[ARFC] Onboard AUSD to Aave V3 on Avalanche

[ARFC] Onboard AUSD to Aave V3 on Avalanche

Authors: Agora

Date: 2024-11-05


ARFC has been updated with latest recommendations by Risk Service Providers 2024-11-14

Summary

This proposal seeks to onboard AUSD, a secure digital dollar backed 1:1 by USD fiat, to Aave V3 on Avalanche. AUSD, issued by Agora, serves as a stable and liquid alternative to USDT and USDC. With a growing AUM and robust liquidity, AUSD will enhance Aave’s liquidity pool, offering users a reliable and efficient stablecoin option with strong institutional backing.


Motivation

Agora offers AUSD, a digital dollar minted 1:1 with USD fiat. AUSD is designed to be a secure digital currency, utilizing one of the world’s largest custodian banks to safeguard assets. AUSD enables users to participate in trading, lending and payments. It is the most cost-efficient stablecoin to transact with due to its gas-optimized smart contract, making it ideal for traders and payments.

Agora operates an open partnership model, allowing collaboration with a diverse range of customers who meet KYB (Know Your Business) requirements and operate in jurisdictions we can serve. This approach contrasts with single partnership models (eg. Exchange-Backed Stables), ensuring that AUSD can be widely adopted across different ecosystems, providing liquidity and stability without conflicts of interest.

AUSD is currently available on Ethereum, Avalanche, Sui and Mantle, garnering $70+ million in TVL and $12+ million in daily DEX volume since contract deployment. The reserve assets are managed by VanEck ($100B+ asset manager) and custodied with one of the largest global banks, ensuring security and safety. AUSD’s unique value proposition also includes zero-fee minting and redemption facilities, making it an attractive asset for all ecosystem participants.

By integrating AUSD into Aave, users will gain access to a stable, liquid asset that supports trading, lending, and other decentralized finance activities. This integration aligns with Aave’s mission to decentralize finance while offering secure and reliable stablecoin options.

POL and Deposit Commitments

We can ensure that $1M+ will be deposited in initial Aave liquidity pools within 1 week of launch. We are working with Tier 1 market makers as well as large institutional firms. Agora already has 50+ institutions (trading firms, exchanges, payment companies, etc.) onboarded.

With Avalanche, in particular, strong additional liquidity programs will be put in place.


Specifications

  • AUSD Token Contract Address:
  • Chain: Avalanche to start
  • Audits: AUSD contracts have been audited by Spearbit and Certora, with zero critical, high, or medium issues identified. We also have conducted a risk audit with Chaos Labs and received an A grade.
Parameter Value
Network Avalanche
Isolation Mode No
Borrowable Yes
Collateral Enabled No
Supply Cap 19,000,000
Borrow Cap 17,400,000
Debt Ceiling -
LTV -
LT -
Liquidation Bonus -
Liquidation Protocol Fee -
Variable Base 0.0%
Variable Slope1 5.50%
Variable Slope2 75.00%
Uoptimal 90.00%
Reserve Factor 10.00%
Stable Borrowing Disabled
Flashloanable Yes
Siloed Borrowing No
Borrowable in Isolation No
E-Mode Category N/A

Risk Analysis

  • Smart Contract Risk: AUSD contracts follow best practices and have undergone extensive audits by Spearbit and Certora, ensuring a secure and reliable smart contract architecture.
  • Market Risk: AUSD is backed by a portfolio of short-dated USD fiat money market instruments, with the majority of the allocation in overnight repo, which is T+1 for maximum liquidity. This backing minimizes volatility and ensures that AUSD remains a stable and reliable asset within Aave’s ecosystem.
  • Chaos Labs: A risk audit has been conducted by Chaos Labs and we have received an A grade.
  • Oracles: Various oracle providers support AUSD including Chainlink, Chaos, Pyth, API3, Redstone, and others.

Links

Gas Optimization, Bloomberg (Raise Announcement)

AUSD hits $100M in weekly volume on Avalanche 1.


Next Steps

  1. Publication of a standard ARFC, collect community & service providers feedback before escalating proposal to ARFC snapshot stage
  2. If the ARFC snapshot outcome is YAE, publish an AIP vote for final confirmation and enforcement of the proposal

Copyright

Copyright and related rights waived under CCO.

