BraveNewDeFi

about 1 month ago

This is @NexusMutual's third incident report in 2026 on a major loss event, where we talk about the root cause and how our coverage applies 👇

about 1 month ago

Nexus Mutual's detailed incident report about the KelpDAO/LayerZero incident is now live ✍️ Our risk experts dig into: - How the attack unfolded - How the damage spread - The systemic vulnerability it highlighted - The industry response - Is this covered? - How we're addressing the opsec gap See the full report here: https://t.co/jrQ6t4BpVU

373

BraveDeFi retweeted

OpenCover @OpenCover

about 9 hours ago

A new Covered Vault is going live soon. Can you guess the protocol? 👀

108

BraveDeFi retweeted

Symphony

@symphonyio

2 days ago

Meet the first app that lets you travel the world just by saving money. Earn a fixed 5% APY, plus credit-card-style points you can redeem for travel and experiences through our global airline and hotel partners. Symphony is now live. Download it today.

2 days ago

@roth_edgar @symbioticfi @FelixLts It was a pleasure working with you on @NexusMutual's gtm for our Symbiotic network. I'll miss our regular catch ups! I look forward to working together in the future at whichever company is lucky enough to have you 🫡

Who to follow

The first crypto insurance alternative: covering crypto since 2019 @NexusMutualDAO

Joey @ NS

@joeysantoro

Building @ns at the frontier of human society. Creator of @erc4626 @feiprotocol

Fernando

@fcmartinelli

@Balancer co-founder, all opinions my own.

BraveDeFi retweeted

Security Alliance

@_SEAL_Org

2 days ago

It's finally happening! SEAL Certifications are now open for business. 🎉

109

19K

BraveDeFi retweeted

Hugh Karp 🐢

@HughKarp

3 days ago

https://t.co/FDM8ckD3oz

851

9 days ago

@OndoFinance I'm so sorry to hear this. Nate was so kind and had an outsized impact on our industry. He will be missed. My condolences to all his colleagues at Ondo 🫶

140

BraveDeFi retweeted

elbagococina.eth

@elbagococina

13 days ago

KPK vaults are built with security at the core. Beyond conservative strategies and robust operational infrastructure, users can now access @NexusMutual coverage directly through our UI, adding an extra layer of protection to their vault exposure. Safer access to DeFi yield.

elbagococina's tweet photo. KPK vaults are built with security at the core.
Beyond conservative strategies and robust operational infrastructure, users can now access @NexusMutual coverage directly through our UI, adding an extra layer of protection to their vault exposure.
Safer access to DeFi yield. https://t.co/M6kpAmBxFz

637

BraveDeFi retweeted

13 days ago

Today marks 7 years of Nexus Mutual helping people protect their digital assets 🎂 A big thank you to all of our mutual members, partners, and our hardworking team for making this milestone possible You're Covered with Nexus Mutual 🤝

NexusMutual's tweet photo. Today marks 7 years of Nexus Mutual helping people protect their digital assets 🎂

A big thank you to all of our mutual members, partners, and our hardworking team for making this milestone possible

You're Covered with Nexus Mutual 🤝 https://t.co/hmX2cNCy2K

BraveDeFi retweeted

14 days ago

Vaults made DeFi simple: Covered Vaults makes it scalable @OpenCover's Covered Vaults launched in April 2026 after nearly a year of development with Nexus Mutual and more than 15 design and launch partners, including @Morpho, @Kiln_finance, @symbioticfi, and @base Vaults can access up to $50 million in cover capacity, with eight-figures in TVL already protected “OpenCover is constantly raising the bar on simplifying DeFi risk management,” said @HughKarp “Covered Vaults not only make it easy for investors to cover their assets, but it also enables any vault to support cover options. This is a major win for everyone in vaults, from investors to builders and curators.” Learn more here: https://t.co/ZUvzxtDxPr

BraveDeFi retweeted

fricoben

@Fricoben

14 days ago

We spent the last few weeks formally verifying smart contract invariants across Ethereum protocols using AI and Lean. Here's the methodology and what we learned 🧵

Fricoben's tweet photo. We spent the last few weeks formally verifying smart contract invariants across Ethereum protocols using AI and Lean.

Here's the methodology and what we learned 🧵 https://t.co/PEQ1ykKoj2

BraveDeFi retweeted

16 days ago

With over $100 million lost to crypto-related kidnappings, ransom, and extortion so far this year, the industry is starting to take physical security seriously - How do the criminals operate? - Where is it happening? - Who is targeted? - How can crypto investors and builders stay safe? We examine the 2026 crypto K&R trends here: https://t.co/heQxKsVhQH

BraveDeFi retweeted

Gnosis Pay 🦉💳

@gnosispay

17 days ago

Brazilians holding dollars can now: - Earn yield. - Stay in full self-custody. - Have the position covered on-chain by @NexusMutual via @OpenCover. One app. Live on @gnosischain. While fintechs pitch, @usePicnicBR ships. Put your dollars to work now.

