MetaShield on-chain protection system, the next industry hotspot?

Author: 0xCena

Security Risks of Uncertain Cryptographic Assets

With the rapid emergence of the Web3 concept, more and more users hope to become "natives" of the Web3 world by holding cryptographic assets. Web3 is bringing broader investment opportunities and returns to investors, and holding cryptographic assets (especially some trendy NFTs) is increasingly seen as a cool thing. As the number of on-chain protocols increases and more traditional giants enter the Web3 space, this trend is growing.

Web3 advocates "decentralization," and its characteristics of permissionless, peer-to-peer, and public transparency/ pseudonymity are making Web3 protocols and cryptographic assets more inclusive for users and potential users. However, these cryptographic native and non-compliant regulatory characteristics are also lowering the threshold for malicious activities in the Web3 world, raising security risks, and becoming hidden dangers in the field of cryptographic asset security.

From an industry perspective, the vast majority of asset security issues stem from attacks and malicious actions by project parties (fraud, rug pulls, etc.). Especially with the explosive growth of on-chain applications promoting more widespread on-chain transactions, the probability of security incidents is increasing.

According to the "2022 Global Web3 Industry Security Research Report" by Zero Time Technology, there were 306 security incidents in 2022 (with GameFi, DAO, etc., being the hardest-hit areas), resulting in a cumulative loss of $10.1 billion. Compared to 2021, there were 64 new incidents, a year-on-year increase of 26%, which typically leads to losses for investors, including asset loss, theft of protocol contracts that cannot be compensated, and rapid depreciation of assets after attacks.

In addition, due to policies, regulations, market panic, etc., some Web3 institutions facing bank runs and insolvency have also caused significant losses for many investors, such as the collapse of CEX represented by FTX.

Thus, we see that investors holding cryptographic assets and using Web3 facilities (on-chain applications, CEX, CeFi, etc.) face multiple factors leading to uncertain security risks every day.

Although, from a broad perspective, regulation and compliance in the Web3 industry will be a major trend, how the Web3 industry can smoothly "connect" with regulatory agencies is a topic worth discussing. While DeFi applications represented by Nexus Mutual (which requires KYC) and dYdX (which requires facial scanning for certain activities) are attempting to collect user identity information, more and more users complain that they are not "Web3" enough. Under low regulatory conditions, this does not necessarily promote security in the cryptographic industry.

From the protocol (platform) perspective, to ensure user asset security, it is necessary not only to strengthen audits, avoid token vulnerabilities, and build more reasonable security while ensuring that project developers (teams) do not act maliciously, but also to resist market risks (in fact, the vast majority of Web3 facilities are powerless in the face of extreme market risks). Therefore, directly promoting security may still be a long way off.

Can Cryptographic Assets Be "Insured"?

In the Web2 world, a developed insurance industry is indirectly providing insurance for many things. The objects of insurance can include assets (real estate, high-value assets, etc.), health, accidents, diseases, etc. Although it cannot directly prevent certain unfortunate events from occurring, it can economically compensate to minimize losses after they happen. However, in the Web3 world, cryptographic assets (FT & NFT) are the primary asset form, and these assets do not possess legal enforceability and compliance in most regions; thus, Web2 insurance policies do not apply to cryptographic assets.

Of course, there have been attempts in the cryptographic world in the "insurance" field. The DeFi insurance sector can prevent cryptographic assets from falling below a set price due to market factors through derivatives. Representative projects include Cover, ISM, Helmet, etc. The insured and the insurer usually engage in a game, especially as the insurer hopes to profit during market turbulence. Nexus Mutual, on the other hand, establishes insurance pools for targeted projects, attracting investors to vote on insuring the project's fund pool in the form of interest. When a security incident occurs in that project, compensation is provided to the protocol.

We see that these on-chain "insurance" protocols are more like on-chain derivative protocols and have limitations, such as supporting few assets and generally not supporting NFTs. Moreover, they cannot be considered true insurance, as they lack the functions of traditional insurance, such as compensation when assets are stolen. Therefore, as on-chain derivative protocols with better trading experiences, like GNX, dYdX, Opium, and Synapse, continue to rise, the old narrative of DeFi "insurance" protocols is fading.

As the industry continues to evolve in new narrative directions, Web3 is also expected to enjoy insurance compensation services similar to those in the Web2 world. We see that in this field, MetaShield is shaping the early contours, providing comprehensive protection and compensation plans for the Web3 ecosystem and the metaverse in a distributed, DAO form. All cryptographic assets (FT/NFT) that suffer losses due to security incidents are expected to receive compensation from the MetaShield ecosystem.