1 Like

Due to significant gaps in information regarding Agora’s legal structure, corporate governance, and inter-entity relationships, we are unable to provide full support for the ARFC proposal at this stage.

We can do the following legal entity mapping according to the explanations given during the temp check regarding the Agora structure and @ChaosLabs’s Risk Assessment of AUSD.

  • Agora Blue Ltd. functions as the primary interface entity, facilitating platform access and executing core operational services, including minting and redemption (pursuant to Terms of Use);
  • Agora Forge Ltd. is in charge of minting AUSD;
  • Agora Olive Ltd manages the repurchasing of outstanding AUSD;
  • Agora Reserve Trust, a Delaware Statutory Trust, holds reserve assets;
  • Agora Reserve Trust is a limited Agora Reserve Fund LP partner. VanEck actively manages the fund.

The absence of detailed documentation regarding inter-entity relationships, precise operational mandates, and asset flow mechanisms presents material information gaps that require clarification. Specifically, the contractual architecture governing the movement of assets during minting and redemption processes across these entities still needs to be defined in the provided documentation.

Regarding the Agora Reserve Fund LP structure, several aspects require elaboration. Assuming VanEck’s role as General Partner (GP), standard market practice typically entails specific contractual obligations, including fiduciary duties, investment mandate compliance, and operational oversight. The absence of information regarding performance fee structures, investment strategy parameters, and the extent of Limited Partner (LP) control rights exercised by Agora Reserve Trust represents significant disclosure gaps. Understanding these elements is fundamental for comprehensive risk assessment.

To facilitate a thorough analysis, we recommend obtaining additional documentation, including:

  • Detailed corporate structure diagrams
  • Inter-entity service agreements
  • Limited Partnership agreement specifics
  • Asset flow diagrams
  • Fee structure arrangements

We strongly urge Agora to clarify these critical aspects of organizational structure and governance. We welcome further engagement with Agora to complete our due diligence process and look forward to their response addressing these information gaps.

2 Likes

Overview

Chaos Labs supports listing AUSD on Aave V3’s Avalanche instance. Below is our analysis and initial risk parameter recommendations.

Technical overview

AUSD is a stablecoin developed to address stability, transparency, and regulatory alignment issues in the current stablecoin landscape. Backed 1:1 with USD, AUSD’s reserves include cash and other cash equivalents such as short-term U.S. Treasury securities.

Agora Finance, the organization behind AUSD, partners with VanEck for reserve management, relying on its expertise in traditional finance to manage assets like overnight repurchase agreements and Treasury Bills. State Street acts as the custodian, handling cash flow and fund administration to secure reserve assets. Agora integrates strict compliance protocols, incorporating KYB and AML processes. This compliance includes ongoing transaction monitoring and screening for regulatory adherence across various jurisdictions.

AUSD’s minting and burning mechanisms are integral to its liquidity and stability. Customers undergo a thorough onboarding process that includes identity verification through third-party services like Persona and comprehensive Know Your Business and Anti-Money Laundering reviews. Upon successful onboarding, customers can mint AUSD by transferring USD to Agora, which then mints an equivalent amount of AUSD tokens. For redemption, unique addresses are generated for each customer’s bank account; when AUSD is sent to these addresses, the tokens are burned, and the corresponding USD amount is transferred back to the customer’s bank account. This immediate minting and redemption process facilitates arbitrage opportunities, helping maintain the stablecoin’s peg to the USD and enhancing overall market liquidity.

Here, it is possible to find a more in-depth risk assessment of AUSD from Chaos Labs.

Market Cap

AUSD currently has a market cap of $21.9M on Avalanche, with a total market cap of $74.3M across all deployments. Minting is native to each of the four chains where AUSD is deployed: Ethereum, Avalanche, Sui, and Mantle.

The asset is experiencing robust growth in demand across all deployments, with an upward trend in daily transaction volume and transaction count.

