Stablecoins hold a vital position in crypto trading, payments, and savings. As of now, the total market capitalization of stablecoins is approximately $200 billion, with the leading stablecoin, Tether (USDT), having a market cap of $138 billion. Over the past year, several notable stablecoin protocols have gained attention, offering yields to stablecoin holders through real-world U.S. Treasury bonds or hedging strategies.

Previously, Beosin analyzed mainstream centralized stablecoins and launched the Stablecoin Monitoring system in August of this year to assist stablecoin issuers and regulators in monitoring the stablecoin ecosystem. This article will provide a case study of relevant stablecoin protocols, helping users understand their operational mechanisms, key audit points, and compliance challenges.

Ethena - USDe

Ethena is one of the fastest-growing stablecoin protocols, with its USDe token’s market cap reaching $5.5 billion, surpassing DAI to become the third-largest stablecoin. Currently, users holding sUSDe (staked USDe) can earn an annual yield of around 30%, attracting significant attention from the market.

Protocol Principles

Ethena issues stablecoins that represent the value of a delta-neutral position, tokenizing arbitrage trades involving mainstream assets such as ETH on centralized exchanges.

For example, if Ethena holds 1 ETH in spot, it will hedge by taking a short position in a perpetual contract for 1 ETH, generating yield from funding rate arbitrage. Additionally, Ethena uses stETH as collateral for perpetual positions in ETH/USD and ETH/USDT on centralized exchanges.

Therefore, USDe’s yield comes from two sources: staking rewards on mainstream assets (like ETH) and funding rate profits from perpetual contract arbitrage. Each week, Ethena sends rewards through sUSDe Yield Distributions (0x71E4f98e8f20C88112489de3DDEd4489802a3A87) to the StakingRewardsDistributor contract (0xf2fa332bD83149c66b09B45670bCe64746C6b439).

https://etherscan.io/address/0x71e4f98e8f20c88112489de3dded4489802a3a87

StakingRewardsDistributor is the core contract of the Ethena protocol, with two main roles: Owner and Operator. The Owner has the authority to update contract configurations and modify the Operator, while the Operator, authorized by the Owner, is responsible for minting USDe and sending USDe yield to the staking contract.

The Operator transfers USDe to the staking contract.

Currently, the Owner address of the contract is 0x3B0AAf6e6fCd4a7cEEf8c92C32DFeA9E64dC1862, controlled by a 4/8 multi-signature wallet.

Security Risks

1. Centralization Risk

The main security concern for Ethena stems from the use of centralized exchanges for spot-futures arbitrage and off-chain settlement custodianship. Ethena currently relies on custodians and off-chain trading service providers like Cobo, Ceffu, and Fireblocks, with about 98% of the collateral concentrated in three major exchanges: Binance, OKX, and Bybit. If these custodians or exchanges experience operational or technical issues, it could threaten the stability of USDe.

Although Ethena has implemented a fund verification service (similar to Proof of Reserve) that allows verification of all collateral within the protocol, this service is not yet accessible to the general public.

2. Market Risk

USDe’s yield mechanism could face periods of negative funding rates, potentially causing the funding rate profits from spot-futures arbitrage to turn negative. Although historical data shows such periods tend to be short (less than two weeks), it’s important to consider the possibility of longer adverse conditions in the future. As a result, Ethena should maintain sufficient reserve funds to weather such a period.

Moreover, since Ethena uses stETH as collateral, while stETH is generally liquid and the price difference between stETH and ETH is minimal (less than 0.3%) after Ethereum’s Shanghai upgrade, extreme cases may arise where stETH trades at a negative premium, leading to a decrease in the collateral value on exchanges. This could potentially cause a liquidation of the futures hedge positions.

Aside from Ethena, there are several similar stablecoin protocols in the market, such as USDX Money on BNB Chain and Avant Protocol on Avalanche. Their operational mechanisms and security risks are quite similar to Ethena, so we won’t go into further detail here.

Usual Money - USD0

Usual Money’s USD0 is a stablecoin backed 1:1 by real-world assets (U.S. Treasury bonds). Its innovation lies in the combination of real-world assets (RWA) and token economics.

Protocol Principles

Before Usual Money, several stablecoin protocols backed by U.S. Treasury bonds had already emerged, with the largest being Ondo Finance and its stablecoin USDY. USDY’s underlying assets consist of short-term U.S. Treasury bonds and bank deposits, managed by Ankura Trust Company, offering approximately 5% yield to USDY holders.

Unlike Ondo’s protocol, Usual Money has three tokens:

1. USD0 – A stablecoin issued 1:1 against RWA assets (U.S. Treasury bonds).
2. USD0++ – A liquidity bond certificate designed by the protocol.
3. $USUAL – The governance token.

Holding USD0 doesn’t generate any yield. Users must exchange USD0 for USD0++ to capture yield. The yield can be taken in one of the following two ways:

1. $USUAL Yield per Block: USD0++ holders receive $USUAL token yields for each block.
2. Lock for 6-Month Yield: This guarantees USD0++ holders yield equivalent to the U.S. Treasury bond collateral (risk-free yield). Users must lock their USD0++ for a specified period (currently 6 months). After the period, they can claim their yield either in $USUAL tokens or in USD0.

The U.S. Treasury bond yield earned by USD0++ will be fully deposited into the protocol treasury, linking the value of $USUAL to the protocol’s revenue. From the two yield options above, it’s clear that the yields for USD0++ holders are tied to the $USUAL token. Additionally, governance for the protocol is determined through voting with $USUAL tokens. Proposals related to yield will attract more token holders, thus creating a market dynamic for the price of $USUAL.

