[Non-Constitutional] Arbitrum Aegis

TLDR on changes on 24/10/2025:

• pilot with $4M ARB

• suggested OTC treasury swap by Nexus community of 4M ARB for 13,400 NXM with an agreement that both DAOs would commit to not selling the tokens for the one-year pilot period

• Targeting protocol teams to purchase cover rather than end users, as that would serve as a better KPI to be tracked

• Aegis Pool would NOT provide blanket coverage to every protocol in the Arbitrum ecosystem

• pool would custody NXM using a Safe multsig with a (4/7) signing threshold and a Zodiac roles modifier enabled

• proposed risk framework for eligible protocols, with a maximum staking weight per listing

Summary

This proposal asks the Arbitrum DAO to allocate 4M ARB from the DAO treasury to capitalize a new insurance pool on Nexus Mutual. The “Arbitrum Aegis” will act as a broad safety net for major DeFi protocols on Arbitrum, converting idle treasury funds into productive yield while bolstering user confidence. DAOplomats will serve as the designated Pool Managers, with compensation of 7.5% of net yield (aligning incentives).

Abstract

The Arbitrum Aegis initiative builds on security-focused initiatives like the Arbitrum Audit Program, which was proposed in February 2025 and approved in April 2025. The goals stated in the Arbitrum Audit Program were supporting early-stage projects; encouraging development on Arbitrum; scaling responsibly; and establishing on-demand availability for audit subsidies. The core goal was to attract builders to Arbitrum and ensure those builders had the resources to launch audited protocols in the Arbitrum ecosystem.

This was a great start to making the Arbitrum ecosystem the security-focused choice for builders. Arbitrum Aegis is the next step to making the Arbitrum ecosystem the security-focused choice for users. One of the key concerns raised by onchain users is security, and after speaking with the Nexus Mutual team, it’s clear that onchain funds require coverage in order to deploy capital in size. Whether those funds have to purchase cover themselves or a protocol team provides that cover, it remains a core requirement for a fund’s liquidity providers.

With Arbitrum Aegis, Arbitrum DAO can create a security standard for protocols building in our ecosystem. The protocols that demonstrate they are building responsibility and meet our security standards can work with the Arbitrum Aegis team to purchase protocol-level coverage on behalf of their users and offer a base level of cover against a loss event.

To underwrite that coverage, the DAOplomats team proposes allocating 4M ARB to create a staking pool on Nexus Mutual, a reduced ask from the 10M stated in our original proposal. The reduced ask is a result of direct community feedback from Arbitrium Delegates and the Nexus Mutual team led by BraveNewDeFi, Head of Risk at Nexus Mutual.

To avoid a spot market sell of the ARB tokens, Nexus Mutual suggested a proposal for an OTC treasury swap of 4M ARB for 13,400 NXM, with an agreement that both DAOs would commit to not selling the tokens for the one-year pilot period for the Arbitrum Aegis program. The amount is derived from the spot average of ARB tokens on the 20th October 2025. This OTC proposal is yet to be approved by the Nexus Mutual DAO’s governance process. The proposed allocation would increase Arbitrum’s Treasury AUM from $83.61M to $84.89M and represent 1.52% of Arbitrum’s Treasury AUM.

Motivation

Arbitrum has made DeFi a core pillar of its ecosystem strategy. With billions in TVL and a growing DAO treasury, systemic risk management is now vital. In the past year, protocols utilizing Arbitrum have lost over $140M in hacks. More recently, exploits on Arbitrum aligned protocols, such as the GMX exploit, Kinto shutting down completely, highlight the need for a credible safety net. The Arbitrum Audit Program demonstrated the DAO’s willingness to invest in developer and early-stage projects safety and reduce technical risk. This proposal is the natural next step; not a substitute for audits, but a complementary, pragmatic layer of financial protection that directly supports users when audits fail to prevent real-world losses. Where audits reduce the probability of failure, a funded insurance pool reduces the severity of those failures for users and the ecosystem — preventing panic, limiting TVL flight, and preserving Arbitrum’s reputation. It would also be a crucial step to differentiate the Arbitrum ecosystem from other Ethereum L2s.

No Layer 2 ecosystem provides protocol teams with the option to purchase a base layer of coverage to protect their users against a loss event caused by smart contract hacks, oracle manipulation/failure, liquidation failure, or governance takeovers. While major traditional financial players are evaluating which networks to partner with, Arbitrum DAO can create an ecosystem-wide security standard and underwrite coverage for teams that meet that standard to provide either a base level of coverage for a protocol’s TVL or an FDIC-like level of coverage per user.

If this proposal were approved, The DAOplomats team would work in collaboration with BraveNewDeFi, Nexus Mutual’s Head of Risk, and the broader Nexus Mutual team to conduct due diligence and price risk for each protocol that applied for any of the available cover products Arbitrum Aegis would underwrite. The Nexus Mutual team brings over half a decade of onchain risk experience to the table. This offer would eliminate the need to hire additional team members to assess and price risk underwritten in the Arbitrum Aegis Pool, so the DAOplomats team can focus on outreach and awareness of the program to onboard protocol teams to the program.

The process of listing and pricing coverage on existing Arbitrum-focused listing will be handled by the Nexus Mutual team and the network of underwriters, and new whitelabel cover products branded for the Arbitrum ecosystem, with adjustments to the terms and conditions, as requested by the DAOplomats team and other ARB delegates. Building on top of Nexus Mutual allows us to offer our own branded cover products with terms that meet the requirements of the Arbitrum DAO.

Specific Goals of the Initiative

Beyond protecting DeFi users on Arbitrum against onchain loss events, the goals of the Arbitrum Aegis initiative are as follows:

1. Create a security standard for protocols building in the Arbitrum ecosystem.
2. Establish Arbitrum as the security-first L2 ecosystem.
3. Attract capital, drive TVL growth to mature protocols.
4. Increase Arbitrum DAO’s Treasury holdings by underwriting risk on Nexus Mutual.

Specification

Capital Allocation

The DAO will allocate 4M ARB for the suggested token swap for NXM. The Arbitrum Aegis pool would custody NXM using a Safe multsig with a (4/7) signing threshold and a Zodiac roles modifier enabled with DAOplomats as the designated manager.

Pool & Covered Risks

• Pool Name: Arbitrum Aegis

• Covered Risks: Smart contract exploits, oracle manipulation/failure, liquidation failure, governance takeovers.

• Claims: Adjudicated by Nexus Mutual’s Claims Committee.

Staking Pool Management

The Arbitrum Aegis Pool would not provide blanket coverage to every protocol in the Arbitrum ecosystem. Instead, the Arbitrum Aegis team can choose which protocols to underwrite, how much capital (NXM) to allocate to each protocol, and the minimum price our pool is willing to accept for underwriting that risk. As outlined in our previous comment, the purpose of this proposal is to strengthen security standards in the Arbitrum ecosystem, underwrite coverage for those protocols that meet the established security standard, and provide an FDIC-like insurance alternative for Arbitrum users who deposit in protocols that take security seriously.

Experience of the Team: Working with Nexus Mutual to underwrite.

Underwriting onchain risk is complex and requires the relevant expertise to successfully manage risk and exposure to ensure a staking pool’s principal isn’t wiped out by claim events.

The Aegis program is led by Nexus Mutual’s Head of Risk BraveNewDeFi, along with the broader Nexus Mutual team working with DAOplomats on due diligence assessments, pool management, pricing, and monitoring for any protocol included in Arbitrum Aegis’ staking pool.

BraveNewDeFI already has hands-on experience managing his own staking pool within the broader Nexus Mutual ecosystem, which has 138k+ NXM in delegations..

For context, Brave has 5 years of experience researching and analyzing DeFi risk. He manages Nexus Mutual’s onchain hacks database, which feeds into the pricing model Brave created to provide baseline pricing recommendations for staking pool managers in the Nexus Mutual underwriting ecosystem. He uses this model to price risk in Pool 22, his personal staking pool that accepts NXM delegations from other Nexus Mutual members.

