Ethereum Smart Contracts and Insurance: Problems and Solutions

In his recent blog post on Medium Andrei Zamovsky, CEO and developer of Ambisafe, a company that has recently joined blockchain insurance platform Inchain, explains the operation of oracles in Ethereum, as well as their employment in insurance of events beyond blockchain.

Zamovski elaborates that the key problem of smart contracts, when applied to processing real-world events, is the fact that the contracts have no way to obtain data from beyond. He also notes that the limitation is partially justified by security requirements in order to avoid usage of enormous computational capacity for the purpose of running DDoS attacks or similar operations.

“Since every node executes every line of every smart contract, and anyone can submit any smart contract, the entire blockchain network can easily become a weapon of DDoS attack as soon as it allows interaction of smart contracts with external resource,” Zamovsky wrote.

This feature of smart contracts entails relevant limitations of their applicability. Exemplifying the matter with insurance events, Zamovsky writes about applicability of oracles in covering the issue.

“Oracle is a smart contract that contains information about the state of “external reality” (e.g. non-blockchain events). There are 2 approaches to fill oracle with the information: using crowdsourced approach, where any participant of the network can submit the data and get some reward for doing that. (see “Prediction markets”); and associate the oracle contract with some trusted party, by delegating private key to that party (can be several participants for backup purposes),” the blog post elaborates.

Most definitely, the first approach is more decentralized, and therefore is set to meet a more welcoming attitude in the community. However, prediction markets, being complex and complicated systems, are at early stages of testing now. The second approach has many things in common with SSL certificates. Zamovsky believes it to be quite appropriate for today’s use. It’s the second approach that InChain intends to employ.

“For example if we wanted to set up an oracle that would report earthquakes, we would: assign a keypair to http://earthquake.usgs.gov/, ask USGS to publish their public key (ethereum address) on their website, [and] set up a special module on the backend that will be submitting every new item of the feed to the smart contract,” Zamovski explained.

InChain is a decentralized Ethereum-based blockchain platform for insurance of risks and investment in insurance bonds. The project’s team intends to implement both insurance mechanisms and mechanisms of servicing insurance bonds with smart contracts.