Liquidity

Since its launch, AUSD has maintained an average daily trading volume of $5M across both DEXs and CEXs, with most volume occurring on DEXs like LFJ on Avalanche and Mantle. On Avalanche, AUSD’s liquidity is primarily paired against stablecoins such as USDC and USDT, with a significant concentration on LFJ. The main pools, AUSD/USDC and AUSD/USDT, hold $7.7M and $4.3M in TVL, respectively, contributing to an overall DEX pool TVL of $13.2M, with $8.3M in buy-side liquidity.

These LFJ pools are incentivized with AVAX rewards, introducing the possibility that liquidity could decline after incentives end.

Volatility

The asset’s price history on LFJ’s largest pool on Avalanche indicates low volatility and strong peg stability.

LTV, Liquidation Threshold, and Liquidation Bonus

Since stablecoins on Aave typically show little demand as collateral due to their primary role as borrowable assets, we recommend setting AUSD as non-collateral. This aligns with AUSD’s relatively volatile liquidity profile and limited operational history.

Interest Rate Curve

To support the asset’s use case, we recommend aligning AUSD’s interest rate curve with similar stablecoins on Avalanche, such as USDT. Accordingly, we propose setting UOptimal at 90%, Slope1 at 5.5%, and Slope2 at 75%.

Supply and Borrow Cap

In line with Chaos Labs’ approach to setting initial supply caps, we suggest a Supply Cap of 2x the liquidity available under the Liquidation Penalty’s price impact. Based on the current liquidity on Avalanche, we recommend a supply cap of 19,000,000 AUSD, with a borrow cap at 92% of this value.

Specification

Following the above analysis, we recommend the following parameter settings:

Parameter Value
Network Avalanche
Isolation Mode No
Borrowable Yes
Collateral Enabled No
Supply Cap 19,000,000
Borrow Cap 17,400,000
Debt Ceiling -
LTV -
LT -
Liquidation Bonus -
Liquidation Protocol Fee -
Variable Base 0.0%
Variable Slope1 5.50%
Variable Slope2 75.00%
Uoptimal 90.00%
Reserve Factor 10.00%
Stable Borrowing Disabled
Flashloanable Yes
Siloed Borrowing No
Borrowable in Isolation No
E-Mode Category N/A

Disclaimer

Agora is a Chaos Labs client. Chaos Labs has not been compensated by any third party for publishing this recommendation.

Copyright

Copyright and related rights waived via CC0

2 Likes

Summary

While onboarding AUSD as a non-collateral asset to Avalanche presents manageable risks, the upside for Aave appears limited, with users’ main use case being LP farming (temporary incentives) on Trader Joe DEX. We resonate with @ACI’s stance on ensuring minimum risk/reward threshold and utilizing emergence instances for less mature assets.

AUSD is a custodial ERC-20 stablecoin backed 1:1 by USD, currently deployed on Ethereum, Avalanche, Sui, and Mantle networks. While token transfers are unrestricted, minting and redemption operations are limited to KYB’d institutional users, with no associated fees. The reserves primarily consist of short-term US T-bills managed by global investment manager VanEck, with State Street serving as custodian. The protocol employs native minting on each chain rather than cross-chain messaging protocols like Chainlink’s CCIP or LayerZero’s OFT. This architecture, combined with permissioned mint/burn mechanisms and whitelisted market makers, creates a native bridging solution, though it introduces additional challenges in terms of transparency and oversight.

Our initial review highlighted concerns regarding the limited public information about Agora’s legal structure, corporate governance, and inter-entity relationships. However, the team has been responsive in addressing these through ongoing dialogue. Agora operates through a multi-entity structure for minting, redemption, and reserve management, with operations partially based in the BVI and funds segregated via Delaware Statutory Trust. According to Agora’s legal analysis, its entities and activities fall outside the scope of BVI’s virtual assets legislation or any other regulatory framework. Monthly attestations are provided, with PWC audits reportedly planned for 2025. Implementing the foreseen Proof of Reserves, currently in the works by @ChaosLabs, would enhance protocol security, especially if enforced for minting.