Leveraging the Nexus Mutual team helps us the save the resources in hiring a dedicated team to manage underwriting in the Arbitrum Aegis pool, which would require additional funds beyond what has been outlined in our proposal. BraveNewDeFi’s and the wider Nexus Mutual team’s commitment is at no additional cost to manage risk in the Arbitrum Aegis staking pool and avoid the need for any AAEs like the OpCo or AF to bring any in-house expertise for coordination

Nexus Mutual cover already supports 33 of the top 50 protocols/risk curators active on Arbitrum One. This gives the DAO to evaluate the data and pricing across various staking pools.. To see the full list, see the catalogue of listings included in the Nexus Mutual SDK or browse the Nexus Mutual app. Of course, these are for cover products that end users can purchase. Through Arbitrum Aegis, we want to work with protocol teams to provide their users with an FDIC-type cover approach where a baseline amount of coverage can be purchased or a certain USD amount per user can be purchased by the protocol team on behalf of users.

Arbitrum Aegis Coverage

To start, Arbitrum Aegis would be focused on these existing Nexus Mutual cover products:

• Native Protocol Cover. Designed for protocol teams who buy cover on behalf of their users. This can be structured to provide a base level of coverage (e.g., $20M of TVL) or a set USD amount per user ($25k per user). For more information, see the full cover wording.
• Bug Bounty Cover. Designed for protocol teams who want to transfer the risk of paying out valid critical bug reports, with the goal of increasing critical bug bounty rewards to incentivize whitehats to continuously review, harden the security of their codebase. This coverage is structured to pay 80% of a valid critical bug bounty reward paid out for a responsible disclosure. Nexus Mutual works with Immunefi, Spearbit/Cantina, and Sherlock to provide Bug Bounty Cover.
• Fund Portfolio Cover. Designed to cover a portion or all of a fund’s yield-generating portfolio. Institutional funds and family offices purchase Fund Portfolio Cover to earn yield for their LPs while protecting funds against a worst-case scenario arising from smart contract risk and economic risks. Nexus Mutual already provides this coverage to funds such as Edge and Fasanara. This cover can also be structured for protocol teams who deploy capital into underlying yield strategies on behalf of their users.
• Single and Multi Protocol Cover. In the initial 6 months of Arbitrum Aegis’ launch, we would stake against existing Protocol Cover listings to provide coverage to end users to establish our pool and provide a base level of yield as we work with protocol teams to secure their TVL with the above cover products. For more information, see the full Protocol Cover wording.

In addition, Arbitrum Aegis can launch our own white label cover products based on the above coverage options, with any necessary adjustments to the terms or launch new cover products in collaboration with the Nexus Mutual team.

The Basics of Staking Pool Management

If this proposal were to go live, the DAOplomats team would launch a public staking pool on Nexus Mutual, which would be seeded with NXM and would accept NXM delegations from other Nexus Mutual members. When a staking pool is launched, the current and maximum management fee needs to be set. If other Nexus Mutual members were to delegate NXM to the Arbitrum Aegis pool, the Arbitrum Aegis team would earn a management fee on any yield generated by the pool; this would be directed back to the Arbitrum DAO Treasury.

Once a staking pool is created, a staking pool manager has three main responsibilities:

1. Determining which listings to allocate capital (NXM) to. Each staking pool manager determines which listings they want to stake against. Staking pool managers can work with the Nexus Mutual Product & Risk team to create custom cover products and private listings for bespoke deals, as well.
2. Determining how much of their staking pool’s capital (NXM) to allocate to a given listing. A staking pool may have 10,000 NXM, but a manager does not have to allocate 10,000 NXM to each listing they stake against. A pool manager decides what percentage of their capital (i.e., the Product Weight) they want to allocate to a listing. A pool manager can decide to stake 10% of their staking pool’s NXM against a listing; if claims are filed and approved for that specific listing, up to 10% of the staking pool’s capital can be burned to facilitate claim payouts. We’ll explain more about how capacity and leverage works in the Nexus Mutual protocol below, as well.
3. Determining what the minimum price a staking pool is willing to underwrite a listing at. Nexus Mutual supports both variable- and fixed-rate pricing for listings. Typically, only certain private listings use fixed-rate pricing while public listings use variable-rate pricing. Pool managers set the minimum price they are willing to accept for a listing and when a user purchases cover, the Mutual’s cover router will source capacity from the staking pool(s) with the lowest price. To ensure risk is spread across staking pools and that pool managers are not mispricing risk, dynamic pricing will move the spot price for a listing up as a staking pool sells cover. If there is a surge of demand for a particular listing, pricing will increase as utilization increases. As shared above, BraveNewDeFi will work with our team to price risk for both public and private listings the Arbitrum Aegis pool allocates capital to.

The Arbitrum Aegis pool would earn NXM rewards based on cover originated from the pool on the NXM the Arbitrum DAO allocates to the pool plus any management fees earned from NXM delegated by other Nexus Mutual members to the Arbitrum Aegis pool.

How Capacity, Leverage Work Within the Nexus Mutual Protocol

After researching different coverage solutions, our team settled on Nexus Mutual for the capital efficiency built into their protocol. Other DeFi insurance solutions have tried to use a model where every $1 of risk requires $1 of underwriting capital. Unfortunately, the 1-to-1 coverage model isn’t scalable and does not mirror how traditional insurance companies operate.

If we were to build a staking pool on top of Nexus Mutual, $1M could underwrite up to $20M in coverage, with the caveat that no more than $2M can be allocated to any single listing. We’ll review how this works and how our proposed risk framework will protect Arbitrum DAO’s holdings against correlated loss events.

Global Capacity Factor

Within the Nexus Mutual protocol, the Global Capacity Factor (GCF) determines how much available capacity 1 NXM can open up when staked against a listing. When Nexus Mutual v2 launched in 2023, the Advisory Board–an elected board made up of founding team members and other members with general and technical expertise in blockchain and insurance–set the GCF at 2, which means every 1 NXM staked opens up 2 NXM worth of capacity.

When a Nexus Mutual buys cover, the premium they pay flows into the Nexus Mutual Capital Pool, which backs the NXM token, and 50% of the premium value is minted as NXM and streamed to a pool’s NXM stakers over the cover’s duration.

With this design, NXM stakers who underwrite risk earn 50% of the premium as rewards for backing coverage and 50% of premiums are shared among all NXM holders. Staking pool managers and NXM stakers share a portion of premiums with all members since, in the event of a claim payout, 50% of the claim is paid by burning the NXM underwriting that risk and 50% of the claim is shared among all NXM holders.

Staking pool managers and NXM stakers benefit from the Mutual’s infrastructure and capital pool, while all NXM holders benefit from cover sales while still aligning incentives across all NXM holders.

Example: 2M USDC GMX v2 Cover Purchase

If the Arbitrum Aegis Pool allocated $1M of NXM to the GMX v2 Single Protocol Cover listing and a Nexus Mutual member purchased $1M of GMX v2 Single Protocol Cover for 365 days with a price of 3.13% (the current quote for 2M USDC worth of GMX v2 cover for 365 days), the member would pay 62,407.56 USDC in premium for the cover.

• 62,407.56 USDC would flow into the Capital Pool; and
• 344.26 NXM (50% of the premium value) would be minted; and
• That NXM would be streamed to the NXM stakers in the Arbitrum Aegis Pool over the course of 400 days (365 days for the cover period and 35 days for the Grace Period)

$1M of the risk is underwritten by the Arbitrum Aegis Pool stakers and $1M of the risk is shared by all NXM holders. Arbitrum Aegis stakers earn NXM rewards from the cover purchase, while seeing NXM’s book value increase from premium growth.

Maximum Underwriting Allocations per Pool

Staking pool managers can stake NXM with up to 20x leverage with the caveat that the maximum amount of NXM staked against a single listing is the pool’s total NXM holdings.

If the Arbitrum Aegis Pool were to have 10,000 NXM, the pool manager could set the percentage of capital (i.e., Product Weight) to 100%, which would open up 20,000 NXM worth of capacity. If the Arbitrum Aegis Pool sold 100% of the capacity for a listing where the Product Weight was set to 100%, the pool could have up to 10,000 NXM burned if all cover holders suffer a complete loss, file claims, and all the claims are valid/approved.

This is why staking pool managers need to track and manage concentration risk within their pool’s underwriting allocations. We’ll outline the proposed risk framework for the Arbitrum Aegis Pool shortly, but first, let’s look at the capital efficiency of BraveNewDeFi’s staking pool, Pool 22.

There is a total of 130,201 NXM ($12.2M) delegated to BraveNewDeFi’s Pool 22. This staking pool has sold a total of $40,059,781.43 worth of cover across 53 different listings, which implies a leverage factor of 3.28.

