Inquiries about NFT insurance are on the rise because of record sales1 of non-fungible tokens and other blockchain-based collectibles.
However, the technical structure of NFTs – and their intangibility – runs afoul of standardized insurance policy language today. This article covers digital asset insurance and NFTs specifically, including:
- What is an NFT?
- How do you mint an NFT?
- What are the parts of an NFT?
- Why are NFTs valuable?
- How do you insure an NFT?
- Decentralized NFT insurance
- NFT risk management
- Choosing a cryptocurrency wallet
However, until NFT insurance is developed that provides good coverage, prospective NFT buyers should educate themselves about the technical risks and NFT owners should take steps to properly self-insure their NFTs with a multi-signature wallet or cold storage.
What Is An NFT?
Non-fungible tokens are a new class of blockchain-based cryptographic tokens representing one-of-a-kind, digital or physical assets.
Each NFT has a unique hash and uniform resource identifier (URI) that references an online or offline item such as artwork, photography, games, music, domain names, etc. or real world collectibles including wine, clothing, real estate, baseball cards, or vehicles.
An NFT is minted by deploying a unique instance of a smart contract to a blockchain platform, such as Ethereum, and connecting it to your crypto wallet.
However, the NFT itself is not the artwork… The NFT simply points to the artwork (such as a JPEG or other media) that lives elsewhere, on the Internet.
How Do You Mint An NFT?
You will need to add some ETH to your mobile wallet to pay for minting the NFT. ETH is the native digital currency of the Ethereum blockchain and is required to process the smart contract on Ethereum through the OpenSea decentralized application.
To start the NFT process go to the OpenSea homepage and choose “create”, upload a photograph or JPEG from your phone, enter the name and add details about the NFT you are creating.
When you’re finished entering the details of your NFT, click “Complete listing” on OpenSea.
The NFT you created on the Ethereum blockchain is a digital representation of the JPEG image (and any metadata associated with it).
1) Digital Artwork: An artist creates a media file that may be a JPG image, music file, video, or any other digital file or collectible. In the example above, the artwork is a JPG of me with “laser eyes“.
2) Cryptographic Hash Function: The JPG or media file is converted to a hash using a cryptographic algorithm hash function that creates a unique fingerprint of the file. Running a piece of text or media through a SHA-256 hash function will always return the same result (a “uniform resource identifier” or URI) from the same text or media file. This means you can create a unique digital signature to represent any digital media file.
3) Token Created Contains Hash: The hash, along with any metadata, is added to a block on the blockchain by executing a software program called a smart contract. The most common blockchain platform for smart contracts is Ethereum which uses a native smart contract standard called ERC-721. The ERC-721 standard is the most popular smart contract standard for minting NFTs today.4
4) Smart Contract: The NFT is a unique instance of a smart contract and is linked to a wallet address. The smart contract determines the terms and conditions for how the NFT may be used. The NFT data is stored on a public blockchain representing digital property rights.
5) Wallet: Your wallet holds the private and public keys to secure your digital assets. Your private key and public key are associated with the minting of your NFT and its ownership history. Your wallet’s public key is visible to anyone and is used to receive digital assets.
Your private key is like the password to your email account that you do not share with anyone. Your private key is used to send your digital assets to someone else. If someone has your private key they can send your NFT to another address, such as their own.
Why Are NFTs Valuable?
The invention of Bitcoin in 2009 made it possible for financial value to be digitized. For the first time ever, it was possible to transfer a digital currency between two parties on the Internet without the need for an intermediary (such as a bank or PayPal) to keep a record of the transaction.
By inventing the blockchain, a decentralized, publicly verifiable database of all the transactions on the network, and securing it with a consensus mechanism called Proof of Work, Bitcoin solved the “double spend” problem that had plagued attempts at digital currencies in the past.
Bitcoin creates – and preserves – digital value because ownership of BTC (Bitcoin’s native digital currency) can be publicly verified, and because BTC is limited – only 21,000,000 BTC will ever be created. As such, it’s no surprise that in a world where everything is becoming digitized, BTC is overtaking physical gold as the next generation’s store of value.
Enter NFTs. While each BTC is fungible, or exchangeable, with another BTC, NFTs are one-of-a-kind items the ownership of which is publicly verifiable on a blockchain.
While it is possible to get bitcoin mining insurance and cryptocurrency insurance for bitcoin, the challenge of getting NFT insurance lies in the fact that there are two separate intangibles that are linked together that comprise the value of the NFT:
- The NFT on the blockchain
- The digital media file or physical object off the blockchain
Here’s the simplified version of the diagram above:
A. The NFT is the token on the left. The NFT on the blockchain contains the unique hash and metadata that was created for the media file. The NFT is “on chain” proof of ownership, like a certificate of authenticity, for the media file on the right.
The unique NFT can only have one owner and the owner has the right to assign its ownership to another party, such as in a sale of the NFT. The wallet address, transaction and ownership history and links to the media file, etc. are verifiable because the blockchain is transparent and publicly available.