This article will introduce and analyze the insurance and compensation mechanisms of the MetaShield ecosystem to see if it can inspire the development of asset protection in the on-chain space.

Focusing on the MetaShield Ecosystem: How Can Protection and Compensation for Cryptographic Assets Be Achieved On-Chain?

The MetaShield ecosystem is currently the "on-chain insurance" ecosystem closest to Web2 insurance services, but there are essential differences between the two. Web2 insurance services are centralized traditional businesses; they are centralized profit-making institutions, and the interpretation of underwriting and compensation criteria is determined by the insurer, i.e., the insurance company. Although they generally execute according to relevant industry standards, insurance companies, as compensation executors, often make decisions that are more beneficial to themselves due to their interests, leaving policyholders in a weaker position.

MetaShield focuses on various metaverse ecosystems and Web3 ecosystems, primarily protecting the security of cryptographic assets within these ecosystems. MetaShield itself is a decentralized distributed network, and the decision on whether to compensate policyholders is made collectively by multiple "agents" distributed around the world.

MetaShield has established a forfeiture mechanism to raise the threshold for malicious actions by each role. Additionally, MetaShield is a non-profit ecosystem; it does not intend to accumulate fiat currency or stablecoins as profit. Therefore, unlike insurance companies and previous "insurance" protocols, MetaShield positions itself primarily as a comprehensive protection and compensation plan ecosystem rather than a Web3 insurance protocol, representing a new approach to protection.

In MetaShield, there are mainly two types of roles: "insured users" and "agents," as well as two types of cryptographic assets: "$SHLD" and "$AGTC." Among them, $SHLD is the native token of MetaShield, which can be used as proof of insurance policies and for "POH" payments, governance, etc.

$AGENT is the incentive token for agents, which can only be generated by staking $SHLD tokens or through agent salaries. It is also a necessary asset when purchasing agent NFTs. In the future, to incentivize users and obtain a more liquid $SHLD compensation pool, MetaShield has built a Treasury Pool that allows users staking $SHLD tokens to earn $AGENT rewards.

Insured Users

The MetaShield protocol can accept a wide range of assets, especially supporting cryptographic assets in the metaverse. After users register with MetaShield, they will be provided with an account and a secure vault for each registered account.

This on-chain account can be used to store $SHLD, $AGTC, MetaShield NFTs, and other mainstream tokens for payments and transfers (these assets are used to handle events within MetaShield). The secure vault can also be linked to multiple addresses and NFTs of the user to form corresponding protection relationships.

Of course, users must transfer $SHLD assets into the account generated by MetaShield to establish an insured relationship. The maximum compensation amount from the system is 10 times the value of $SHLD in their account. This means that if User A purchases a policy for an NFT worth $1,000, User A must deposit at least $100 worth of $SHLD in their account to receive full compensation in the event of an asset security issue (additional deposits are allowed).

When User A suffers losses due to various security incidents such as contract exploitation, rug pull cover, theft from cross-chain bridges, loss of private keys, or NFT losses, they can submit a compensation request to MetaShield and report the amount of $SHLD, for example, if $SHLD is worth $2, they should fill in 500 $SHLD as compensation (the system will conduct an honest review and return it after triggering compensation).

At the same time, User A must also stake a certain amount of $SHLD as collateral to prevent fraud (additionally, each compensation request also requires a small fee to prevent high-frequency application fraud).

When User A submits a claim, multiple agents in the system will investigate the claim event and vote on the compensation for that token after the investigation is completed. Only after all agents vote in favor can approval be granted, and compensation can be directly completed (the insured must pay a small amount of $SHLD tokens to the agents, usually 4% of the compensation amount). This process typically takes 2 to 4 weeks, and claim applicants can shorten the process by staking $SHLD tokens.

If the approval is denied, User A has one opportunity to appeal (considered a new case). If it is denied again, the additional staked $SHLD tokens will be burned as a penalty for fraud.

It is worth noting that the agents matched to each claim event in MetaShield are usually random and decentralized. They typically have no relation or vested interest with the policyholders, similar to miners in the Bitcoin network who package transactions, as their sufficient decentralization means they have no vested interest in the transactions of the coin.

The insured users mentioned above can be both C-end users and B-end users, including traditional cryptographic investment companies, Web3 protocols, GameFi projects, etc. The protection model of MetaShield is applicable to a wide range of roles.

