Report an accessibility problem

ASU Blockchain Research

Smart Contract Insurance

Research Project Introduction

                  Petar Jevtic                                                               Nicolas Lanchier


Principal Investigator Petar Jevtic, and Associate Professor Nicolas Lanchier make up the team of researchers on the ASU Smart Contract Insurance Project. An initiative funded by the Arizona State University Center for Assured and Scalable Data Engineering, and in partnership with the ASU School of Mathematical and Statistical Sciences. Petar Jevtic has a background in developing and using tools from actuarial sciences and mathematical finance to assess and manage risks in insurance and finance. Nicolas Lanchier, having received his Ph.D. in probability theory, uses his research experience to explore how the geometric patterns of random structures affect contagion on systems. Recently, the team issued a patent application with the United States Patent and Trademark Office on the research “Systems and methods for a simulation program of percolation model for the loss distribution caused by a cyber attack.” Now, with their proprietary knowledge secure, their research is in full swing as they look to map out the financial risks associated with smart contracts and their liability.

As both researchers have a background in mathematics their approach to map out the financial loss distribution and liability of smart contracts is through a probability and statistical analysis lense. Using prediction models, the team has been able to develop a mathematical framework that allows for pricing insurance coverage on smart contracts of various complexity. But before we dive head-first into Petar and Nicolas’s work, let’s first explain what a smart contract is, and why the technology is so important.

What is a Smart Contract?

Smart contracts are used to exchange money or ownership, store data, make decisions, and interact with other contracts. They are pieces of computer code that are programmed to perform operations on an outcome of an event based on predetermined criteria set by the contracts creators. Often these smart contracts exist on distributed ledger technology, as of now, they primarily use blockchain. Ethereum is a well-known blockchain network that uses smart contracts to create decentralized applications, issue tokens, and manage governance (Learn more about Ethereum here). While at first smart contracts may seem mysterious, at a second glance their operations and applications start to make a little more sense.

Example: Betting Using Smart Contracts

As an example, Alice and Bob make a bet on whether tomorrow’s temperature will go above a certain threshold, let’s say 78 degrees Fahrenheit. If the temperature rises about 78 degrees, then Bob must pay Alice $100 and if the temperature stays below 78 degrees then Alice must pay Bob $100. If both parties trust each other then no other action must occur but a handshake and to wait for tomorrow to come. But, Bob knows Alice has a history of malpractice and he thinks she will try to cheat the deal so she doesn’t have to pay Bob if he wins. Traditionally Bob would have to do three things to guarantee a safe, and fair bet. First, he would have to draft a contract on the criteria of the bet and have both himself and Alice sign it. Then he’d have to find an escrow service, someone who can be trusted to hold both Alice and Bob’s betting money until the winner of the bet is decided. And finally, Bob has to find a third-party that both Alice and himself trust (often referred to as an oracle) to determine whether the temperature actually exceeded 78 degrees. On the day of the bet, Alice, Bob, and their two intermediaries have to meet up and decide based on the signed contract and decision from the oracle who the escrow service has to transfer the winning bet money to.

Now instead of managing this bet the traditional way, let’s use a smart contract on distributed ledger technology. First, both Alice and Bob create the smart contract by inputting the above bet criteria, both depositing $100 into the contracts built in escrow service and picking out an oracle (in this case a particular weather app) that will measure tomorrow’s temperature at the decided location. Now, not even a handshake is required, in fact, Alice and Bob don’t even need to know each other at all for Bob to trust that the bet is safe and fair. If Bob is worried that Alice doesn’t have the full $100 he can rest assured that the contract won’t execute unless the full amount was deposited. If he is afraid that Alice might argue the validity of tomorrow’s temperature, Bob can rest assured that her bias won’t sway the Oracle’s (weather apps) calculation of the temperature. This example is obviously a contrived example but it does a good job of illustrating how a smart contract would be used to make a transaction more efficient and reliable. We know from this example that by utilizing a smart contract, Bob can be completely certain that the bet implications will be honored, even if he doesn’t trust Alice.


Potential Risks of the Technology

Now that we’ve explored the validity of smart contracts, let’s move to the potential risks of using this transformative technology. For instance, what happens if a smart contract is developed poorly, and has a mistake in its code. Bad code can mean two types of negative implications, one being a miss-execution of the contract, and two the transaction becoming vulnerable to malicious actors abusing or hacking the contract. We know that there is financial loss associated with smart contracts having bad code. Furthermore, we also know that there is an additional loss for other contracts that interact with these poorly constructed smart contracts. What we don’t know is how that financial loss is distributed, who is reliable for that loss, and how insurance on these contracts should be priced. These questions are exactly the ones that Petar Jevtic and Nicolas Lanchier are attempting to answer through their research.


Research Solution to Potential Risks

The implementation of smart contracts poses a new type of risk, creating an opportunity for new coverage types and generating new business lines for insurance companies. In order to manage risk, insurance companies will have to come up with pricing mechanisms for coverage of specific types of contracts. Traditionally, insurance companies would use historical data to come up with prices for auto, home, and health insurance. However, in the case of insuring smart contracts, no historical data exist and it’s unlikely that this data will be available anytime soon. Thus, structural prediction models need to be created to appropriately gauge financial loss and price premiums. The challenge grows with the varying degrees of complexity to the structure of smart contracts and the systems they operate under.

To visualize the complexity of smart contracts, Petar and Nicolas give the example of a tree that changes shape every second with leaves and branches growing and disappearing continuously. In this example, the trunk of the tree is the smart contract that we’re aiming to insure, the branches are supporting smart contracts that interact with the base contract, and the leaves are the users that operate within these contracts. It is to be noted that the risk of financial loss can originate at any point of this tree, in its trunk, branches or leaves.

   Four Scenarios of Contagion Origin

In this scenario let’s imagine a smart contract with bad code is lightning striking the tree at its particular branch. The path in which this lightning strike cuts through the tree is a model that resembles how the contagion of financial loss spreads throughout this ecosystem of smart contracts and users. We can be sure that any smart contract or user that is affected by the bad code of the “lightning strike contract” will exhibit some degree of financial loss. To account for the total financial loss from the lightning strike, values are assigned to all of the smart contracts and users in the system. These values can also change every instant. The sum of the losses from this lightning strike model contributes as one observation point in a total claim history discovered using techniques of advanced probability theory.

In a particular scenario, the model takes into account the structure of the tree when the lightning strike hits, the path of the lightning strike, and the values of the contracts and users in the system. The prediction theory is built by taking the probability weighted average of the claims developed across these scenarios and accompanying it with a measure of concentration around the mean of predicted claims to create a mathematical underpinnings to price this risk. Researchers use this mathematical conceptualizations to ascertain the liabilities associated with using smart contracts of varying complexity.

Model Methodology


Looking to the Future

Making transactions more efficient, reliable, and secure, smart contracts will dominate the financial industry and have major implications for our growing data economy. As growth takes place it’s important to be aware of the financial risks associated with smart contracts and learn how we can better manage that risk. As of now, Petar and Nicolas are the only ones using a mathematical system to predict and price the risk associated with this technology. This mathematical system is intended to create fair and profitable pricing of insurance coverage, but it’s also contributing to the stability and growth of smart contract and distributed ledger technology. The Arizona State University Smart Contract Insurance Team continues their ongoing research and will begin modeling losses for even more complex smart contract structures and vulnerabilities.