In a recent tweet, analyst Cygaar shed light on the intricacies of the PayPal stablecoin contract.
One of the key points Cygaar highlighted was that the contract is written in an extremely old version of Solidity. This detail is significant as it speaks to the age and potential vulnerabilities of the contract’s underlying code.
Cygaar also pointed out that the contract allows the owner to pause all transfers. This feature gives the owner a significant amount of control over the contract’s operations, which could be a concern for those interested in the decentralization aspect of blockchain technology.
Further, the contract allows the owner to freeze addresses to prevent actions. This is another feature that underscores the level of control the contract owner has, potentially limiting the freedom of other participants.
Lastly, Cygaar noted that the contract allows admins to increase the total supply at will. This feature could have significant implications for the stablecoin’s value and stability, as it allows for the potential manipulation of supply. Despite these centralized features, Cygaar concluded his analysis by stating that the contract is at least transparent.
In addition to Cygaar’s analysis, the thread also included some noteworthy comments from other users. One user pointed out that “the code looks very similar to Paxos.” This observation suggests that the PayPal stablecoin contract might not be as unique as one might assume, but could instead be based on pre-existing models.
Another user confirmed this observation, stating, “Ah yeah, you’re right, just diffed them and the code in all three (current implementation, prior implementation, and the linked Paxos implementation) is all pretty much identical with the exception of naming and reverting strings.” This comment further supports the idea that the contract’s code may have been borrowed from other sources.
Doge2014 raises 500K in days celebrating Dogecoin. Make potentially big profits and get in on exclusive airdrop!
Show more +Cygaar himself humorously responded to these observations, stating, “Looks like they just copied and pasted old code, lol.” This comment, while light-hearted, underscores a serious point about the potential lack of originality in the contract’s code.
According to a tweet by journalist Wu Blockchain, Paxos has the ability to suspend the authorization and transfer functions of PayPal’s stablecoin PYUSD in the event of a serious security threat. This information was revealed through Github.
Paxos also has the power to freeze or seize the assets of criminal parties when required by law. Furthermore, addresses with AssetProtectionRole permissions can initiate freezing/unfreezing or even wipe the balance of any account. This mechanism is similar to the blacklist freezing mechanism found in other stablecoins like USDT and USDC.