Agents

Agents are the investigators and verifiers of compensation events within the MetaShield network. They will examine the evidence provided by the claimant, the hacker's chain data, and internet traces to check whether the loss has genuinely occurred and whether the loss was due to expired breaches or abuse rather than intentional cheating.

Agents must hold agent NFTs to qualify for their roles, and they receive monthly salaries in the form of $AGTC tokens. Additionally, each time they participate in event verification, they will earn $SHLD tokens as business rewards. Agents have levels (a total of 9 levels), and agents who perform well in MetaShield will be eligible for upgrades (after obtaining upgrade eligibility, they need to consume $AGTC tokens).

Higher-level agents can participate in the investigation and verification of higher-level compensation events, and they receive higher salaries and business rewards compared to lower-level agents. For example, in a $10,000 compensation event, six agents will share 4% of that amount, which is $400, and these six agents will divide the reward according to their levels.

To ensure the fairness of agents, casting an incorrect or unjust vote during the investigation will directly lead to a downgrade event (the lowest level will revoke their license).

Additionally, agent NFTs (with a total of only 10,000) can circulate in the secondary market and will appreciate in value as more users become agents, making them a necessity. Currently, agents in MetaShield represent the first Web3 native job, and MetaShield is also recruiting agents (agents who recruit other users to become agents will also receive rewards).

In fact, we see that MetaShield not only builds an anti-fraud model based on economic costs, such as requiring policyholders to stake a portion of $SHLD tokens when initiating claims to prevent dishonest agents from downgrading, but it has also established a trust system based on the POH mechanism, recording claimants' submissions and forming honesty data.

This honesty data will determine the user's maximum protection amount, compensation amount, and corresponding honest staking amount, as well as the minimum amount of $AGTC rewards the user needs to pay. Users with records of malicious actions will face higher financial thresholds.

In the early days of the industry, many predictors believed that smart contracts would be the main executors of on-chain insurance. However, it has been proven that relying solely on smart contracts to build on-chain insurance scenarios is limited. It is not difficult to find that the numerous and decentralized nodes in the Bitcoin and Ethereum networks (10,000 is generally sufficiently decentralized) can meet actual network security needs. By linking the agent mechanism with smart contracts, more scenarios can be adapted. MetaShield is also collaborating with DID providers and blockchain trust rating oracles to prevent fraud or Sybil accounts, thereby limiting malicious actions by agents.

Compared to traditional insurance companies, MetaShield does not collect premiums in advance (it is non-profit) and only retroactively compensates the losses of affected individuals. Moreover, the verification and investigation cycle for MetaShield is 2 to 4 weeks (which can be shortened by staking tokens), while traditional insurance companies typically require about 3 months, resulting in higher overall efficiency.

MetaShield Gives Deeper Meaning to Web3 and the Metaverse

Focusing on the MetaShield ecosystem itself, based on this compensation model, the events for compensation may not be limited to the security of cryptographic assets. Currently, MetaShield is helping agents expand more business scenarios. They can propose more compensation scenarios to DAO communities, such as whether to provide coverage for passing exams, illnesses, or even insomnia, heartbreak, and other innovative forms of protection. Of course, this also requires agents to have higher requirements and challenges during investigations and verifications.

These proposals will be evaluated within the DAO community, and once approved, they will be officially launched. Additionally, the proposal initiators and voting participants will receive dividends when compensation occurs. This continuous incentive model will further help MetaShield enrich its business in this field and continuously provide income streams for agents.

As a metaverse-based MetaShield ecosystem, the metaverse will also be an important window and aggregation channel for users in the future, continuously attracting more new users.

At the same time, as a metaverse infrastructure, it can integrate protection features for various facilities within the metaverse and is expected to help more applications within the metaverse and Web3 provide richer expansion scenarios, creating more online jobs in the metaverse to further promote a new form of the metaverse.

With the improvement of various infrastructures, MetaShield will deeply integrate with multiple tracks such as DeFi, GameFi, and NFTs, building a more complex ecosystem through various gameplay. Based on this, users are also expected to further build their own metaverse projects, making entrepreneurship in the metaverse possible.

Conclusion

MetaShield is of vital importance to the development of the Web3 ecosystem and the metaverse. It is providing security for cryptographic assets in the form of economic compensation, promoting more cryptographic asset holders to receive compensation after their assets are harmed. This compensation mechanism, similar to traditional insurance models, also drives the Web3 insurance field to serve more scenarios, promoting the metaverse and Web3 to develop into more diversified forms and giving them deeper meaning. In the future, working and entrepreneurship in the metaverse will become possible.