search
user-image
BEOSIN
BEOSIN
Aug 22, 2023

PayPal Launches PYUSD Stablecoin: Analysis of Centralized Stablecoins' Smart Contracts

 

On August 7th, payment giant PayPal announced the launch of the PayPal USD (PYUSD) stablecoin. This stablecoin is issued by Paxos and its contract has been deployed on the Ethereum mainnet. Upon inspecting its contract code, it becomes evident that the PYUSD contract code is quite similar to that of USDP, another stablecoin issued by Paxos. The only notable difference is the addition of an external function called "increaseSupply."

 

Centralized stablecoins primarily operate by collateralizing with fiat currencies. The stablecoin issuer will stake assets such as fiat currency in a bank account as a reserve for its on-chain stablecoins. This article primarily employs Beosin VaaS to scan stablecoins' smart contracts, examining their logic and uncovering differences among various types of centralized stablecoins.

 

USDT

1.  Potential Fees

USDT employs two variables, namely "basisPointsRate" and "maximumFee," to define the fees users need to pay to Tether Ltd. when using USDT. The highest fee is set at 50 USDT. Currently, these two variables are both set to 0, indicating that users do not need to pay any additional fees to Tether Ltd. when using USDT.

Contract Address: https://etherscan.io/address/0xdac17f958d2ee523a2206206994597c13d831ec7#code

 

2.  Blacklist:

Tether Ltd. has implemented a blacklist function in the USDT token contract. If an address is added to the blacklist, that address is restricted from invoking the "transfer()" or "transferFrom()" functions to move USDT. Moreover, Tether Ltd. has the capability to use the "destroyBlackFunds()" function, which sets the USDT balance of blacklisted users to 0, thereby countering blacklisted users.

Contract Address: https://etherscan.io/address/0xdac17f958d2ee523a2206206994597c13d831ec7#code

 

USDC

USDC does not impose any fees. Similar to USDT, USDC also employs a blacklist mechanism where addresses on the blacklist are unable to invoke any functions of the USDC contract. However, USDC does not possess a function akin to USDT's "destroyBlackFunds()" function.

All external functions of USDC require that the address is not on the blacklist.

 

USDP/BUSD/PYUSD

1.  Blacklist

The code of USDP, BUSD, and PYUSD is fundamentally similar. Like other centralized stablecoins, they also feature a blacklist functionality, enabling the addition of an address to the "frozen" list to restrict transfers related to USDP and PYUSD. USDP, BUSD, and PYUSD have a function called "wipeFrozenAddress()," which serves a purpose similar to USDT's "destroyBlackFunds()" function, resetting the stablecoin balances of addresses in the "frozen" list to 0.

https://etherscan.io/token/0xe17b8aDF8E46b15f3F9aB4Bb9E3b6e31Db09126E#code

 

2.  Whitelist

USDP, BUSD, and PYUSD introduce the concept of "assetProtectionRole," akin to a whitelist. Addresses adorned with the "assetProtectionRole" modifier can add an address to the "frozen" list or invoke the "wipeFrozenAddress()" function.

 

3.  Gasless Transfers

USDP, BUSD, and PYUSD further provide two functions: "betaDelegatedTransfer()" and "betaDelegatedTransferBatch()." These allow users to initiate stablecoin transfers without incurring gas fees, by providing signed information and enabling approved parties to act as proxies for users in the transaction.

https://etherscan.io/token/0xe17b8aDF8E46b15f3F9aB4Bb9E3b6e31Db09126E#code

 

Conclusion

Centralized stablecoins adopt blacklist mechanisms to meet regulatory and anti-money laundering requirements. Stablecoins issued by Paxos offer some innovations compared to USDT and USDC. PayPal's deployment of stablecoins on public blockchains will further advance the USD stablecoin market, enabling millions of users to enter the realm of cryptocurrency through the PayPal payment platform.

 

 

Beosin is a leading global blockchain security company co-founded by several professors from world-renowned universities and there are 40+ PhDs in the team, and set up offices in 10+ cities including Hong Kong, Singapore, Tokyo and Miami. With the mission of "Securing Blockchain Ecosystem", Beosin provides "All-in-one" blockchain security solution covering Smart Contract Audit, Risk Monitoring & Alert, KYT/AML, and Crypto Tracing. Beosin has already audited more than 3000 smart contracts including famous Web3 projects PancakeSwap, Uniswap, DAI, OKSwap and all of them are monitored by Beosin EagleEye. The KYT AML are serving 100+ institutions including Binance.

Disclaimer
I confirm that I have read and understood the following: The information contained in this article is strictly the opinions of the author(s). This article was authored free from any form of coercion or undue influence. The content represents the author's own views and does not represent the official position or opinions of CrossAngle. This article is intended for informational purposes only and should not be construed as investment advice or solicitation. Unless otherwise specified, all users are solely responsible and liable for their own decisions about investments, investment strategies, or the use of products or services. Investment decisions should be made based on the user’s personal investment objectives, circumstances, and financial situation. Please consult a professional financial advisor for more information and guidance. Past returns or projections do not guarantee future results.
Xangle or its affiliated partners own all copyrights of the written or otherwise produced materials and content provided on the platform. Any illegal reproduction of such content, including, but not limited to, unauthorized editing, copying, reprinting, or redistribution will result in immediate legal actions without prior notice.