Our review found that Agora’s documentation lacks sufficient information in several aspects. There is a notable absence of details regarding tokenomics, oracle/price feed sources, analytics, and token transferability restrictions. Most importantly, our audit of AUSD access controls revealed that all roles are assigned to EOAs, contradicting the system configuration documented on GitHub, which specified multisigs, guardians, and timelocks. Upon further inquiry, Agora confirmed these addresses are controlled by Multi-Party Computation (MPC), while the timelock functionality was not implemented, citing regulatory and institutional acceptance as their motivation. Agora considers further operational details highly sensitive. Similar to our StakeStone review (although more details were provided under NDA), the claimed MPC setup - including signers, thresholds, and operational procedures - cannot be independently verified. This creates significant trust assumptions that potential users should carefully consider.

Additionally, the protocol lacks a bug bounty program, though it is planned for the next quarter. While the contract parameterization is relatively straightforward, a bug bounty program is essential for incentivizing the Disclosure of potential issues beyond smart contract vulnerabilities, including parameterization and operational procedures. Should Aave DAO decide to onboard AUSD, Agora is to deploy a bug bounty program within one (1) month, after which we recommend offboarding the asset if this requirement is not met.

While liquidity on Avalanche is satisfactory, primarily in liquidity pools on LFJ (Trader Joe) DEX paired with USDT and USDC, current volumes may be inflated by temporary AVAX incentives from the ongoing BOOST program. This will require continued monitoring. AUSD is not suitable for use as collateral. The main foreseen use case is borrowing to farm LP incentives, and excessive leveraged looping for this purpose should be prevented.

Expand to see our Collateral Risk Assessment

Collateral Risk Assessment

1. Asset Fundamental Characteristics

1.1 Asset

Agora USD (AUSD) is a new stablecoin under the ERC20 standard that aims to provide a digital dollar alternative. It is designed to be a value storage mechanism tied to the US dollar (1:1 backed), facilitating cross-border transactions. After the mainnet debut July 8th, 2024, AUSD was released on Avalanche on August 6th, 2024 (Source: sqrr-research Dune)

Agora positions AUSD as a digital asset with stable value engineered for DeFi integration (e.g., AMMs, lending protocols, and perpetual futures markets) while simultaneously functioning as a value store and efficient exchange medium. A strategic backing from Dragonfly Capital can be considered as an attestation of the protocol’s institutional credibility, while VanEck, an ETF & Mutual Fund manager operative since 1955, has been appointed to oversee the management of Agora’s reserve fund.

AUSD is currently deployed on four networks: Ethereum, Avalanche, Sui, and Mantle.

1.2 Architecture

The minting process involves transferring user fiat currency (USD) to Agora’s designated bank accounts. Funds are verified using unique reference numbers linked to customer accounts, allowing immediate minting. Upon verification, equivalent AUSD tokens are minted and credited to the user’s address.

The user sends AUSD to a unique address associated with their bank account for redemptions. The tokens are burned upon receipt, and USD is transferred from Agora’s reserves to the customer’s registered bank account. Unique redemption addresses are generated for each destination bank account.

Agora’s reserves include traditional currency, cash equivalents, and short-term U.S. Treasury securities. The Agora Reserve Fund invests in overnight repurchase agreements, overnight reverse repurchase agreements, short-dated U.S. Treasury Bills, and cash. A key characteristic of overnight repos is that they are settled the next business day, meaning T+1 duration facilitates speedy redemptions.

The reserves are managed by VanEck, a global investment manager with $118.3 billion in assets under management.


Source: SEC Adviser Info, November 4th, 2024

State Street acts as the custodian and administrator for the Agora Reserve Fund. State Street is a prominent global custody services market player, managing ~$40 trillion in assets under custody and administration.

Agora has retained an independent accounting firm for ongoing oversight, currently utilizing attestation protocols as an interim measure pending the implementation of formal Proof of Reserves (PoR) mechanisms. These attestations are executed monthly by JFDI. Furthermore, PWC has been engaged to conduct comprehensive annual reserve fund audits, with the inaugural audit scheduled for completion within the first half of 2025.

Redemption Assets Reports dated July 2024 and August 2024 assert that the fair value of redemption assets is equal to or greater than AUSD in circulation. The attestations are unaudited and prepared by one of the Agora entities (Agora Blue Ltd).


Source: Agora Attestations, August 31st, 2024

1.3 Tokenomics

Primary access to AUSD is restricted to KYBed institutional participants. The current operational framework executes minting and redemption mechanisms without associated fees.