B. The media file on the right is not the NFT. The media file is “off chain”. Most NFTs size exceed what can be reasonably stored (because of cost and capacity limitations) on a blockchain. As such, the media files and metadata associated with the NFT are usually stored separately from the NFT itself and connected to the NFT by one or more links.
How Do You Insure An NFT?
Not all NFTs are the same because some are 100% digital and others are digital representations of tangible items.
Conventional insurance coverages that could conceptually cover digital NFTs are property, cyber and crime policies.
However, each falls short when it comes to NFTs.
For instance, today’s standard commercial property policies are triggered by “direct physical loss” to “Covered Property“. As described below in the commercial property form the defined term “Covered Property” includes:
- Building: NFTs are not part of the physical building.
- Business Personal Property (BPP): An NFT could be considered BPP, if a business invested in an NFT.
- Property of Others: An online crypto custodian of NFTs, such as Gemini, could perhaps have NFTs as property of others.
However, an NFT cannot trigger a property claim because an NFT lives on an intangible blockchain and is unable to suffer direct physical loss or damage.
Property Not Covered is a defined term in the commercial property policy that excludes accounts, bills, currency, food stamps or other evidences of debt, money, notes or securities.
NFT insurance is complicated further by pricing fluctuation and a lack of consensus about the value of NFTs at any given time.
A cyber insurance policy may provide coverage for digital asset restoration, but a blockchain is a decentralized system that does not reside in any one place. Indeed, the whole purpose of a blockchain is that it is NOT supposed to be owned by a single entity.
And cyber insurance policies may exclude cryptocurrencies from their definitions of money and securities.
Commercial crime coverage excludes cryptocurrencies… And while it’s possible to add the “Include Virtual Currency as Money” endorsement (CR 25 45) onto the commercial crime policy, coverage is sub-limited and contemplates fungible digital currencies (such as bitcoin) that have high liquidity based on public exchange rates.
In the future, an insurance policy for NFTs may be developed that is a hybrid of property, crime and cyber coverage.
Decentralized NFT Insurance
Decentralized and/or “mutual style” smart contract insurance providers are developing insurance products for digital assets. These platforms include Nexus Mutual, Insured Finance, Cover Protocol (merged with Yearn Finance) and Tidal Finance.
Cover Protocol, through Yearn Finance, provides coverage for smart contracts in DeFi. Tidal Finance is providing insurance for in-game NFT collectibles for an blockchain game called Chain Guardians. This could serve as a pilot for future NFT insurance projects.
Nexus Mutual is a decentralized autonomous organization (DAO) that operates as a discretionary mutual company providing coverage for flaws in smart contracts, yield farming protocols and DeFi protocols.
Nexus Mutual also offers an insurance-like product to protect digital assets against hacks and halted withdrawals on 3rd party exchanges. Exchanges include companies such as BlockFi, Gemini and Coinbase and other custodial wallets. Nexus Mutual has its own capacity for each platform.
Nexus Mutual has an intuitive user interface and, from the description, it seems possible that – in theory – you could buy coverage for an NFT being held by a 3rd party custodian such as Gemini to protect yourself against a hack.
Coverage is designed to protect against a hack of the custodian or some unintended internal use of the Gemini platform that leads to financial loss. In the video above (at about 5:00 minutes) with founder, Hugh Karp, describes the types of claims that have been submitted, paid and denied.
Nexus Mutual charges a 2.6% annual premium in ETH against the value of your digital token.
Nexus Mutual is an unregulated entity known as a “discretionary mutual” as opposed to a traditional insurance company. A discretionary mutual pools together money to pay claims and agrees based on internal consensus on which claims should be paid. The company describes its cover with the following language:
NFT Risk Management
So, if you can’t insure an NFT yet… How do you protect your NFT investment today?
The best way to protect your investment is to be knowledgeable about how NFTs work and confirm that you’re using best practices for reducing risk.5
The diagram below highlights the different risks of NFT ownership.
A) NFT on the Blockchain: As described above, an NFT is essentially a unique hash and some metadata about its ownership and transaction history that is stored on a blockchain.
The blockchain uses a security mechanism that relies on consensus among all of the nodes on the network. The consensus mechanism preserves the integrity of the information in each block on the blockchain.
Bitcoin has the strongest consensus mechanism and security protocol in Proof of Work. It is also the most decentralized, has been around the longest and has the strongest network effects. As the 2nd largest cryptocurrency in terms of market capitalization, Ethereum is similar in these regards and is the most common choice for minting NFTs. Ethereum is in the process of migrating from Proof of Work to Proof of Stake, a different consensus mechanism that relies on the pledging of ETH tokens as opposed to energy consumption as the resource. It is also possible to mint NFTs using the Bitcoin blockchain using Stacks and a method called Proof of Transfer.
If the blockchain is secure, decentralized and resilient to 51% attacks, your NFT should not – in theory – need insurance.6 This is because blockchain records are immutable due to their decentralized nature, strong security protocol, network effects, and proven history of uptime/success.
