On August 7, the payments giant PayPal launched the PayPal USD (PYUSD) stablecoin, issued by the infrastructure firm Paxos. It is already available outside the United States. For American customers, the service will be rolled out in the coming weeks.
The news drew mixed reactions from the community. Some spoke of positive prospects for the crypto industry, others pointed to potentially high fees, a third warned of risks associated with the new asset, emphasising centralisation.
Regulators, in turn, urged swifter regulatory scrutiny of the ‘stablecoins’ segment.
Architecture and Objectives
PayPal USD is built on the Ethereum blockchain following the ERC-20 standard. The coin’s smart contract includes functions to freeze and burn funds from the balance.
The stablecoin is pegged to the US dollar at 1:1. According to the company’s release, the asset is fully backed by “US dollar deposits, short-term Treasury bills and similar cash equivalents.” At the time of writing, PYUSD supply stands at 26.9 million tokens.
In the early stage the stablecoin will be used in the crypto and Web3-sector contexts, for example, swapping for other coins or payments in games. Later the asset will be extended to money transfers and micropayments. It will operate in tandem with PayPal’s other crypto services and will gain compatibility with popular exchanges, wallets and apps.
Starting in September 2023, Paxos will publish a monthly PYUSD reserve report, backed by public attestations from independent auditing firms.
PayPal CEO Dan Schulman told Bloomberg that, by enabling instant and accessible transfers without the involvement of a central intermediary, the company aims to cement its dominance in digital payments. Over the past year, as online payment activity slowed since the COVID-19 pandemic, the firm’s shares have fallen by more than 35%.
Rumours of plans to launch a stablecoin surfaced in May 2021. According to informed sources, in 2022 PayPal also considered a collaboration with FTX for the initial issuance of the coin on the Solana blockchain. However, due to the exchange’s collapse, work was halted.
In February 2023 the initiative was postponed again amid tightening U.S. regulatory policy, notably in the wake of an investigation into Paxos, then selected as the PYUSD issuer.
PayPal opened access to cryptocurrencies to its customers in November 2020. From April 2021 the company added support for Bitcoin, Ethereum, Litecoin and Bitcoin Cash in its mobile payments service Venmo.
In its first-quarter 2023 earnings report, the company disclosed that it holds about $1 billion in cryptocurrency for its customers.
The total number of active PayPal users worldwide exceeds 350 million.
Community reaction and market prospects
A number of crypto enthusiasts reacted negatively to the PayPal initiative. In particular, Joe Burnett, chief analyst at Blockware Solutions, said those backing the PYUSD launch have “lost the plot.”
“Buy Bitcoin and store it in a cold wallet. That is where the innovation lies, not ‘dollars on the blockchain’ from big tech corporations,” he wrote.
Likewise, skeptics argue that the new coin would resemble a poorly designed and censored CBDC.
Supporters positively assessed the impact of the new coin on the Ethereum blockchain in the context of broader adoption. According to Ryan Sean Adams, co-founder of Bankless, the network of the second cryptocurrency could become “the money layer of the Internet.”
“430 million accounts actively process online payments, and that means more than 5% of the world’s 8 billion people could theoretically be connected to Ethereum via PayPal’s new stablecoin,” he explained.
Issues surrounding the coin
Several smart-contract auditors noted that the code-deployed freeze and burn functions are textbook examples of centralisation attack vectors in Solidity contracts.
Crypto researcher Chris Blec expressed concern that PayPal would deploy the controversial functions where necessary. Other smart-contract auditors added that the PYUSD smart contract could be altered by PayPal at any time.
Blockchain engineer Patrick Collins described the choice of an outdated Solidity version for programming the smart contract as “suboptimal,” and criticised the lack of gas-saving mechanisms in its execution. Potentially high transaction costs for the new asset have become the main stumbling block for the crypto community.
“PayPal is launching the stablecoin on the Ethereum mainnet, not literally dozens of two-cent rollups they could use instead, which, frankly, is a brilliant way to ensure that their own outsized fees look like a mere speck beside the gas,” noted Web3 enthusiast David Felps.
Amid the controversy, Tron co-founder Justin Sun proposed the possibility of issuing PYUSD on his blockchain.