The economic architecture of Agora is designed with an emphasis on commercial entities as primary participants. The platform’s revenue model is structured around fees derived from AUSD holdings, accessible to stakeholders monthly, with settlement options in either USD or AUSD tokens. This fee distribution mechanism sustains operational infrastructure while facilitating revenue sharing with business partners, establishing a cohesive economic incentive structure.


Source: Agora Medium, November 4th, 2024

2. Market Risk

2.1 Liquidity

The total volume for AUSD over the 30 days is close to $68M. This cumulative value indicates the combined mainnet liquidity of AUSD across Curve, Uniswap V2, and Balancer.

The slippage on Avalanche is minimal (below 0.1%) after fees for a swap of 100,000 AUSD. The slippage for the trade of the same amount on Ethereum is slightly higher (approx. 0.21%), likely due to higher gas fees and potentially more dispersed liquidity across platforms.


Source: Swap DefiLlama, November 7th, 2024


Source: Swap DefiLlama, November 7th, 2024

2.2 Volatility

The AUSD/USDC pair on LFJ (where the most liquidity is concentrated on Avalanche) shows a generally stable trading range close to the $1 peg with minor deviations.


Source: DEX Screener, November 7th, 2024

AUSD/USDT volatility on Merchant Moe (Mantle) was more pronounced in the mid-October period, with multiple brief de-pegs, but has since decreased as liquidity and market depth likely improved.


Source: DEX Screener, November 7th, 2024

2.3 Exchanges

The primary liquidity venue is AUSD/FRAX on Curve with a total liquidity of $4M.

Source: AUSD/FRAX, November 7th, 2024

Other pools available on mainnet:

  • AUSD/USDT (Uniswap V3)
  • USDT/AUSD (Curve)
  • AUSD/USDT (Balancer)

Besides the cited presence on Uniswap, Curve, and Balancer, AUSD is available on Trader Joe’s (LFJ) on Avalanche and Merchant Moe on Mantle.

Source: LFJ

AUSD/USDT pool holds over $1M in AUSD

AUSD/USDC pool maintains around 2M AUSD available for swaps

Source: Merchant Moe

Other DEX integrations: Cetus (Sui), PHARAOH (Avalanche)

2.4 Growth

Initially, AUSD saw significant growth on Ethereum, reaching a supply of around $40M by late July 2024. Afterward, the Ethereum supply stabilized, suggesting a plateau in demand or a strategic allocation cap. AUSD was later launched on Avalanche, with a gradual supply increase to approximately $20M by early August 2024.

Source: TokenTerminal

AUSD saw a rapid increase in cumulative trading volume throughout September, with peaks in daily volumes often above $2M. A strong growth in Trader Joe’s indicates a robust adoption within the Avalanche DeFi ecosystem.

Source: Dune - sqqr

3. Technological Risk

3.1 Smart Contract Risk

Cantina conducted a security review on Agora Dollar EVM. The review identified a couple of low-risk issues, such as:

  • Tokens may get stuck if mistakenly sent to contract addresses without a rescuer mechanism.
  • Token burning cannot be paused, potentially limiting emergency responses.
  • ERC-2612 Permit calls can be front-run, causing a denial of service.

A security assessment of the Agora Dollar Core was conducted by Certora, incl. manual code reviews, and formal verification. The audit identified issues of informational severity but found no critical, high, medium, or low-severity issues.

Bug bounty

Without any public statements or official documentation, we cannot verify the existence of an active bug bounty program.

3.2 Price Feed Risk

Oracles providers rendering services to Agora:

3.3 Dependency Risk

Key architectural elements:

AgoraDollarCore holds the base logic and functionalities.
AgoraDollarAccessControl manages roles and permissions, offering fine-grained access control.
AgoraDollarErc1967Proxy ensures upgradability, allowing the core contract logic to be modified without redeploying the entire contract.

Source: Agora Github

AgoraDollar inherits from AgoraDollarCore gaining access to all core token functionalities.