The Nexus Mutual members who have delegated NXM to Pool 22 have their capital diversified across 53 different listings. The average cover amount Pool 22 underwrites is $755,844.93, while the median cover amount Pool 22 underwrites is $98,942.17. For taking on this risk, NXM stakers in Pool 22 are earning a 30-day moving average APY of 6.99% after Pool 22’s 10% management fee is applied.

The proposed Arbitrum Aegis Pool would underwrite multiple listings, sell cover across multiple listings and benefit from Nexus Mutual’s capital efficiency all while keeping Arbitrum protocol users safe from loss events and while providing an attractive return on a primarily ETH-backed asset for the Arbitrum DAO. The profitability of the staking pool will ultimately be determined by the total rewards earned minus claims paid; this is why the Nexus Mutual team’s offer to provide their underwriting expertise is a value aspect of this proposal.

You can review the analytics for Pool 22 on the Nexus Mutual Staking Pool Dune dashboard. You can also select other staking pools, run the queries, and see the updated analytics for any staking pool on Nexus Mutual, too.

Claim Assessment for Arbitrum Aegis Cover Products

Nexus Mutual members have approved a proposal to shift claim assessment to an expert-driven process, where either the Nexus Mutual Claims Committee will assess claim submissions or a separate third-party claim assessor can be designed for a given cover product or cover products.

When the new claims upgrade is shipped in the next two weeks, Nexus Mutual’s Claims Committee will be made up of three of the Mutual’s Advisory Board members: Hugh Karp, Roxana Danilla, and Lee McClelland. In the future, the Claims Committee will be expanded to other onchain specialists, as well. Any custom or new cover products Arbitrum Aegis launches can designate the Nexus Mutual Claims Committee as the expert-led assessment group to determine the validity of claim submissions.

Arbitrum DAO can also designate their own third-party claim assessor for any cover products Arbitrum Aegis launches.

For an overview of Nexus Mutual’s claims process, see BraveNewDeFi’s previous comment.

Management and Compensation

DAOplomats will be appointed as the active manager of this pool. Responsibilities include setting and adjusting cover capacity and pricing, monitoring market conditions, and providing quarterly performance reports to the Arbitrum community. We will receive a 7.5% performance fee on the net yield generated by the pool annually.

Net Yield Calculation

Net Yield = (Premiums Earned) - (Claim Payouts Attributable to the Pool's Pro-Rata Share).

• This fee is only paid if the Net Yield is positive.

Financial Projections

This model assumes a 4M ARB deposit and projects potential returns based on the pool’s ability to sell its cover capacity. The yield is derived from the ~50% of premiums allocated to stakers in the Nexus Mutual system.

Initial Capital: 4M ARB (~$1,200,000 at a hypothetical price of $0.3/ARB)

Estimated Cover Capacity: A 4M ARB stake can conservatively underwrite ~$5,000,000 in total cover.

Assumed Premium: ~5% annually.

Risk Framework

The Arbitrum Aegis pool would custody NXM using a Safe multsig with a (4/7) signing threshold and a Zodiac roles modifier enabled with DAOplomats as the designated manager. The manager would have the ability to stake and unstake NXM in the Arbitrum Aegis pool, determine the pool’s staking allocations, set the pool’s weight per listing, set the minimum price per listing, and claim NXM rewards.

The staking pool would have a management fee of 8%, with a maximum management fee of 15%. The management fee can only be set by the multisig signers; the Zodiac manager would not have the ability to control management fees.

Within the Arbitrum Aegis Pool, no more than:

• 10% of the pool’s weight applied to a single listing for a protocol that has:
  • Been live for at least 2 years; and
  • At least four audits from reputable firms with no more than 2 high severity findings that were fixed and no critical severity findings in the most recent audit; and
  • An active bug bounty program; and
  • An open-source codebase on GitHub; and
  • No history of hacks on the smart contracts in scope of coverage.
• 5% of the pool’s weight applied to a single listing for a protocol that has:
  • Been live for between 1 and 2 years; and
  • At least two audits from reputable firms with no more than 2 high severity findings that were fixed and no critical severity findings in the most recent audit; and
  • An active bug bounty program; and
  • An open-source codebase on GitHub; and
  • No history of hacks on the smart contracts in scope of coverage.
• 2.5% of the pool’s weight applied to a single listing for a protocol that has:
  • Been live for less than 1 year but longer than 6 months; and
  • At least two audits from reputable firms with no more than 2 high severity findings that were fixed and 1 critical severity finding in the most recent audit; and
  • An active bug bounty program; and
  • An open-source codebase on GitHub; and
  • No history of hacks on the smart contracts in scope of coverage.

The initial program will start with a smaller capital allocation than previously proposed, which we realise can only underwrite a limited amount of risk. However, the Arbitrum Aegis pool can work with other Nexus Mutual staking pools to source capacity for larger deals. This can be done while we scale NXM delegations to the Arbitrum Aegis staking pool over the course of the proposed 1-year pilot period.

Nexus Mutual is also integrating with restaking protocols to increase the maximum amount of risk that can be underwritten per listing. Once this integration is complete, Arbitrum Aegis can tap into restaking capital to underwrite larger covers while working to increase delegations to the pool. This integration will make the difference between underwriting $25M of cover and underwriting $200M+ of cover per listing.

Restaking capital will also give Arbitrum Aegis the option to tap into discretionary reinsurance from restaking protocols like EigenLayer, Symbiotic, and others.

This proposed framework is a starting point and can be expanded over time. The goal is to limit the total exposure to any given risk underwriting capital is allocated to within the Arbitrum Aegis pool.

NXM Token Fundamentals

The NXM token is a governance and utility token backed by assets held in Nexus Mutual’s Capital Pool. When a member contributes ETH to the Capital Pool in the Nexus Mutual app, NXM is minted and transferred to their wallet. NXM can be minted with ETH or redeemed for ETH in the Nexus Mutual app.

Members contribute capital, mint NXM, and use NXM within the protocol to participate in staking (i.e., underwriting), protocol governance, and DAO governance. Because the NXM token is backed by assets in the Capital Pool, value accrues directly to the NXM token. The key capital flows come from:

1. Cover premiums. All cover premiums are paid into the Capital Pool in full. Cover can be purchased in either ETH, USDC or cbBTC terms, with the ETH, USDC or cbBTC flowing directly into the pool. As noted previously, 50% of premiums accrue to NXM stakers underwriting risk and 50% of premiums accrue to all NXM holders.
2. Investment returns. At present, 87.25% of the Capital Pool’s assets are invested across Lido stETH, RocketPool rETH, Etherfi eETH, and Cover Re. Just like in traditional insurance, the Mutual invests the Capital Pool’s float to generate investment returns and offset future claims. The majority of these assets are sufficiently liquid and can be liquidated to meet claim obligations if the available vanilla ETH, USDC or cbBTC held in the Capital Pool is insufficient to meet claim obligations. See the Mutual’s Capital Pool Split Dune dashboard for a breakdown of current investments.
3. NXM buybacks (RAMM Value Accrual). The NXM token model uses the Ratcheting Automated Market Maker (RAMM), a two-pool system built on top of the Capital Pool that allows members to redeem and mint NXM. The RAMM allows for automated buybacks and price discovery to capture value for existing NXM holders. Since launching in 2023, the RAMM has captured 5,924 ETH in value for NXM holders.
4. Claim Payments. While the first three examples included above are flows into the Capital Pool, claim payments are flows out of the capital pool when loss events occur and valid claims are paid.

Profitability can be calculated using the following formula:

Cover Premiums + Investment Returns + RAMM Value Accrual - Claim Payments

You can also review NXM’s book value on Dune to see the impact of the above capital flows over time. In the last year, NXM’s book value has increased from 0.0229 ETH per NXM to 0.0241 ETH per NXM—a 5.24% increase for all NXM holders.

NXM as an ETH Derivative

Since NXM’s backing is made up of 92.61% ETH and ETH derivatives, 7.19% USD denominated assets, and 0.20% cbBTC, NXM is primarily an ETH-backed asset. This means the volatility of the NXM token is closely correlated with the price of ETH.

There have been some references to the volatility of the NXM token compared to ARB. However, we do not see this as a major risk given NXM is largely backed by ETH and the Arbitrum DAO’s Treasury is comfortable holding $28.6M (34.21% of the DAO’s AUM) in ETH & ETH-Correlated assets.