Usual Money Key Contracts:

1. SwapperEngine

This contract is used to convert USDC to USD0. Users deposit USDC to create orders, and USD0 providers match these orders to convert the user’s USDC into USD0.

https://etherscan.io/address/0x9a46646c3974aa0004f4844b5fcd9c41b2337a7f#code

2. Classical Oracle

Aggregates existing Oracle price feeds. The core function, _latestRoundData(), is responsible for fetching the latest token prices and verifying price data.

https://etherscan.io/address/0xdec568b8b19ba18af4f48863ef096a383c0ed8fd#code

3. DaoCollateral

This contract is primarily responsible for the exchange between USD0 and RWA Tokens (currently USYC, a compliant interest-bearing stablecoin backed by U.S. Treasury bonds). It also has a Counter Bank Run (CBR) mechanism to address liquidity risks, though the CBR mechanism is currently disabled.

Convert RWA Token to USD0

Convert USD0 to RWA Token

Security Risks:

In the bond market, longer maturity periods typically require higher yield compensation. However, the potential yield of USD0++ is only at the level of short-term U.S. Treasury bonds, meaning the risk-reward balance is not aligned. Currently, the U.S. is entering a rate-cutting cycle, which means that the yield of USD0++ will continue to decrease, resulting in lower capital efficiency for its holders.

At present, there is over $700 million of USD0++ in circulation, but the liquidity on Curve for USD0-USD0++ is only $140 million. Only about 20% of the USD0++ is available for withdrawal, which may cause USD0++ to become de-pegged in the event of a run on the stablecoin.

Regulatory Compliance:

With the rapid expansion of the stablecoin market, global regulatory pressures are becoming increasingly severe, particularly in areas like Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT). Stablecoin issuers face growing challenges to ensure the safe liquidity of stablecoins while meeting compliance requirements in various jurisdictions. This has become a key challenge in the industry.

For example, in Hong Kong, on December 6, the Hong Kong government announced the much-anticipated Stablecoin Bill. This legislation provides a detailed regulatory framework for the issuance of Fiat-Referenced Stablecoins (FRS). Below are some of the key requirements for stablecoin issuers under the new regulation:

Reserve Assets

a. A separate reserve asset pool must be established for each stablecoin to ensure its market value equals or exceeds the face value of the unredeemed stablecoins.

b. Reserve assets must be managed independently of other institutional assets.

c. Investments should prioritize high-quality, highly liquid, and low-risk assets.

d. A robust risk management and auditing process must be in place.

e. Public disclosure of reserve asset management, risk control, and audit results is required.

Stablecoin Redemption Mechanism

a. Licensed institutions must guarantee the unconditional redemption of stablecoins, without unreasonable restrictions.

b. Redemption requests must be processed promptly, and after deducting reasonable fees, the stablecoin holder must receive the agreed-upon asset form.

c. In case of bankruptcy, stablecoin holders should have the right to redeem proportionally.

Anti-Money Laundering (AML) and Counter-Terrorism Financing (CFT)

a. Licensed institutions must implement measures to prevent money laundering and terrorism financing related to stablecoins.

b. Compliance with the Anti-Money Laundering and Counter-Terrorism Financing Ordinance and related measures is mandatory.

Interest-Free Policy

a. Licensed institutions are prohibited from paying interest on stablecoins or assisting in any form of interest payments.

Currently, there are no clear and specific regulatory guidelines for interest-bearing stablecoin protocols that are not pegged to fiat currencies in Hong Kong. \
The current regulatory framework in Hong Kong aims to ensure the stability, security, and transparency of fiat-pegged stablecoin ecosystems while protecting the interests of relevant stakeholders. The Stablecoin Bill is set to undergo its first reading in the Legislative Council on December 18.

In the United States, USDY and USYC, which are interest-bearing stablecoins backed by U.S. Treasury bonds and tokenized by the U.S. Treasury Department, provide yields directly to holders. USYC is regulated by the U.S. Commodity Futures Trading Commission (CFTC), and the collateral used in the Usual Money protocol is USYC.

However, interest-bearing stablecoins based on DeFi or centralized exchange trading strategies face more complex market risks, and safeguarding the interests of stablecoin holders remains a challenge for regulatory authorities in different regions.

Beosin has previously completed security audits for several stablecoin protocols, such as Aqua Protocol in the TON ecosystem, Hope Money in the Ethereum ecosystem, and BitSmiley, a popular stablecoin project in the Bitcoin ecosystem. The audits covered multiple aspects, including the security of smart contract code, the correctness of the business logic implementation, gas optimization in contract code, the discovery of potential vulnerabilities, and their subsequent fixes, helping to ensure the secure development of these protocols.

Conclusion

This article analyzes the principles, core contract code, and risk points of interest-bearing stablecoin protocols. Project teams should continue to focus on the security of both project operations and contract business logic, especially in terms of permission management. At the same time, stablecoin protocols must implement effective risk management strategies and maintain sufficient capital reserves to deal with extreme market conditions, thus ensuring the value of their stablecoins remains unaffected.

Disclaimer:

1. This article is reproduced from [Beosin)]. The copyright belongs to the original author [Beosin]. If you have any objections to the reprint, please contact the Gate Learn team, and the team will handle it as soon as possible according to relevant procedures.
2. Disclaimer: The views and opinions expressed in this article represent only the author’s personal views and do not constitute any investment advice.、
3. Translations of the article into other languages are done by the Gate Learn team. Unless mentioned, copying, distributing, or plagiarizing the translated articles is prohibited.