exclusion / Policy TermNexus MutualInsurAceUnslashed FinanceEtherisc

Smart Contract Failure

Covered (Core)

Covered

Covered (Core)

Covered

Oracle Failure

Covered (Core)

Covered

Covered (Core)

Covered

Governance Attack

Excluded

Excluded

Excluded

Excluded

Frontend Attack

Excluded

Excluded

Excluded

Excluded

Stablecoin Depeg (<24h)

Excluded

Covered (Specific Product)

Excluded

Covered (Specific Product)

Custodial Failure

Excluded

Covered (Custody Product)

Excluded

Covered (Custody Product)

Claim Assessment Time

7 days (Voting)

14 days (Committee)

5 days (Committee)

Varies by product

Coverage Cap per Protocol

Up to Pool Capacity

$20M (Default)

Up to Pool Capacity

Defined per product

How to Audit a Policy for Exclusions

A systematic process to identify and evaluate coverage limitations in a DeFi insurance policy.

1

Locate and Parse the Policy Document

Identify the source of truth for the policy's terms and conditions.

Detailed Instructions

Begin by obtaining the canonical policy document. This is typically a smart contract on-chain or a hash-linked document referenced in the contract. For on-chain policies, locate the contract address (e.g., Nexus Mutual's 0xCafe... for the Master contract) and use a block explorer to review the source code. For IPFS-hosted documents, use the CID (Content Identifier) to retrieve the JSON or markdown file. The key is to verify you are auditing the correct, immutable version of the policy that governs the coverage. Use tools like Etherscan's "Read Contract" tab or The Graph to query for active policy data.

  • Sub-step 1: Identify the policy's smart contract address from the protocol's UI or documentation.
  • Sub-step 2: Use etherscan.io to verify the contract is verified and read its getPolicy function.
  • Sub-step 3: Extract any external document hashes (like an IPFS CID) from the contract state or event logs.
javascript
// Example: Fetching a policy URI from a hypothetical contract
const policyURI = await insuranceContract.policyURI(policyId);
// policyURI might return: 'ipfs://QmXyZ.../policy-terms-v1.2.md'

Tip: Always cross-reference the on-chain hash with the document you retrieve to ensure it hasn't been tampered with.

2

Identify the Exclusions Section

Systematically find and categorize all exclusion clauses within the policy text.

Detailed Instructions

Once you have the policy document, search for sections explicitly labeled "Exclusions," "Not Covered," or "Limitations of Coverage." These clauses define the specific conditions, events, or asset types for which claims will be denied. Pay close attention to broad categorical exclusions (e.g., "losses due to protocol governance decisions") and technical exclusions (e.g., "frontend or UI failures"). Also, check for force majeure clauses that may suspend coverage during extreme network events. Create a checklist of each exclusion. For smart contract-based terms, exclusions may be encoded as require statements or boolean flags within the claims assessment logic, which you must trace through the code.

  • Sub-step 1: Do a text search for keywords: exclude, not cover, ineligible, blacklist.
  • Sub-step 2: Categorize exclusions into types: Protocol Risk, Technical Failure, User Error, Jurisdictional.
  • Sub-step 3: Map each exclusion to the specific contract function or module where it is enforced.
solidity
// Example: A simplified exclusion check in a claims processor
function isValidClaim(uint256 policyId, ClaimData calldata data) internal view returns (bool) {
    Policy memory policy = policies[policyId];
    // Check for a protocol blacklist exclusion
    require(!excludedProtocols[data.protocolAddress], "Excluded protocol");
    // Check for an exclusion based on loss type
    require(data.lossType != LossType.GOVERNANCE, "Governance losses excluded");
    return true;
}

Tip: Look for exclusions that reference dynamic lists (e.g., excludedProtocols) which can be updated, adding future risk.

3

Analyze Exclusion Definitions and Scope

Interpret the precise wording and technical boundaries of each exclusion.