Implementation Timeline

1. AIP Approval: Successful passage of this AIP by Arbitrum governance.

2. Treasury Swap: If the OTC proposal clears the Nexus Mutual DAO governance process, the Nexus Mutual DAO would execute the swap of 4M ARB from the Arbitrum DAO treasury to the newly created multisig.

3. Multisig Setup: Creation of a 4/7 multisig with a Zodiac roles modifier enabled.

4. Nexus Mutual Onboarding: The multisig becomes a member of Nexus Mutual and deposits the converted 4M ARB to mint $NXM.

5. Pool Capitalisation & Launch: The $NXM is staked to create the “Arbitrum Aegis” pool, and cover is made available for purchase.

6. Reporting: DAOplomats will begin quarterly reporting to the Arbitrum community on the pool’s performance.

Thanks @WinVerse for this well-thought-out proposal. The Arbitrum Aegis initiative addresses a critical need for ecosystem security and user confidence, and we’re broadly in support of its goals. Using DAO treasury funds to create a public good that also generates yield is a powerful concept.

As we were reading through, a few questions and ideas came to mind that we thought would be great to discuss as a community:

1. A Phased Rollout: The 10M ARB is a big commitment, and while we’re all for it, we wonder if a phased approach might be smarter? What if we began with a 3M-5M ARB pilot program for the first 6 months or a year? That would allow the DAO to test the model, gauge real-world demand, and evaluate the management’s performance. If the pilot is a success, a follow-up proposal to deploy the rest would be an easy “yes” for the community, backed by real data.

2. Defining Clear KPIs and Success for the Initiative: We’ve also been thinking about how we measure that success. Right now, the focus is on APY, which is important, but we believe the real value here is making the ecosystem safer. We’d love to see success defined more broadly. Maybe that includes goals for the total value of assets covered, or the number of unique users who feel safe enough to buy a policy. Having these clearer goals would also help us understand if the pool managers are doing a great job. The performance fee makes sense, but accountability is key, and having clear public-facing KPIs would help the DAO know we have the right people steering the ship.

3. A Strategy for Marketing and User Adoption: Capitalizing the pool is the first step, but its success hinges on user adoption. An insurance pool with unsold capacity generates minimal yield and offers limited protection, failing to achieve its primary objectives. With that in mind, how do you think about the current go-to-market and user education strategy. How will DAOplomats and the broader ecosystem work to inform users and protocols about the availability of this cover? We think a clear plan to drive awareness is essential to ensure this 10M ARB becomes a truly productive asset.

We appreciate the effort and thought that went into this proposal. It’s a valuable direction for the ecosystem, and we’re supportive of its core goals. We’re excited to see this initiative move forward.

The following reflects the views of the Lampros DAO governance team, composed of Chain_L (@Blueweb) and @Euphoria, based on our combined research, analysis, and ideation.

Thank you, @WinVerse, for a strong and well-reasoned proposal, and the direction does make sense. The DAO taking an active role in underwriting its own ecosystem risk is a mature evolution, something we’ve seen maturing ecosystems like Ethereum implicitly do through mechanisms such as L2-centric audit funding or reinsurance initiatives.

However, 10M ARB is a significant initial outlay. Even if the economics check out, risk management in DeFi insurance markets is still experimental. A phased approach, such as 3M ARB to begin with, would allow the DAO to validate market demand, stress-test the Nexus Mutual pipeline, and observe how underwriting and claims perform in live conditions before scaling up.

The structure is fair, but given the novelty of this model, yield shouldn’t be the sole metric. If we’re positioning this as both a financial and ecosystem resilience initiative, success should also be defined by impact metrics, such as coverage utilization rate, diversity of protocols insured, and reduction in uninsured TVL risk over time. For example, if in six months we see that 60% of Arbitrum’s major DeFi protocols are covered and the pool’s utilization exceeds 40%, that’s a far more meaningful outcome than a marginal APY improvement.

The Nexus route is pragmatic; their claims governance has been tested, but it’s still dependent on external adjudication. It would help to clarify how we will stay informed about claim resolutions that affect our pool. A past example I remember is when the Curve/Alchemix claim was delayed.

We should set at least baseline inclusion standards, audited contracts, a clear governance structure, and a minimum operational history. Without that, we risk underwriting immature projects and turning the fund into a moral hazard. In practice, a curated whitelist of protocols could work well initially. Over time, the governance process for adding new protocols could be made more permissionless as the model matures.

Capacity projections make sense in theory, but insurance in DeFi lives or dies on adoption. Even Nexus Mutual’s ETH staking pool faced low utilization early on because DeFi users didn’t see tangible coverage value until protocols started integrating cover directly into their UI. The proposal would be stronger if it outlined how Aegis plans to drive demand, maybe through ecosystem partnerships, liquidity mining integrations, or premium discounts for protocols that also contribute to the Arbitrum security grant programs. Otherwise, the yield model risks underperforming simply because the pool sits under-utilized.

This is the right approach; separating claims from DAO politics builds credibility. But to protect the DAO’s capital, we should still understand failure conditions. For instance (it should never happen though ), if a major exploit hits multiple Arbitrum protocols at once, is there a cap on how much of our pool can be paid out? And if the capital is drawn down heavily, do we have a replenishment policy or review process before new covers are issued?

Overall, this proposal is one of the more forward-looking treasury strategies we’ve seen. It builds naturally on what the DAO has already done with the Audit Program, but it also demands operational discipline. Broadly, as of now, we support it except for the few questions we have above.

Hi this is Brook from TiD Research. Thanks for presenting such a thoughtful and innovative idea. I agree that creating an insurance pool backed by DAO capital could meaningfully strengthen confidence in the Arbitrum DeFi ecosystem.

One point I’d like to explore is the potential moral hazard that could emerge if the pool becomes the primary safety net for protocol-level failures.

Even though coverage would be purchased by users via premiums, i’m thinking if there’s a possibility that protocols — knowing that coverage exists and that DAO-backed capital stands behind it with overall costs of covers lower — might take on more aggressive risks to boost the advertised yields to attract TVL. This dynamic is common in traditional insurance markets when underwriting standards or pricing don’t fully reflect risk, such as sometimes big banks know government will bail them out so they forget about risk management to chase higher returns. Would that be a concern here?

To mitigate that, I’d be curious to understand:

• How will premiums be priced to accurately reflect different protocol risk levels or audit quality?

• Are there minimum eligibility requirements (e.g. completed audits, protocol age, TVL thresholds, natures of exposure, etc.) before a project or a farm can be covered?

• Will there be any deductible or co-insurance mechanisms to ensure that both protocols and the DAO share part of the risk exposure?

Thanks!

Could we get more details around coverage?

Is any protocol on Arbitrum intended to be covered? Are there any deductibles? Things like that. If there’s already docs or a specific annex rough drafted that would be helpful for evaluating this.

I’m glad there’s interest in building on top of Nexus Mutual to offer a safety net for Arbitrum protocols and drive growth in the Arbitrum ecosystem. Launching an underwriting pool (i.e., NXM staking pool) is a great way to do that.

I’m Head of Product & Risk at Nexus Mutual, and I wanted to provide some context on the main proposal and some of the responses in the thread to ensure voters have enough information to make an informed decision.

Overview of Nexus Mutual

Nexus Mutual is the first crypto insurance alternative—we’ve been covering crypto since 2019.
Our mission is to provide protection for onchain risk. To date, we have paid $18M+ in claims and underwritten $6.1B+ in onchain coverage.

Nexus Mutual operates as a discretionary mutual built onchain with $220M+ in assets held in our Capital Pool backing the NXM token supply. When members join the Mutual, they can buy cover, contribute capital to the Mutual and receive NXM, stake NXM to underwrite risk, and participate in governance. For more information about the Mutual, you can see analytics on our Dune dashboards and read through our documentation.

I’m also happy to answer any questions folks might have about Nexus Mutual, as well.

Nexus Mutual Coverage

There are quite a few different cover products we offer at Nexus Mutual, with the most popular public product being Protocol Cover. The Protocol Cover wording is modular, so it can be applied to Single Protocol Cover (coverage that protects against risk within a single protocol), Multi Protocol Cover (coverage that protects against risk across multiple protocols), and Native Protocol Cover (coverage designed for protocol teams to purchase on behalf of their users) listings.