StorageLib stores for different standards (ERC20, ERC2612, and ERC3009) and manages role-based access. The standards observed are:

  • ERC20: The standard token interface for balance, allowance, and transfer functions.
  • EIP-2612: Allows users to set allowances through an off-chain signed message (by permit()).
  • ERC3009: Allows “transfer with authorization”.
  • EIP-712: Security applicability related to data hashing and domain separation.
  • EIP-1967 Proxy: A proxy standard for contract upgradability.

4. Counterparty Risk

4.1 Governance and Regulatory Risk

According to the explanations given during the temp check regarding the Agora structure and Chaos Labs’s Risk Assessment of AUSD, we can do the following legal entity mapping.

  • Agora Blue Ltd. functions as the primary interface entity, facilitating platform access and executing core operational services, including minting and redemption (pursuant to Terms of Use);
  • Agora Forge Ltd. is in charge of minting AUSD;
  • Agora Olive Ltd handles the redemption flow;
  • Agora Reserve Trust, a Delaware Statutory Trust, holds reserve assets;
  • Agora Reserve Trust, on its own, is a limited partner in the Agora Reserve Fund LP. VanEck actively manages the fund.

Agora team detailed for us that:

  • A separation between minting and redemption entities is made to align with British Virgin Islands (BVI) regulatory requirements.
  • Incorporating a Delaware Statutory Trust is a legal mechanism to establish and maintain bankruptcy remoteness for reserve assets.
  • Agora Reserve Trust is the sole Limited Partner in the Agora Reserve Fund, with VanEck assuming investment management responsibilities.

From the BVI regulatory perspective, stablecoins currently fall outside the explicit definition of “investments” under the Securities and Investment Business Act (SIBA). This regulatory position has been further clarified through recent guidance from the BVI Financial Services Commission (FSC), which exempts payment-focused virtual assets and utility tokens from financial services legislation, provided they solely facilitate the purchase of goods and services.

BVI-incorporated entities engaged in stablecoin-related activities - including issuance, transfer, exchange, or custody services - may trigger registration requirements under the VASP Act, contingent upon the specific nature of their operations. Agora’s legal analysis determined that Agora’s entities and their respective activities do not fall within the scope of regulation under the BVI’s virtual assets legislation or any other regulatory framework.

The minting and redemption mechanisms for AUSD are only accessible to customers who have satisfied Agora’s verification requirements. According to the Terms of Use, mint and redeem rights constitute non-transferable personal contractual entitlements, establishing a direct relationship between the verified customer and the relevant Agora entity. Yet Agora maintains discretionary authority to implement redemption or withdrawal delays when circumstances affecting the underlying reserves warrant such action. Such circumstances may include but are not limited to, situations involving reserve illiquidity, inaccessibility, or impairment.

As detailed in the Risk Disclosure, Agora commits to maintaining a fixed redemption rate of 1 () USD per AUSD token, subject to any applicable fees that may be imposed. The Disclosure extends beyond conventional risk notifications to explicitly address the uninsured nature of the reserve assets. This absence of insurance coverage exposes holders to potential risks including, but not limited to, unexpected value deterioration and regulatory interventions such as governmental freezes or asset seizures.

AUSD maintains strict jurisdictional restrictions, excluding users from the United States and other designated jurisdictions from accessing its services. The platform’s geographical restrictions are primarily, though not exclusively, aligned with the Office of Foreign Assets Control (OFAC) sanctions.

According to Chaos Labs’ assessment, Agora demonstrates diligence in its compliance protocols. The platform has implemented a sophisticated multi-layered compliance infrastructure, leveraging Persona for comprehensive data collection and verification processes. Compliance capabilities are further strengthened by integrating Elliptic and Chainalysis to detect potential sanctions violations, fraudulent activities, and illicit behavior. Agora employs a risk-based approach to customer classification, categorizing business participants into three tiers: low, medium, and high-risk profiles and strictly following the risk tolerance parameters.

4.2 Access Control Risk

The contract uses a role-based access control (RBAC) system facilitated by the AgoraDollarAccessControl library and implemented via StorageLib.

Roles and their permissions:

  • The admin can adjust the proxyAdminAddress to handle contract upgrades and assign or change other roles within the contract.
  • Minter manages the minting of new tokens and controls the circulating supply of AUSD.
  • Burner can reduce the total token supply by burning tokens.
  • Pauser can halt or resume activities like transferring, minting, or freezing accounts, often used as an emergency safeguard.
  • Freezer can freeze or unfreeze specific accounts, temporarily restricting certain accounts from transferring tokens.