17 days ago

Learn more about Picnic's partnership with OpenCover 👇 https://t.co/Eev15Y5e38

OpenCover @OpenCover

17 days ago

Protected onchain yield is now live directly inside @usePicnic 🛡️ One of the first real-world examples of embedded onchain protection reaching mainstream fintech UX. Powered by @OpenCover and underwritten by @NexusMutual.

17 days ago

Picnic is bringing safe onchain savings to the masses on @gnosischain 🙌 Great to see @OpenCover's Covered Vault primitive helping Brazilians access onchain yields w/ downside protection!

Picnic ✨

@usePicnicBR

17 days ago

Hoje o Picnic entrega algo que nenhuma fintech do mundo fez antes. Rendimento DeFi. Cobertura on-chain. Autocustódia total. UX 1:1. 5 protocolos. 1 stack. Zero buzzword. Apresentamos a Caixinha Protegida. 🧵👇

13K

347

20 days ago

Points 1-6 are a good starting point, but digging into some of those in more depth or looking at others is important when doing DD. Here are some other areas to dive into: - Economic design. Outside of the code, is the economic design of the protocol sound? Can a death spiral occur during market stress; do low or zero fee features expose a protocol to economic attacks? The non smart-contract-based attack surfaces are important to review during the DD process. - Protocol maturity, performance during market stress. How long has a protocol been live; what is the max TVL a protocol has held and for how long; how has a protocol performed during market stress or during periods of protocol-specific stress (e.g., mass redemptions, unwinding positions during market crashes, etc.) - Team quality, track record. Is the team known? (If not, do the anons running a protocol have a track record of working in DeFi?) Have team members worked on protocols that have suffered loss events in the past? If yes, do certain team members have a history working at multiple protocols that have suffered loss events? Do they have experience working in the sector they're building in? This should be looked at in addition to the legal aspects (e.g., jurisdiction, if they've set up a bankruptcy-remote structure for offchain holdings, etc.) - Loss history. Has a protocol been hacked before or suffered any type of loss event (e.g., exploit, opsec failure, fat-finger error, oracle misconfiguration, etc.). If yes, how did they respond/recover? Were they able to recover funds or make users partially or completely whole? - Security practices beyond audits/bug bounties. Looking for audits, bug bounties, and comprehensive testing practices is an important part of evaluating a codebase, but does a team using monitoring services like Hypernative, Blockaid, Hexagate, etc.? If you find there are privileged actions within a protocol's design, how are those actions executed? Is there an upgradeable proxy in use? If so, is it owned by an EOA, multisig, MPC wallet? What's the exeuction threshold on the multisig that owns a proxy contract? Digging into OpSec best practices is just as important as looking for audits. This level of DD is harder to perform because OpSec info isn't public, but there should be information made available about the use of multisigs, MPCs, etc. @_SEAL_Org has great guidance on this in their frameworks, like the Multisig Security Framework: https://t.co/aYR3Yog4po - Transparency, disclosure practices. Is the codebase public or private? Does a team offer transparency or do they just say they're transparent in their documentation? You can evaluate a protocol and its team based on their actions/track record on disclosures about security incidents (if they were impacted by another event or if a loss occurs, does the team publish a detailed post-mortem). If funds are deployed into underlying strategies, is it easy to verify where those funds are deployed or is there a third-party service like Accountable where you can verify onchain/offchain holdings? - First-loss coverage. Does a protocol have a self-insurance module (e.g., Aave Umbrella) and has it ever been used? Does a protocol team purchase insurance and, if so, what type of coverage/what are the payout triggers? Is there any first-loss coverage available? Does the protocol implement senior/junior tranching? If yes, what is the premium being paid to junior tranche capital providers? Can you buy coverage/insurance for protocol, economic risks or depeg coverage? If yes, what is the rate coverage providers are charging? These are just some of the checks we run when doing assessments at @NexusMutual. We've built our own tooling to run these checks in addition to reaching out to teams directly. We also run regular assessments since risk is constantly changing, especially in lending markets and perps protocols. And I cannot recommend the @_SEAL_Org Frameworks enough. Use these frameworks to assess how well a protocol team adheres to industry best practices: https://t.co/fNSX3xcJX5

968