With Protocol Cover, users can protect themselves against:

• Smart contract exploits
• Oracle failure
• Oracle manipulation
• Liquidation failure
• Governance takeovers

For more information, you can read through the full Protocol Cover Terms and read the summary of Protocol Cover in our documentation.

Nexus Mutual already has listings for most of the major protocols on Arbitrum. If this proposal were to pass, we on the Product & Risk team would be happy to work with the Arbitrum Aegis pool management team to add new listings for Arbitrum protocols, so the Arbitrum Aegis pool can underwrite cover for those protocols where listings are not yet available.

KYC, Point-of-Sale Integrations, & OpenCover

Because Nexus Mutual is a discretionary mutual, we do require members to go through KYC when joining the Mutual for compliance reasons. However, users can buy cover through OpenCover, our distribution partner that allows native cover sales on L2s like Arbitrum. OpenCover does not require KYC for cover buys but does require KYC for claims filing, if a loss event should occur.

OpenCover has a point-of-sale integration solution that would allow listed protocols on Arbitrum to allow their users to purchase coverage directly in-app without requiring users to link out to OpenCover’s site. This increases awareness about coverage and improves the overall user experience by offering cover at the point of deposit. Less hoops for users to jump through is good for everyone involved.

Specific Terms of Note

@GFXlabs asked a great question about the details about coverage. I shared the Protocol Cover wording above, and I’ll share it here as well.

I’d recommend folks read the whole doc but some terms of note:

• Deductible. There’s a standard 5% deductible noted in the cover wording. However, there is flexibility to increase a custom deductible for a listing by including it in the Annex document associated with a listing. A deductible acts as a first-loss provision to ensure covered users and covered protocols are not taking undue risk without having an element of skin in the game. This helps offset some of the moral hazard that @TodayInDeFi noted in their comment.
• Cool Down Period. A period of fourteen (14) days following the occurrence of the Covered Event, during which no Claims may be made. The duration of the Cool Down Period may be adjusted as specified in the Annex for individual agreements. The cool-down period gives assessors enough time to gather evidence and assess the validity of the overall loss event, read post-mortem reports, etc.
• Grace Period. The period during the Cover Period or within thirty five (35) days following Cover Period ending during which the Covered Member may submit a Claim. If a user buys cover for 30 days and they suffer a loss on day 29, they still have 36 days to file a claim. The grace period ensures users can file a claim if they suffer a loss when their cover is active, even if their cover is expired at the time they file their claim.
• Oracle Failure. An event in which incorrect price feed data is used by the Designated Protocol’s smart contracts, where:
  • for stablecoin-related oracles, the error exceeds 1%; or
  • for all other assets, the error exceeds 2.5%
    and such incorrect data arises as a result of any of the following:
  • a faulty oracle configuration; or
  • a lack of proper safeguards to prevent an unauthorized party from providing pricing updates; or
  • a fixed-rate oracle that is manually updated where the data is updated incorrectly; or
  • an oracle’s defined trigger parameters to provide updates to its price feed are met but the price feed fails to update a Designated Protocol’s smart contracts.
• Oracle Manipulation. An event where price feed data is deliberately corrupted and leads
  to a loss of funds in a Designated Protocol.
• Liquidation Failure. An event where:
  • Keepers are unable to liquidate collateral backing unhealthy borrow positions, resulting in bad debt that is subsequently socialized and passed on to all lenders within the affected market; or
  • Keepers liquidate collateral backing unhealthy borrow positions for an amount less than 80% of the fair realisable market value of the collateral, taking account of the prevailing market conditions.
• Governance Takeover. An event where a malicious actor forces through a malicious
  upgrade to a Designated Protocol smart contract.

Nexus Mutual Claims Process

Claims Process

When a loss event occurs, users who held Protocol Cover at the time the loss event occurred can file a claim. For Protocol Cover, there is a 14-day cool-down period that needs to pass before claims can be filed onchain. During the 14-day period, claim assessors review the onchain data to validate the loss event and help users calculate their loss amounts in preparation for claims filing.

• If users hold Single Protocol Cover at the time the loss event occurs, they can submit a claim with supporting evidence, otherwise referred to as proof of loss.
  • Users would include written details, links to supporting documentation, and/or upload screenshots or other files in the Incident Details portion of the claim submission process
  • Users would choose to either sign a message from the affected address or send a 0 value transaction from the affected address to prove they own and control the affected address
• Claim assessors will review, discuss and vote to approve claims where proof of loss shows that users have indeed suffered a loss of funds.
  • If a claim is approved, users are able to redeem their claim payout after the 24-hour post-claim period passes in the Your Covers menu. They can also check your Dashboard to see the status of any active claims. The 24-hour post-claim period is in place to allow the Advisory Board to perform a fraud check.
  • If a claim is denied, users are able to file another claim with more supporting evidence

Claim Assessors

Nexus Mutual’s claims process doesn’t involve a protocol-wide governance vote. Historically, any member could participate as a claim assessor by staking NXM to participate in the assessment process. If assessors act maliciously, the Advisory Board has the power to burn a malicious assessor’s staked NXM and reverse their vote. Nexus Mutual’s claims assessment process has operated like an optimistic oracle, in this sense.

Recently, Nexus Mutual members voted to reform the claim assessment process with NMPIP-261. Our engineering team is in the process of finalizing the new claims contracts and will be updating our claims process in the next month.

The new claims model will rely on a set of permissioned claim assessors to review and validate claims. We will have a Claims Committee that will review and validate claims submitted for any of our public cover products (like Protocol Cover). The initial makeup of the Claims Committee will be three of our Advisory Board members: Hugh Karp, Roxana Danilla, and Lee McClelland. Claims Committee members will help claimants calculate their loss amounts, ensure all of the necessary information is included before a claim is filed onchain, and provide rationale for every claim decision that will be publicly available for anyone to review.

Claims History

The Mutual has paid out claims for major protocol hacks including:

• bZx hack in February 2020
• Yearn yDAI hack in February 2021
• CREAM exploit in October 2021
• Rari Capital hack in April 2022
• Perpetual Protocol economic failure in May 2022
• Euler Finance hack in March 2023
• Arcadia Finance hack in July 2025

To review Nexus Mutual’s claims history, you can see:

• The Claims History Database on our DAO website, with a summary for every claim that’s been submitted onchain
• The Claims Dune dashboard, with analytics on each claim vote

Allocating ARB for NXM Staking

Nexus Mutual’s Capital Pool cannot accept ARB directly to mint NXM. ARB would need to be converted to NXM by either:

• Swapping ARB for ETH and using ETH to mint NXM through the Nexus Mutual protocol; or
• Swapping ARB for wNXM, the wrapped version of the NXM token, and then unwrapping wNXM for NXM

From there, the NXM can be delegated to the proposed Arbitrum Aegis staking pool where it can be managed. Pool managers can stake with leverage, so $2M of staked NXM can create up to $4M in available capacity for a given listing if the pool weight for that listing is set to 100%.
When cover is purchased, 100% of the premium flows into Nexus Mutual’s Capital Pool (where all of the assets backing the NXM token supply are held) and 50% of the premium value is minted in NXM and streamed to stakers and the pool manager that underwrite the cover for the duration of the cover period and the grace period. In the event of a claim payout:

• 50% of the claim amount is paid by burning the staked NXM and using the backing capital to pay the claimant(s); and
• 50% of the claim amount is paid from the Capital Pool and socialized across all NXM holders.

Since all NXM holders see book value grow from premium earnings, they also bear some of the risk, with NXM stakers taking on more risk for greater returns in NXM rewards over time. NXM also sees value accrual from investment earnings and value accrual from automated NXM buybacks.

Pool management fees are streamed to the pool manager based on cover sales. There is no way to turn off management fees when the pool is not profitable other than reducing the management fee to 0% or manually sending the management fees back to the Arbitrum DAO during periods where the pool is not profitable.

A pool manager can stake up to 100% of the NXM in the pool against a single listing, and up to 20x leverage can be used in total if the pool manager were to allocate 100% weight to 20 different listings OR 50% weight across 40 different listings, and so on.

In the event multiple protocols are hacked at the same time and there’s concentration risk between those protocols (e.g., let’s say you’re underwriting Aave and several protocols have exposure to Aave in their Multi Protocol Cover listings, so one hack on Aave impacts several listings a pool manager is underwriting), a manager can lose up to 100% of their staked NXM based on underwriting exposure. If the NXM in the staking pool is insufficient to cover the total claim amount, the remaining liability would be socialized across all NXM holders.