Each role also has “pending” counterparts, where the acceptTransferRole function needs to be called for the effective transfer.

Our review found significant discrepancies between Agora’s documented and implemented security architecture. While the system configuration on GitHub specifies Admin Gnosis Safe and Guardian timelock controls, our audit reveals all roles are assigned to EOAs (Externally Owned Accounts) without timelock implementation. Upon inquiry, Agora confirmed these EOAs are controlled by Multi-Party Computation (MPC), citing regulatory and institutional requirements. However, like our StakeStone review, the MPC setup details remain unverifiable, creating material trust assumptions. Below is our audit of AUSD’s on-chain access controls across its deployed chains.

Mainnet

Admin: 0x68898B77EbF7b55dCA8A2e62d6Fd74959a2930e2 (EOA)
Burner: 0x4375170c5Cfb5fa6a72Ce117194394a0E357dC1D (EOA)
Freezer: 0xcF7D2a525057555d7b4816941185b7ae10E94681 (EOA)
Minter: 0x65e28662b0DCD6D89d4652A61FB0896d4F58D7fF (EOA)
Pauser: 0x0b8Dd710f0260F16C0fA4F6a92D72d065E532A25 (EOA)

Avalanche

Admin: 0x68898B77EbF7b55dCA8A2e62d6Fd74959a2930e2 (EOA)
Burner: 0x4375170c5Cfb5fa6a72Ce117194394a0E357dC1D (EOA)
Freezer: not assigned, 0xcF7D2a525057555d7b4816941185b7ae10E94681 (EOA) is pending
Minter: 0x65e28662b0DCD6D89d4652A61FB0896d4F58D7fF (EOA)
Pauser: not assigned

Mantle

Admin: 0x68898B77EbF7b55dCA8A2e62d6Fd74959a2930e2 (EOA)
Burner: 0x4375170c5Cfb5fa6a72Ce117194394a0E357dC1D (EOA)
Freezer: 0xcF7D2a525057555d7b4816941185b7ae10E94681 (EOA)
Minter: 0x65e28662b0DCD6D89d4652A61FB0896d4F58D7fF (EOA)
Pauser: 0x0b8Dd710f0260F16C0fA4F6a92D72d065E532A25 (EOA)

SUI

unaudited

Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.

Aave V3 Specific Parameters

We are withholding parameter recommendations at this time.

Price feed

We recommend using the Chainlink Oracle, which aggregates liquidity sources across multiple chains. While this could create a price dislocation between AUSD on the Avalanche chain and the reported oracle price, it would not create a potential for bad debt as the asset is proposed to be non-collateral.

Disclaimer

This review was independently prepared by LlamaRisk, a community-led non-profit decentralized organization funded in part by the Aave DAO. LlamaRisk is not directly affiliated with the protocol(s) reviewed in this assessment and did not receive any compensation from the protocol(s) or their affiliated entities for this work.

The information provided should not be construed as legal, financial, tax, or professional advice.

2 Likes

The current proposal has been escalated to ARFC Snapshot.

Vote will start tomorrow, we encourage everyone to vote.

After Snapshot monitoring, the current ARFC Snapshot ended recently, reaching both Quorum and YAE as winning option with 675K votes.

Therefore the [ARFC] Onboard AUSD to Aave V3 on Avalanche has PASSED.

Next step will be the publication of an AIP for final enforcement and confirmation of the proposal.

AUSD (Agora) technical analysis


Summary

This is a technical analysis of all the smart contracts of the asset and main dependencies.

Disclosure: This is not an exhaustive security review of the asset like the ones done by the Agora Team, but an analysis from an Aave technical service provider on different aspects we consider critical to review before a new type of listing.
Consequently, like with any security review, this is not an absolute statement that the asset is flawless, only that, in our opinion, we don’t see significant problems with its integration with Aave, apart from different trust points.