“The Tron network is fast, secure and efficient. Transfers worth about $12 billion pass through it every day,” he wrote in a tweet.
However, given that tokens of major public blockchains are treated by the SEC as securities, experts deem the likelihood of expanding PYUSD to other L1 blockchains relatively low.
Impact on other stablecoins
According to CoinGecko, the current total market capitalization of existing stablecoins exceeds $125 billion. The largest is USDT at $83.4 billion.
Tether’s Chief Technology Officer Paolo Ardoino, in a comment to The Block said that the PayPal stablecoin launch would not affect their company, as the firm does not serve U.S.-based users. He also welcomed the growth of competition and the prospects for PYUSD’s international rollout.
“This is interesting. Yet another stablecoin in the US. It could reduce payments revenue that largely funded Mastercard and Visa. It will also help the industry grow further and achieve sensible regulation,” Ardoino added.
Experts do not expect an immediate impact on the second-largest stablecoin by market cap, USDC from Circle.
David Wells of Enclave Markets suggests that PYUSD and USDC will compete for customers in the regulated US stablecoins segment and on DeFi markets. However, listing on major trading platforms is required first.
Huobi has currently announced support for PayPal’s stablecoin. However, representatives of the exchange noted that listing would occur when “market circulation stabilises and liquidity conditions mature.”
Regulators’ reaction
Against the backdrop of the PayPal announcement, U.S. Representative Patrick McHenry, chair of the House Financial Services Committee, underlined the need for legislation on stablecoins.
“This announcement signals that stablecoins, if issued within a clear regulatory framework, promise to become the backbone of our payments system of the 21st century,” he wrote.
Expert opinions
USDT’s dominant position cannot be displaced today, and PayPal likely created this instrument to improve its internal operations, GMT Legal managing partner Andrey Tugarin told ForkLog. At the same time, experts remain sceptical about the backing of the stablecoin, recalling the TerraUSD collapse in May 2022.
“The process of auditing stablecoin reserves is periodically criticised for the alleged lack of guarantees that the company really has the reserves it claims on its accounts,” — noted Yulia Privalova, head of FinTech & Crypto practice at DRC.
She recalled that in 2019, Tether Limited’s chief legal officer Stewart Hogner acknowledged that USDT was backed by fiat reserves only to 74%.
An important aspect is also the absence of regulation of the stablecoin market in the United States.
“If stablecoins can truly confirm and maintain their reserve backing and be used to pay for purchases via PayPal, they will undoubtedly become a new universal currency,” — Privalova said.
Allbridge.io co-founder Andrey Velikiy added that the new stablecoin could surge as it is backed by a major player.
“But regulation will influence it, so it will be distrusted, especially because funds could be frozen at the smart-contract level,” — he noted.
A more serious risk to the asset’s security and overall functionality could come from using an old version of Solidity, as explained by ForkLog’s head of analytics at HAPI Labs, Mark Lechuk, who said that the contract may be vulnerable to well-known attacks (such as reentrancy), bugs or vulnerabilities fixed in later releases.
Furthermore, this reduces maintainability and the upgrade process as gas prices rise.
“Ethereum network updates and improvements could make contracts using older Solidity versions incompatible with newer systems. This could lead to unpredictable behaviour or even contract breaks,” — noted the expert.
Also, using an older version may limit access to community support and resources.
Lechuk emphasised that even with repeated tests of the old Solidity version and a certain degree of stability, its use cannot be considered completely safe.
“Security is a constant process, and updating older versions involves not only fending off current threats but also readiness for future risks and changes. You must consider the project context, security risks and the needs for new features,” — he noted.
PYUSD can be paused and addresses can be added or removed from the blacklist, as is common with centralized-stablecoins. It also uses so-called “roles” for privileged access.
“They have made an interesting deviation from the standard: PYUSD can be removed from any address on a “blacklist”. This means that if an address is frozen, tokens on it can be permanently removed. This unusual feature is likely implemented to address security concerns. Essentially, they purge a bad address and issue new tokens on the safe one,” — Lechuk added.
In summary, the expert noted that the overall contract structure resembles a standard stablecoin with more “governed” user interactions.