If folks want to review current assets, liabilities, staking performance, and individual staking pool performance, feel free to review the Dune dashboards below:

• Nexus Mutual Capital Pool and Ownership Dashboard
• Nexus Mutual Covers Dashboard
• Nexus Mutual Staking Dashboard
• Individual Nexus Mutual Staking Pool Dashboard

Again, I’m happy to answer any other questions and provide color where needed to ensure voters make an informed decision.

I handle claims coordinate within the Mutual. When loss events occur, I reach out to impacted users who hold cover, staking pool managers who have underwritten that cover, and Advisory Board members. The DAO could set up automated alerts for when cover is sold and claims are filed, but I would also be following up if a loss event where to occur.

The example you noted for the Curve hack is actually an example where I created a public post to keep members and stakeholders in the know about that specific loss event. None of the Curve cover holders were impacted by that loss event and no claims were filed, so there wasn’t any delay or hold up there. However, you may have been referring to the cool-down period, which I’ve given some context about in my longer post in this thread.

Echoing this comment, as well. Every pool manager is free to use their own underwriting and pricing model, but it’s important to set a standard.

First of all, thank you, @WinVerse, for presenting such a thoughtful and forward-looking proposal.
The overall direction here is excellent. As a platform operator, taking responsibility for providing meaningful protection to key participants in the Arbitrum ecosystem is absolutely the right move.
Still, there are a few points that seem worth discussing further.

First, as clarified by @BraveNewDeFi, ARB cannot be directly added to the Nexus Mutual fund.

This effectively means a large-scale ARB sale would be required to establish the pool.
We’re not particularly comfortable with that route, and it would be preferable if we could explore an alternative way to structure this without a direct selloff.

Second, the DeFi Pass Cover product is designed for individual DeFi users. That’s fine in itself, but as @Curia pointed out, user-side adoption and marketing will take considerable effort.

From the perspective of the proposal’s stated goals, it might make more sense to focus on incentivizing protocol-level participation, rather than relying on individual users to protect themselves.

One possible alternative would be supporting Native Protocol Cover purchases by Arbitrum-based protocols, where the DAO subsidizes part of the cost while receiving a share of yield proportional to its capital contribution.
This seems more aligned with the stated goal of strengthening ecosystem resilience from our point of view, but we are curious to see what others think.

Another idea might be to explore whether a custom, ARB-denominated or mixed (ARB+ETH) capital pool could be structured, even if partially based on Nexus Mutual’s framework.
That could allow the DAO to build a smaller, Arbitrum-specific mutual-aid-style pool protecting key ecosystem protocols’ TVL, perhaps along similar lines to the Native Protocol Cover model.
Of course, that would be more complex and would come with a smaller immediate capital base, but it could achieve the situation of “Arbitrum protects Arbitrum” in a more direct way.

Thanks @WinVerse and the team for putting forward such a creative and ambitious proposal. We really like the core idea behind Arbitrum Aegis — using DAO resources to provide insurance cover for major DeFi protocols on Arbitrum is a smart and forward-looking initiative. It strengthens the overall security of the ecosystem, helps attract users by offering added peace of mind, and gives leading protocols an additional incentive to grow on Arbitrum rather than on competing chains.

We also think this approach makes good use of idle DAO capital — aligning financial deployment with ecosystem protection. It’s encouraging to see such a proactive stance on security and user protection from the Arbitrum community.

In terms of implementation, we believe Nexus Mutual would be an excellent partner for this initiative. Their proven infrastructure, reputation, and track record make them one of the most credible options for decentralised insurance.

That said, there are still some important details that the community should understand before moving forward. We appreciate @BraveNewDeFi ’s clarifications, which helped address many of the technical and operational questions.

It would be valuable to see a more precise explanation of how the capital conversion and deployment process would work in practice, including how ARB would be converted into assets that can be staked or used within Nexus.

It would also help to outline more explicitly what kinds of protocols would qualify for coverage, how premiums would reflect different risk levels, and what mechanisms would ensure that both protocols and users maintain responsibility for their own security practices.

Overall, we’re supportive of the direction and think Arbitrum Aegis could become a defining initiative for security and user trust in the Arbitrum ecosystem.

In our opinion, this proposal creates moral hazard.

Just like the major banks can be reckless (within their regulatory boundaries) because they will always be bailed out by the central bank, providing blanket insurance to protocols on Arbitrum will allow them to offer higher risk strategies due to limited personal downside.

Further, insurance for DeFi has not grown significantly in demand over the many years which indicates that end users don’t value this added layer of security as much as it is portrayed.

In effect, we expect the added benefit of this initiative for the Arbitrum ecosystem to be minimal if any, and not worth pursuing.

We really appreciate the diligence and thoughtfulness that’s gone into this proposal and the ensuing discussion. The idea of Arbitrum underwriting ecosystem risk is bold, and many of the critiques already raised are right on point — especially around moral hazard, underwriting discipline, demand for cover, and the capital conversion path for ARB → NXM. That said, we think there’s room to sharpen the concept further to make it more robust, and we want to suggest a few supplementary ideas that could strengthen it materially.

First, we’d push more forcefully for a tiered coverage / risk-pool segmentation model rather than a single monolithic pool. The DAO could build multiple “risk tiers” (e.g. high assurance, moderate, speculative) or “risk buckets” (e.g. stablecoins & lending, derivatives, automated market makers) each with its own pricing, deductible, and eligibility criteria. This would help better price risk, limit cross-subsidization between high-risk and low-risk protocols, allow early experimentation in lower-exposure buckets, and control catastrophic exposure if one segment suffers a large event.

Second, relating to moral hazard, we’d propose looking into embedding skin in the game requirements for protocols that want coverage. For example, a protocol applying for coverage must lock up a portion of its treasury or relevant protocol tokens (or voluntarily take a “co-insurance” share) that would be forfeited if a failure is traced to negligent design or governance. This aligned stake would help disincentivize reckless risk-taking. The deductible mechanics Nexus offers (e.g. standard 5 %) are a useful default, but layering a protocol-level co-stake adds extra guardrails.

Also, since adoption is a key hurdle, we should lean heavily into protocol-level subsidy + embedded insurance UX rather than relying only on end-user adoption. For instance, for the first year, the DAO (or Aegis pool) could subsidize a portion of the insurance premium for the protocol’s users so coverage is low-cost or near-free at the point of use. By offering coverage bundled into deposit or vault flows, users might never need to “opt in” explicitly — it’s baked into the UX. This lowers the friction barrier immensely. Over time, as the coverage ecosystem matures, the subsidy could taper.

Additionally, on capital efficiency: instead of requiring a full ARB → NXM sale at once, the DAO might consider bridging or synthetic derivative exposure, or partnerships with reinsurance protocols, to ramp exposure over time. The DAO could commit 10M ARB as collateral to mint synthetic exposure to NXM or use wrapped derivatives to gradually build coverage capacity, rather than a spot ARB dump. This slows market impact and preserves optionality. (If regulators or on-chain composability make that tricky, at least phase in the conversion over multiple epochs.)

Finally, measure success not by yield alone but by real coverage utilization metrics and liquidity resilience tests. For example, track the percentage of TVL in Arbitrum protocol ecosystems that is insured, the frequency/severity of claims, the speed of claims settlement, and the pool drawdown resilience under stress scenarios (simulate multi-protocol exploit). Use those results to iterate risk modeling and pricing feedback loops.

We support the core vision, but we believe the proposal would benefit from more modularity (tiered pools), stronger alignment (co-staking by protocols), aggressive adoption incentives (subsidies + embedded UX), more capital-efficient ramping, and clearer real-world metrics. With those in place, Arbitrum Aegis could evolve into a marquee differentiator for the ecosystem — one that balances protection, discipline, and scalable growth.

High-level, this is definitely worth exploring. We would like to keep this conversation going.

Questions and comments:

1. What is the primary goal of doing this? Is it to attract users (specifically who is the marginal user and why do we believe this will bring them to Arbitrum but not willing to purchase this coverage now)? Is it to attract builders (but then it’s underwriting new protocols with less history and Lindy?) to Arbitrum? Is this designed to mitigate or prevent a risk to Arbitrum’s DeFi economy at a macro level, and if so, how does this prevent a cascade or panic or breakage of the ecosystem?