Analysis

Agora AUSD is a stablecoin backed by Agora’s Reserves, which consists of traditional currency and cash equivalents, including short-term U.S. Treasury securities.
AUSD is minted and burned by entities with respective roles after a rigorous customer onboarding procedure, ensuring compliance with KYB and AML regulations. It uses the Open stablecoin model, which pays businesses to provide services to Agora AUSD.

For the context of this analysis, our focus has been on the following aspects, critical for the correct and secure integration with Aave:

  • Access control (ownerships, admin roles) and nature of the entities involved.
  • Any miscellaneous aspect of the code we can consider of importance.
  • A recommendation of pricing strategy to be used in the integration asset <> Aave.

General points

  • AUSD has a common architecture across its instances on EVM chains, currently operational on Ethereum mainnet, Avalanche, and Mantle. This analysis will focus on the contracts deployed on Avalanche since the proposed onboarding will be there.
  • The upgradeability admin of the AUSD system is the EOA 0x6889…30e2.
  • For proxies, an extended version of the OZ transparent proxy is used to reduce gas consumption by introducing some ERC20 functions.


Contracts

The following is a non-exhaustive overview of the main smart contracts involved with AUSD.



AUSD

The AUSD is the sole contract of the AUSD system. It’s an upgradable ERC20 contract that enhances user experience by implementing the ERC-3009 for gasless token transfers and the ERC-2612 Permit for approvals via signatures.
The contract also implements role-based access control, where privileged accounts receive a specific role for minting, burning, and freezing AUSD. The extended version of the Transparent proxy introduces some direct ERC20 functions and immutable storage of the implementation address for gas optimization.

Access Control

  • The system implements a 2-step transfer of privileged roles distributed in ADMIN_ROLE, MINTER_ROLE, BURNER_ROLE, PAUSER_ROLE, and FREEZER_ROLE.
    • The ADMIN_ROLE address (EOA 0x6889…30e2) or the current role owner can set/transfer the role by calling the transferRole(role, address) function, which sets a role for the address as pending. The receiver address must call the acceptTransferRole(role) to complete the role transfer.
  • The ADMIN_ROLE can enable/disable the ERC20 functions implemented in the proxy and delegate them to the implementation contract in case of an upgrade. The functions are transfer, transferFrom, transfer with authorization, and receiver with authorization by calling setIsTransferUpgraded(), setIsTransferFromUpgraded(), setIsTransferWithAuthorizationUpgraded(), and setIsReceiveWithAuthorizationUpgraded(), respectively.
  • The MINTER_ROLE address (EOA 0x65e2…d7fF) can mint new AUSD tokens in a batch for multiple users via the batchMint() function.
  • The BURNER_ROLE address (EOA 0x4375…dC1D) can burn AUSD tokens in a batch from multiple users via the batchBurnFrom() function.
  • The FREEZER_ROLE address (currently not assigned) can freeze an address via the freeze(address) function. This disables any AUSD transfers from the given address. The role owner can then unfreeze the address by calling the unfreeze(address) function.
  • The PAUSER_ROLE address (currently not assigned) can pause AUSD actions separately, giving more flexibility. The role can pause/unpause: mint, burn, freeze, transfer, and signatures verification by calling setIsMintPaused, setIsBurnFromPaused, setIsFreezingPaused, setIsTransferPaused, setIsSignatureVerificationPaused, respectively.

Miscellaneous

  • The system has two technical audit reviews by Certora and Cantina Spearbit.
  • Different EOAs currently control several critical parts of the AUSD system, such as mint/burn tokens, upgradability, and management of the roles responsible for different actions. Historically, this approach has been proven to be risky, as it could result in, e.g., unexpected malicious code in an upgrade or unauthorized addresses controlling roles if the private keys get leaked.
    However, we have confirmed with the Agora team that the usage of EOAs is due to the underlying MPC (multi-party-computation) infrastructure securing them, a quite common practice in exchanges, centralized digital assets custodians, and other regulated parties.
    Even if this adds very important centralization and trust assumptions, we believe it is acceptable at this stage, and with the type of listing proposed.

Asset Pricing

Similar to the recommendations of the risk providers, we suggest using the AUSD/USD Chainlink feed through a CAPO stables adapter.



Conclusion

We think AUSD doesn’t have any problem in terms of integration with Aave, and there is no major blocker.