Detailed Instructions

Ambiguity in definitions is a major risk. Scrutinize how key terms within an exclusion are defined. For example, an exclusion for "oracle failure" must be examined: Does it cover only a price deviation beyond a specific threshold (e.g., 5% from a predefined aggregate), or any incorrect data? Check if the policy references external definitions (e.g., "as defined by Chainlink's deviation threshold"). Analyze the scope: Is the exclusion absolute, or are there partial coverage clauses? For smart contracts, examine the logic that triggers the exclusion. A common pattern is checking a flag set by a governance multisig or a decentralized oracle. Understand who has the authority to update these definitions and under what conditions.

  • Sub-step 1: For each exclusion, list all defined and undefined terms that affect its interpretation.
  • Sub-step 2: Trace the data flow for exclusion parameters (e.g., oracleDeviationThreshold) to see how they are set.
  • Sub-step 3: Evaluate if the exclusion's scope could encompass common failure modes like a flash loan attack or a temporary pricing anomaly.
solidity
// Example: Analyzing an oracle failure exclusion logic
uint256 public constant MAX_DEVIATION_BPS = 500; // 5%

function isOracleFailure(address oracle, uint256 reportedPrice) internal view returns (bool) {
    uint256 referencePrice = getReferencePrice(oracle);
    uint256 deviation = _calculateDeviation(reportedPrice, referencePrice);
    // The exclusion is triggered only if deviation > 5%
    return deviation > MAX_DEVIATION_BPS;
}

Tip: An exclusion with a precise, on-chain verifiable threshold is less ambiguous than one relying on subjective judgment.

4

Cross-Reference with Protocol and Cover Details

Ensure the policy's exclusions align with the specific covered protocol and stated cover parameters.

Detailed Instructions

Exclusions must be evaluated in the context of the specific covered protocol and the cover parameters (sum assured, duration). Retrieve the cover details from the policy smart contract using the policyId. Check if the covered protocol's address is on any dynamic exclusion list. Analyze the protocol's own risk factors: If a policy excludes "smart contract migration risk," but the covered protocol (e.g., a new AMM) has an active governance proposal to upgrade, the coverage may be void. Verify that the cover's expiration timestamp does not create a gap where an exclusion could be applied retroactively. This step involves synthesizing data from the policy contract, the covered protocol's contracts, and relevant governance forums.

  • Sub-step 1: Query the policy contract for the coverDetails (protocol address, cover amount, expiration).
  • Sub-step 2: Check the protocol's governance forum and smart contracts for pending upgrades or known vulnerabilities.
  • Sub-step 3: Verify the block timestamps for policy start/end against any time-based exclusions.
javascript
// Example: Fetching and analyzing cover details
const details = await masterContract.getCover(policyId);
// details returns: { contractAddress: '0xabc...', coverAmount: ethers.utils.parseEther('100'), expiration: 1893456000 }
// Check if the contractAddress is in an excludedProtocols mapping
const isExcluded = await claimsContract.excludedProtocols(details.contractAddress);
console.log(`Protocol excluded: ${isExcluded}`);

Tip: A protocol not initially excluded could be added to a dynamic blacklist later, invalidating future claims. Check the governance mechanism for this list.

5

Review Claims Assessment Process and Governance

Understand how exclusions are applied during a claim and who adjudicates disputes.

Detailed Instructions

The practical enforcement of exclusions happens during the claims assessment process. Examine the smart contract functions for submitting and validating a claim (e.g., submitClaim, assessClaim). Identify the role of the claims assessors or decentralized governance (e.g., NXM token holders). Determine if assessors have discretion to interpret vague exclusions, which introduces subjective risk. Look for appeal or challenge mechanisms. A critical audit point is whether the logic that checks exclusions is decentralized and tamper-proof, or if it relies on a centralized oracle or multisig that could act arbitrarily. Review historical claim assessments from the protocol's forums to see how exclusions have been applied in practice.