2. What is the next-best alternative? As in, if governance chose to pursue this, but did not choose this solution, what would be the next option?

3. Similarly, how does this compare, financially, to governance providing a self-funded guarantee of similar coverage? This should be the all-in cost/yield.

4. Intuitively this seems valuable. Why is it not used on Arbitrum widely now? Or if it is, how much of that use becomes unnecessary (and so becomes a direct subsidy from governance to those existing users)?

5. Mechanically, how do claims work? Arbitrum governance is presumably the claiming party, so how does that then get disbursed to individual users? What kinds of costs or legal risks are likely to arise? How are anon users compensated, or are they not eligible? What legal or contractual obligations manifest for AF or OpCo during such a distribution process?

We really like this idea, but it’s more akin to the STEP process where it needs some financial and legal diligence, and comparison to any available alternatives. It also needs a clearly defined mission, because coverage that maximizes new users may not be the same as one that maximizes new capital or new builders or protecting against contagion in the system.

Thanks everyone for all the comments and suggestions so far.

We answered some of the questions here during the open discussion call yesterday, but we will be giving more elaborate answers here soon.

There are other feedback worth investigating further, so we are currently working with the Nexus team to explore their feasibility.

Thank you, @WinVerse, for bringing forward this proposal. After reviewing its details and considering the risks/tradeoffs, Entropy is not in favor of the initiative.

Our concerns arise not from the perceived PMF of Nexus, but rather the fact that insurance underwriting in crypto is exceptionally hard to execute well, and it is not a passive endeavor. Establishing and keeping an accurate, up-to-date list of eligible protocols, monitoring them for upgrades, governance changes, and new integrations, and pricing these and additional factors correctly requires significant effort and deep underwriting expertise. While the initiative seeks to involve OpCo on a smaller scale, its structure still leaves it separated from adjacent treasury management strategies, the AF’s audit program, and other ongoing grant initiatives. This, in our opinion, would introduce new coordination challenges and, unless OpCo is able to onboard personnel with prior insurance experience, would create too much execution risk.

Entropy is also aligned with the concerns raised by @possumlabs and @todayindefi in regards to moral hazard. Even with the inclusion of mechanisms like deductibles and other suggestions to solve for moral hazard, we worry that such a program will always add an incentive for covered projects to take on unnecessary risk. Additionally, it is not immediately clear if the existence of a DAO backstop is a decisive draw for the best builders in crypto, leading to the potential for adverse selection where the teams attracted are ones more likely to be reliant on such a bailout. Based on our experience, the fund would need to be sized up significantly to attract top talent, but this in turn would increase the execution difficulty and raise the risk that in the case of a single large, interconnected exploit, the DAO’s financial health could be severely impacted.

Finally, this proposal would require a sizable conversion of ARB into ETH or wNXM, and since the insurance pool is denominated in NXM, its effectiveness is dependent somewhat on market conditions. In a bear market, the value of this coverage could drop substantially, again pointing to the fact that insurance in crypto is especially difficult with the underlying volatility. Based on the DAO’s current financial health and asset holdings, it is our view that aside from already budgeted initiatives, the DAO should not be allocating funds to cover new expenses unless they are directly balancing the DAO’s growth and yield strategies while accounting for fiscal stability.

From a treasury management and yield perspective, there are other strategies that utilize treasury ARB and provide better returns, such as covered calls. These strategies preserve the principal instead of facing the risk of losing all earned interest, together with the initial investment, in situations where large insurance claims materialize.

At this stage, we believe it is more prudent to continue building up the Treasury Management Portfolio to ensure the DAO has a meaningful income stream to sustain itself down the line, regardless of market conditions, while waiting for the early-stage ecosystem support pipeline to take further shape.

Thank you for the interesting proposal.
Insurance for DeFi protocols is a good and promising initiative – it could definitely have a positive impact on Arbitrum’s image.

However, I have some questions and doubts:

1. Insurance is quite a risky asset in the crypto space.
   Do you believe that 4.3% APY is enough to cover these risks under an aggressive strategy (with maximum utilization of funds)?
2. If ARB tokens are not actually held but instead sold to mint $NXM – can this really be considered an ARB-denominated investment?
   What happens if the $NXM token price drops – how would that affect the allocated 10M ARB?

The following reflects the views of GMX’s Governance Committee, and is based on the combined research, evaluation, consensus, and ideation of various committee members.

We are in favor of this idea, and it’s something we’ve wanted to see implemented in the Arbitrum ecosystem for a long time. Starting with 10 million ARB is an ideal size, as Arbitrum, as a protocol, has significant DeFi traction. For a pilot program, 10 million ARB seems like an appropriate starting point.

• NXM as an asset is very volaitle as an asset are there any risk parameters been considered to handle this volitality? What is the expected liquidity profile of the staked $NXM? Can the DAO exit or unwind the position easily if needed?

• We would also recommend to implement a zodiac module to the multi-sig

• In the event of a large exploit affecting a protocol covered by this pool, what is the estimated claim exposure for Arbitrum’s 10M ARB? Could a single incident wipe out the staked amount?

TL;DR

I support the goal of improving ecosystem security, but the current Arbitrum Aegis proposal is premature and financially unsound.

Converting 10 million ARB from the DAO treasury into Nexus Mutual underwriting capital effectively liquidates treasury governance assets into speculative insurance exposure — without proven demand, oversight, or clear KPIs.

This is not how a responsible DAO should manage its long-term reserves.

Misuse of Treasury Assets

ARB represents governance power and long-term ecosystem value — not cash flow capital.

Selling ARB for ETH/NXM to underwrite third-party insurance exposes the DAO to:

• Token volatility (ARB → ETH → NXM conversion risk)
• Tail-risk from potential DeFi exploits
• Illiquidity and uncertain recovery timeline

Once converted, this capital no longer strengthens Arbitrum’s strategic position — it simply becomes another risk asset.

Unclear Demand, Minimal Yield

The proposal assumes strong demand for insurance coverage among Arbitrum protocols, yet no data or commitments are provided.

Nexus Mutual’s active coverage market is small (≈ $30–40 M) and has been flat for years.

If few protocols actually purchase coverage, the DAO earns < 3 % APR while assuming 100 % downside risk.

That is a poor risk–reward profile for treasury funds.

Lack of Accountability and KPIs

A 2-of-3 multisig (DAOplomats + Foundation + OpCo) is not sufficient governance.

The proposal does not define:

• Transparent reporting cadence
• Success metrics (number of protocols covered, payout efficiency, ROI)
• Clawback or sunset conditions

In short, the DAO loses control once funds are transferred.

Market and Narrative Risk

If the DAO starts liquidating ARB to fund off-chain insurance pools, it signals to the market that the DAO itself is unsure how to deploy its treasury productively.

That narrative hurts long-term confidence more than it helps.

The DAO can support ecosystem safety without becoming a speculative reinsurer.

Constructive Alternatives

If we truly want to enhance security:

• Fund audits and bug-bounty programs directly through a Security Grant Framework.
• Offer subsidized insurance premiums to verified Arbitrum protocols instead of underwriting the risk pool ourselves.
• Or, run a small 3 M ARB pilot for 6 months with clear KPIs before scaling up.

Summary

Hello everyone!

Thank you all for the detailed feedback and critical questions on the Arbitrum Aegis proposal. Addressing these points is crucial. More wording is in the original post, so I will be highlighting in bits here.

Clear Purpose, Strategy, and KPIs

Our primary goal is to mitigate systemic risk and enhance ecosystem resilience.

With Arbitrum Aegis, Arbitrum DAO can create a security standard for protocols building in our ecosystem. The protocols that demonstrate they are building responsibility and meeting our security standards can collaborate with the Arbitrum Aegis team to purchase protocol-level coverage on behalf of their users and provide a basic level of coverage against a loss event.

Based on feedback received, the DAOplomats team proposes a one-year pilot, allocating 4M ARB to create a staking pool on Nexus Mutual, a reduced ask from the 10M stated in our original proposal.

Several delegates also signalled they were not in favor of selling ARB for ETH to acquire NXM. In turn, the Nexus Mutual team has suggested an OTC treasury swap of 4M ARB for 13,400 NXM with an agreement that both DAOs would commit to not selling the tokens for the one-year pilot period of the Arbitrum Aegis program. If there was support for this proposal, the OTC proposal would have to successfully clear the Nexus Mutual DAO governance process before the OTC could move forward. This proposed allocation would increase Arbitrum’s Treasury AUM from $83.61M to $84.89M and represent 1.52% of Arbitrum’s Treasury AUM.

