Our previous article about Steady State’s technology stack explained the importance of coverage pools and how they work. This week, we’ll go in-depth about our plans to build a distributed, standardized risk rating system for DeFi with the help of the Risk Analysis Database (“RAD”). Read on to find out why RAD may be a gamechanger by giving everyone access to the most extensive, up-to-date DeFi risk ratings ever compiled.
Insurance, or spreading of risk from one party to many, can be traced back as far as humanity’s earliest written records 6,000 years ago. A mere five hundred years ago, merchants signed contracts that protected them from paying back their loan if the cargo disappeared at sea — a written agreement akin to a modern-day insurance policy. The modern era brought industrialization, globalization and a technology boom that propelled economic prosperity around the world. In 2019 alone, the U.S. insurance industry net premiums totaled $1.3 trillion, and this is likely a good thing: insurance protects broader societies by disseminating the costs associated with a covered event across a larger group.
Of course, these services aren’t free, and insurers (or underwriters) use analysis to calculate risk and tiptoe the delicate balance between the policy’s price, the likelihood of its execution, and how much it’d cost the issuer to compensate the insured. Insurance companies have built sophisticated algorithms to assess the variables for each covered event to protect against occurrences ranging from premises liability to catastrophic natural disasters, wedding cancellations, and bed bug infestations. So, how do insurance companies turn a profit by even insuring against the inevitability of death itself? Data.
The probability of a hack based on RAD’s data
Unfortunately, when it comes to sourcing data over a long time, decentralized finance doesn’t have much to stand on. The innovation in DeFi and its youth makes it difficult to establish accurate risk measurements and reliable metrics. Currently, there are no standardized methods for assessing the likelihood of a hack, exploit, or black swan event. While some rating applications like DeFi Score and DeFi Safety have made headway, the data is neither exhaustive, frequently updated, or comprehensive. Moreover, they lack transparency and don’t pull their data from on-chain transactions. In other words, these are insufficient scoring systems for any protocol that needs a thorough measurement of risk to be reliable. Though private investors and small projects may be able to use these sources as benchmarks, they don’t instill confidence in an underwriting process worth millions of dollars. Frankly, their use would be tantamount to guesswork, which is hardly an ideal situation for insurers and policyholders. Insufficient data based on guesswork means greater risk for insurance providers and grossly high premiums for policyholders.
Preliminary data collection has already been collected for in RAD’s code. When a protocol creates a new insurance policy, they decide certain variables such as the initial sale price of their staking contracts and the rate of rewards that go to underwriters. To create an optimal rate, both parties must be confident in their assessment of the protocol’s risk exposure. If users of Steady State cannot confidently predict the level of risk associated with a particular protocol, they risk creating a suboptimal policy by either undervaluing or overvaluing the rewards on their staking contracts.
The main purpose of the RAD is the aggregation of data on DeFi hacks against protocols. RAD aims to create machine learning-based, open-source, and accurate risk ratings for protocols within the DeFi ecosystem. RAD may be the first system of its kind in decentralized finance that resembles the various rating systems that insurance providers use. These rating systems shouldn’t be exclusive to Steady State — they should be accessible to any project that wishes to use them.
Steady State intends to let RAD break off entirely as an independent, transparent and neutral party. This ensures that the data and risk assessment methods remain decentralized, independent and transparent. These key values should be reinforced at every possible opportunity to ensure the longevity of DeFi and cryptocurrency. Ownership of its own risk metrics and evaluations may work in traditional finance, but causes troublesome conditions for DeFi. RAD should have total autonomy and separation from Steady State to prevent any potential conflict of interest or ambiguity in its scoring method.
Total amount of USD lost or stolen in hacks and exploits since September 1, 2020
So, how does RAD evaluate risk in a burgeoning ecosystem with only one year’s worth of significant activity? We have currently collected an array of information on various hacks, exploits, and other smart contract failures. Concurrently, our team has engaged in an extensive analysis of the events and circumstances leading up to these events. The information is broken down and partitioned across datasets that determine the type of risk event, the date, USD value lost, protocol type, and the length of time the protocol had been operating.
The complete list of these parameters is extensive and will continue to expand because decentralized finance’s rapid evolution and innovation is subject to novel hacks and exploits. With each new protocol, hack and exploit, more information is collected to generate even more comparable risk ratings. Machine learning algorithms can run this data to determine risk factors and create more accurate risk ratings. This provides Steady State with a baseline for risk if they seek insurance through our platform.
At this point, the protocol recommends the rate at which rewards should be distributed among coverage providers. The risk ratings generated by RAD will be open-source and transparent so that all parties can see what factors determine the output. The parties may choose to ignore RAD’s assessment and open source data to create a sub-optimal policy with greater risk, at their own risk. In all cases, the RAD system will aim to provide as much data that can possibly be collected on a particular protocol’s risk. By efficiently reading on-chain data, RAD is poised to grow at the same exponential rate as decentralized finance, collecting and compiling ever-growing archives of information, assessing its relevance, and generating accurate, machine learning-based calculations.
Although incubated by the Steady State team, RAD would serve greater purpose and become more efficient if separated from Steady State as its own independent, open-source project of its own. Several factors have gone into this decision, the primary one. To increase its efficiency further, we intend to develop a “Data DAO” for contributors to earn rewards when they provide accurate information to the database. Open-source and blockchain technology empowers everyone to participate in a meaningful way. In this case, RAD can leverage the collective knowledge of those active or indifferent about blockchains and help build the most comprehensive collection of risks in the space.
RAD is set on a course to be the flagship, go-to database for DeFi risk data and ratings, systematically built from the ground up as a comprehensive aggregation of on-chain information and the conditions under which the threat, hack or exploit took place. RAD functions as a core mechanism of Steady State and enables other protocols to optimize their coverage pools as well. By open-sourcing the technology, we anticipate the DeFi community will find creative new ways to help build, contribute to, and use the Risk Assessment Database.