However, NFT smart contract hacks are possible and, as mentioned above, the digital file and metadata associated with the NFT may be stored elsewhere (i.e. off-chain).
B) Decentralized Storage of Digital Media File: As mentioned above, unless the media file is stored on the blockchain along with the Hash/URI there is a risk that the media file could disappear depending on where and how it is stored.
However, the digital media file that the NFT links to should be – in theory – insurable through a cyber policy that includes “digital asset restoration”.7 You should download the digital file and store it redundantly in multiple places. You can verify that the file is identical to the original linked file by running it through a hash algorithm which should result in the identical hash to the original.
Depending on how it is hosted, there is a risk that the link that points from the NFT to the digital file could be corrupted or lost. To reduce risk of loss, the off-chain data should be stored using a decentralized file storage system such as IPFS or Sia, to eliminate the risk of a single point of failure in the storage system, leading to the loss of the NFT.
C) Tangible Artwork Is Insurable: As described above, tangible artwork or physical items that are represented digitally by an NFT should be insurable just like any other physical item. Apart from the digital NFT, any separate physical certificate of authenticity should be stored in a different location from the physical item, such as a fireproof safe or bank vault.
For commercial businesses, high value items such as gold coins, gold bars, artwork, currency, bearer bonds, wine collections, etc. can be insured whether in storage or in transit. The same risk management approaches would apply to reducing risk with links from the NFT.
D) Cryptocurrency Wallet: As described below, choosing a cryptocurrency wallet is one of the most important decisions in NFT risk management. Choosing a wallet requires being aware of the trade-offs that come with different wallet storage, custody and security options.
Choosing a Cryptocurrency Wallet
It’s estimated that approximately 20% of all bitcoin ever created is unrecoverable due to private keys being lost or stolen. This can be chalked up to poor risk management when it comes to managing the custody of digital assets and your private keys.
Your choice of crypto wallet comes down to three factors, each of which comes with trade-offs in terms of convenience and security:
- Software vs. Hardware Wallet: A software wallet (aka “hot wallet”) is connected to the Internet and sacrifices some security in exchange for ease of use and convenience. A hardware wallet (aka “cold wallet”) is disconnected from the Internet most or all of the time which increases security, but is less convenient.
- Custodial vs. Non-Custodial Wallet: A “custodial” wallet is a 3rd party hardware or software wallet that provides a custody service by taking possession of your private keys so you don’t have to manage them. A “non-custodial” hardware or software wallet means no 3rd party has custody of your private keys. You are in custody of your own private keys.
- Single or Multi-Signature Wallet: A single signature wallet has a single point of failure meaning that if you lose your wallet or if your private keys are compromised, you can lose your NFT or crypto. A multi-signature wallet uses a “2 of 3″, or “3 of 5” approach to securing your private keys. This way you are still able to recover your digital assets if your wallet is compromised, lost or stolen.
At the end of the day, the best cryptocurrency wallet for you comes down to how comfortable you are with technology and how eager you are to learn about the unique features of cryptocurrencies, such as bitcoin, that make them unlike any other alternative asset.
Future NFT Insurance Standards
The EIP-1523 standard was proposed in October 2018 to standardize the metadata associated with an NFT insurance policies. Note that this is a separate concept from buying insurance to protect against the loss of or damage to an NFT.
Approximately 13% of Americans have invested in cryptocurrencies and digital assets and I believe this will number will only increase.
As digital assets represent an increasingly large percentage of all investment portfolios over time, the need for digital asset insurance and risk management, such as for NFTs, will only increase as well.
- Beeple sold his "Everydays: The First 5,000 Days" NFT to Metakovan for $69,000,000, NBA Top Shots sell for hundreds of thousands of dollars, CryptoPunks NFTs (the header image at the top of the post) are selling for millions and Jack Dorsey sold his first Tweet as an NFT for $2.9 million for charity.
- OpenSea gives you the option of where to save your NFT.
- The process would be similar for a physical object except the description and attributes of the physical object would be a text file and/or a photo or bar code that is run through the SHA-256 cryptographic hashing algorithm to result in a digital signature for that physical item.
- However there are other blockchains such as Flow and Solana that can also be used to create NFTs and more are being developed. Indeed, it is even possible to create NFTs using the Bitcoin blockchain using Clarity smart contracts on Stacks.
- I'm not a computer scientist or full stack programmer or anything like that so I would refer to the links I've included in this article to read more about how NFTs work and the best way to protect them with decentralized storage, etc.
- The Bitcoin network has run, essentially with 99.99% uptime, without insurance, since 2009.
- This type of commercial cyber coverage exists and is widely available.
- Christoph Mussenbrock "EIP-1523: Standard for Insurance Policies as ERC-721 Non Fungible Tokens," Ethereum Improvement Proposals no. 1523, October 2018. [Online serial]. Available: https://eips.ethereum.org/EIPS/eip-1523.