Strategy

The DAOplomats team would work in collaboration with BraveNewDeFi, Nexus Mutual’s Head of Risk, and the broader Nexus Mutual team to conduct due diligence and price risk for each protocol that applied for any of the available cover products Arbitrum Aegis would underwrite. The Nexus Mutual team brings over half a decade of onchain risk experience to the table. This offer would eliminate the need to hire additional team members to assess and price risk underwritten in the Arbitrum Aegis Pool, so the DAOplomats team can focus on outreach and awareness of the program in order to onboard protocol teams to the program.

Specific Goals of the Initiative

Beyond protecting DeFi users on Arbitrum against onchain loss events, the goals of the Arbitrum Aegis initiative are as follows:

1. Create a security standard for protocols building in the Arbitrum ecosystem.
2. Establish Arbitrum as the security-first L2 ecosystem.
3. Attract capital, drive TVL growth to mature protocols.
4. Increase Arbitrum DAO’s Treasury holdings by underwriting risk on Nexus Mutual.

The Essentials of Staking Pool Management, Cover Products, and Claims

We’ve seen several comments where people have mentioned moral hazard and have asked about how risk will be managed in the proposed Nexus Mutual staking pool. All are valid comments and questions, so we wanted to clarify a few things here. We have provided a more in-depth explanation of how staking pool management within Nexus Mutual works, and outlined our risk framework for this pool in our original post.

The Arbitrum Aegis Pool would NOT provide blanket coverage to every protocol in the Arbitrum ecosystem. Our original proposal was not completely clear on this aspect, and we believe this is where the concern about moral hazard raised by TodayInDeFi, Possum Labs, and Entropy originated.

Instead, the Arbitrum Aegis team can choose which protocols to underwrite, how much capital (NXM) to allocate to each protocol, and the minimum price our pool is willing to accept for underwriting that risk. As outlined in our previous comment, the purpose of this proposal is to strengthen security standards in the Arbitrum ecosystem, underwrite coverage for those protocols that meet the established security standard, and provide an FDIC-like insurance alternative for Arbitrum users who deposit in protocols that take security seriously.

We acknowledge that underwriting onchain risk is complex and requires the relevant expertise to successfully manage risk and exposure to ensure a staking pool’s principal isn’t wiped out by claim events. This proposal avoids that burden by utilising Nexus Mutual as a specialised service provider for risk assessment and claims processing. OpCo with DAOplomats would manage the pool administration within Nexus’s system, and we would be working with Nexus Mutual’s Head of Risk to price risk within the Aegis pool. No internal insurance hires are needed.

To start, Arbitrum Aegis would be focused on these existing Nexus Mutual cover products:

• Native Protocol Cover. Designed for protocol teams who buy cover on behalf of their users.
• Bug Bounty Cover. Designed for protocol teams who want to transfer the risk of paying out valid critical bug reports, with the goal of increasing critical bug bounty rewards to incentivize whitehats to continuously review, harden the security of their codebase.
• Fund Portfolio Cover. Designed to cover a portion or all of a fund’s yield-generating portfolio.
• Single and Multi Protocol Cover. In the initial 6 months of Arbitrum Aegis’ launch, we would stake against existing Protocol Cover listings to provide coverage to end users to establish our pool and provide a base level of yield as we work with protocol teams to secure their TVL with the above cover products.

More details in our original post.

In addition, Arbitrum Aegis can launch our own white label cover products based on the above coverage options, with any necessary adjustments to the terms, or launch new cover products in collaboration with the Nexus Mutual team.

Claim Assessment for Arbitrum Aegis Cover Products

As @BraveNewDeFi noted in his previous comment, Nexus Mutual members have approved a proposal to shift claim assessment to an expert-driven process, where either the Nexus Mutual Claims Committee will assess claim submissions or a separate third-party claim assessor can be designed for a given cover product or cover products. Arbitrum DAO can also designate their own third-party claim assessor for any cover products Arbitrum Aegis launches.

Claims Process

1. The cover holder files a claim with Nexus Mutual post-exploit.
2. The Nexus Mutual Claims Committee reviews and votes on a claim’s validity.
3. Approved payouts go directly to the cover holder. KYC (OpenCover) happens only at payout.

The Arbitrum DAO, OpCo, and Foundation have zero involvement in KYC, claims assessment, or payouts, and thus incur no direct legal or operational overhead from this process. Leveraging Nexus’s infrastructure is the core value proposition.

For an overview of Nexus Mutual’s claims process, see BraveNewDeFi’s previous comment.

Proposed Risk Framework for Arbitrum Aegis Pool

The Arbitrum Aegis pool would custody NXM using a Safe multsig with a (4/7) signing threshold and a Zodiac roles modifier enabled with DAOplomats as the designated manager. The manager would have the ability to stake and unstake NXM in the Arbitrum Aegis pool, determine the pool’s staking allocations, set the pool’s weight per listing, set the minimum price per listing, and claim NXM rewards.

The staking pool would have a management fee of 8%, with a maximum management fee of 15%. The management fee can only be set by the multisig signers; the Zodiac manager would not have the ability to control management fees.

Within the Arbitrum Aegis Pool, no more than:

• 10% of the pool’s weight applied to a single listing for a protocol that has:
  • Been live for at least 2 years; and
  • At least four audits from reputable firms with no more than 2 high severity findings that were fixed and no critical severity findings in the most recent audit; and
  • An active bug bounty program; and
  • An open-source codebase on GitHub; and
  • No history of hacks on the smart contracts in the scope of coverage.
• 5% of the pool’s weight applied to a single listing for a protocol that has:
  • Been live for between 1 and 2 years; and
  • At least two audits from reputable firms with no more than 2 high severity findings that were fixed and no critical severity findings in the most recent audit; and
  • An active bug bounty program; and
  • An open-source codebase on GitHub; and
  • No history of hacks on the smart contracts in scope of coverage.
• 2.5% of the pool’s weight applied to a single listing for a protocol that has:
  • Been live for less than 1 year but longer than 6 months; and
  • At least two audits from reputable firms with no more than 2 high severity findings that were fixed and 1 critical severity finding in the most recent audit; and
  • An active bug bounty program; and
  • An open-source codebase on GitHub; and
  • No history of hacks on the smart contracts in scope of coverage.

The initial program will start with a smaller capital allocation than previously proposed, which we realise can only underwrite a limited amount of risk. However, the Arbitrum Aegis pool can work with other Nexus Mutual staking pool managers to source capacity for larger deals. This can be done while we scale NXM delegations to the Arbitrum Aegis staking pool over the course of the proposed one-year pilot period.

This proposed framework is a starting point and can be expanded over time. The goal is to limit the total exposure to any given risk underwriting capital allocated within the Arbitrum Aegis pool.

NXM Token Fundamentals, Underlying Volatility

The NXM token is a governance and utility token backed by assets held in Nexus Mutual’s Capital Pool. When a member contributes ETH to the Capital Pool in the Nexus Mutual app, NXM is minted and transferred to their wallet. NXM can be minted with ETH or redeemed for ETH in the Nexus Mutual app.

In the last year, NXM’s book value has increased from 0.0229 ETH per NXM to 0.0241 ETH per NXM—a 5.24% increase for all NXM holders.

Members contribute capital, mint NXM, and use NXM within the protocol to participate in staking (i.e., underwriting), protocol governance, and DAO governance. Because the NXM token is backed by assets in the Capital Pool, value accrues directly to the NXM token. You can also review NXM’s book value on Dune to see the impact of the above capital flows over time.

NXM as an ETH Derivative

Since NXM’s backing is made up of 92.61% ETH and ETH derivatives, 7.19% USD denominated assets, and 0.20% cbBTC, NXM is primarily an ETH-backed asset. This means the volatility of the NXM token is closely correlated with the price of ETH.

Some comments have referenced the volatility of the NXM token compared to ARB. However, we do not see this as a major risk given NXM is largely backed by ETH and the Arbitrum DAO’s Treasury is comfortable holding $28.6M (34.21% of the DAO’s AUM) in ETH & ETH-Correlated assets.

In summary, current DeFi insurance is not user-friendly. It requires significant research. This pilot program aims to simplify access.