🙋FAQ
General
What is MikaLock?
MikaLock is an audit marketplace and smart contract coverage protocol built on the Ethereum blockchain. MikaLock works to protect Decentralized Finance (DeFi) users from smart contract exploits with security reviews from top auditors backed by smart contract coverage on the audited contracts.
How is MikaLock different from other audit firms?
Most audit firms rely on their reputation to convince protocol teams to use them. This is a poor way to guarantee incentive alignment. MikaLock provides something far more valuable than reputation: USDC. If a contract that is audited and covered by MikaLock has a bug bounty payout (or gets exploited), then MikaLock's staking pool can pay out USDC to reimburse the entire bug bounty (minus a deductible) or part of the exploit. This is a much stronger incentive to do a good job vs. relying on an amorphous reputation across hundreds of audits and dozens of individual auditors.
Many audit firms charge 100% more than what they pay individual auditors. This is the "reputation premium." MikaLock can pay top independent security experts more than they would make at leading audit firms. Then MikaLock can offer USDC backing behind MikaLock's audit. And the cost can often STILL be lower than what most traditional firms charge.
Good security work is done by talented individuals. Many audit firms have been known to hide lesser talented individuals behind their overall audit firm reputation. This means the quality of audit you will get from other firms is highly variable. You should always check to see who the individual auditors are. MikaLock is very transparent about the qualifications of individual auditors.
How is MikaLock different from other risk management protocols?
Coverage is managed by protocols/DAOs instead of users
Right now, the burden of managing smart contract risk is borne entirely by users. By working directly with protocols, smart contract coverage can be applied to all users with no extra work required. It's very difficult for users to coordinate on a whitehat bug bounty, so this is better managed by the protocol team. Not to mention, when an exploit happens, protocol teams often find themselves deciding to reimburse all users as much as possible, so getting covered at the protocol level helps builders sleep better.
MikaLock can price coverage the lowest because we do the most up-front work
Because MikaLock requires a full audit from MikaLock before coverage can go live, MikaLock gains more confidence in the security of the smart contracts than anyone else. This allows Mikalock to reward safe protocols for being safe by pricing coverage lower than anyone else can offer.
Claims decisions are made by an unbiased 3rd party
Follow the incentives. Does a successful payout rely on a decision made by someone who will lose a lot of money if they decide in your favor? MikaLock has partnered with UMA to offer an unbiased claims process handled by objective, third-party voters who have economic guarantees around their incentives. Read more here.
How does staking work?
A user stakes USDC for a fixed term (6 months or 12 months) and receives a market-leading yield in return. The yield is partially fixed, partially variable. The amount of MIKA tokens a staker will receive is known at the time of staking and is fixed for the duration of the stake. Premiums received by stakers would be expected to increase as more protocols become covered. If there is a covered smart contract exploit during the term, a staker's funds can be slashed up to 50%.
How can I get an audit or coverage from MikaLock?
Please reach out to contact@mikalock.xyz.
Is coverage for a protocol always fully collateralized?
One of the superpowers of a risk management protocol like MikaLock is using diversification to increase the affordability of coverage and limit the need for full collateralization. This is what allows coverage to be affordable in traditional markets. The value staked into MikaLock's staking pools is designed to be less than the total funds that MikaLock is covering. By the same token, the staking pool is also designed to be significantly larger than the max size of coverage at any one protocol.
Isolated exploits should always be 100% paid out. MikaLock is designed to have at least 200% overcollateralization for any singular exploit event.
Things get more interesting if an exploit occurs at multiple covered protocols and drains 100% of the funds of multiple protocols at the same time. In this situation, depending on the capital efficiency of MikaLock, MikaLock may not be able to reimburse each exploit (assuming 4 or more simultaneous exploits) at 100 cents on the dollar. However, MikaLock's risk models are designed to mitigate the risk of multiple protocols being affected by the same type of exploit. Consequently, it would constitute an extremely unlikely event (never before seen in DeFi) to have multiple covered protocols hacked for nearly all of their TVL at the same time -- but it is theoretically possible.
Even in extreme scenarios where MikaLock's capitalization falls below the coverage amount for a single protocol, that protocol will only be charged for the amount it would receive in a payout. This ensures that, at any given time, a protocol NEVER overpays for coverage.
Last updated