  • Sub-step 1: Map the step-by-step flow of a claim, from submission to payout, noting where exclusion checks occur.
  • Sub-step 2: Identify the entity or token holders responsible for final claim adjudication.
  • Sub-step 3: Search the protocol's community forum for past disputed claims related to exclusions.
solidity
// Example: A claim assessment function showing governance role
function assessClaim(uint256 claimId, uint256 vote) external onlyMember {
    Claim storage claim = claims[claimId];
    require(claim.status == Status.Pending, "Not pending");
    // Voting logic here...
    if (totalVotesFor > quorum) {
        // Check exclusions again before processing payout
        if (!_checkExclusions(claim.policyId, claim.lossData)) {
            claim.status = Status.Excluded;
        } else {
            claim.status = Status.Approved;
        }
    }
}

Tip: A policy with a clear, code-enforced exclusion check is more predictable than one relying on a post-hoc vote of token holders.

SECTION-FAQ_GREY_AREAS

FAQ: Grey Areas and Claim Disputes

Strategies to Mitigate Uninsurable Risks

Technical approaches to manage risks that fall outside traditional DeFi insurance policy coverage, focusing on protocol design and operational security.

Time-Locked Upgrades

Grace Periods are enforced delays between a governance vote and execution. This allows users to exit positions if a malicious or risky upgrade is approved. For example, a 48-hour timelock on a Compound governance proposal. This matters as it provides a critical window for risk assessment and user action against governance attacks.

Circuit Breakers & Pause Mechanisms

Emergency Shutdown functions allow protocol guardians or DAOs to halt operations during an exploit. This can freeze funds and prevent further drain, as seen in MakerDAO's system. It matters because it acts as a last-resort containment tool, though it introduces centralization and availability trade-offs that must be carefully managed.

Multi-Sig & Decentralized Governance

Threshold Signatures distribute control of admin keys or treasury access across a committee, requiring a majority (e.g., 5-of-9) to execute sensitive actions. Used by protocols like Uniswap for treasury management. This matters as it mitigates single points of failure and insider threats, though it doesn't eliminate collusion risk.

Formal Verification & Audits

Mathematical Proofs are used to formally verify critical smart contract logic against a specification, as employed by projects like DAI's stability module. Regular third-party audits from firms like Trail of Bits are also essential. This matters because it reduces the probability of catastrophic code bugs, a core uninsurable risk.

Risk Parameterization & Caps

Debt Ceilings and Collateralization Ratios are adjustable limits that constrain systemic risk within lending protocols like Aave. They cap total borrowable value per asset and set minimum safety margins. This matters for users as it directly limits potential bad debt from oracle failures or market crashes.

Oracle Redundancy & Design

Multi-Oracle Aggregation uses several independent data sources (e.g., Chainlink, Pyth, TWAP) to determine asset prices, with logic to discard outliers. This design mitigates single-oracle manipulation risk. It matters because oracle failure is a major uninsurable risk; redundancy increases liveness and accuracy for critical price feeds.

Primary Source Policy Documents

Nexus Mutual Documentation

Official Nexus Mutual protocol documentation covering cover products, claims process, and explicitly defined coverage exclusions such as protocol design flaws and known exploits.

Visit resource

Sherlock Protocol Docs

Sherlock insurance documentation detailing audited coverage terms, excluded loss scenarios, and conditions under which smart contract exploit claims are invalid.

Visit resource

Etherisc Documentation

Core Etherisc protocol documentation explaining decentralized insurance products, policy logic, and standardized exclusion clauses embedded in insurance templates.

Visit resource

InsurAce Protocol Documentation

InsurAce documentation describing coverage scope, excluded risks, and policy limitations for DeFi, smart contract, and protocol insurance products.

Visit resource

Ready to Start Building?

Let's bring your Web3 vision to life.

From concept to deployment, ChainScore helps you architect, build, and scale secure blockchain solutions.

Start Your ProjectView Our Work
Chat on Telegram
Chat on WhatsApp