[ARFC] Onboard AUSD to Aave V3 on Avalanche

Governance New Asset
7

AUSD (Agora) technical analysis


Summary

This is a technical analysis of all the smart contracts of the asset and main dependencies.

Disclosure: This is not an exhaustive security review of the asset like the ones done by the Agora Team, but an analysis from an Aave technical service provider on different aspects we consider critical to review before a new type of listing.
Consequently, like with any security review, this is not an absolute statement that the asset is flawless, only that, in our opinion, we don’t see significant problems with its integration with Aave, apart from different trust points.



Analysis

ausd-flow
ausd-flow1829×335 24.8 KB

Agora AUSD is a stablecoin backed by Agora’s Reserves, which consists of traditional currency and cash equivalents, including short-term U.S. Treasury securities.
AUSD is minted and burned by entities with respective roles after a rigorous customer onboarding procedure, ensuring compliance with KYB and AML regulations. It uses the Open stablecoin model, which pays businesses to provide services to Agora AUSD.

For the context of this analysis, our focus has been on the following aspects, critical for the correct and secure integration with Aave:

  • Access control (ownerships, admin roles) and nature of the entities involved.
  • Any miscellaneous aspect of the code we can consider of importance.
  • A recommendation of pricing strategy to be used in the integration asset <> Aave.

General points

  • AUSD has a common architecture across its instances on EVM chains, currently operational on Ethereum mainnet, Avalanche, and Mantle. This analysis will focus on the contracts deployed on Avalanche since the proposed onboarding will be there.
  • The upgradeability admin of the AUSD system is the EOA 0x6889…30e2.
  • For proxies, an extended version of the OZ transparent proxy is used to reduce gas consumption by introducing some ERC20 functions.


Contracts

The following is a non-exhaustive overview of the main smart contracts involved with AUSD.


ausd-architecture
ausd-architecture1414×883 84.6 KB


AUSD

The AUSD is the sole contract of the AUSD system. It’s an upgradable ERC20 contract that enhances user experience by implementing the ERC-3009 for gasless token transfers and the ERC-2612 Permit for approvals via signatures.
The contract also implements role-based access control, where privileged accounts receive a specific role for minting, burning, and freezing AUSD. The extended version of the Transparent proxy introduces some direct ERC20 functions and immutable storage of the implementation address for gas optimization.

Access Control

  • The system implements a 2-step transfer of privileged roles distributed in ADMIN_ROLE, MINTER_ROLE, BURNER_ROLE, PAUSER_ROLE, and FREEZER_ROLE.
    • The ADMIN_ROLE address (EOA 0x6889…30e2) or the current role owner can set/transfer the role by calling the transferRole(role, address) function, which sets a role for the address as pending. The receiver address must call the acceptTransferRole(role) to complete the role transfer.
  • The ADMIN_ROLE can enable/disable the ERC20 functions implemented in the proxy and delegate them to the implementation contract in case of an upgrade. The functions are transfer, transferFrom, transfer with authorization, and receiver with authorization by calling setIsTransferUpgraded(), setIsTransferFromUpgraded(), setIsTransferWithAuthorizationUpgraded(), and setIsReceiveWithAuthorizationUpgraded(), respectively.
  • The MINTER_ROLE address (EOA 0x65e2…d7fF) can mint new AUSD tokens in a batch for multiple users via the batchMint() function.
  • The BURNER_ROLE address (EOA 0x4375…dC1D) can burn AUSD tokens in a batch from multiple users via the batchBurnFrom() function.
  • The FREEZER_ROLE address (currently not assigned) can freeze an address via the freeze(address) function. This disables any AUSD transfers from the given address. The role owner can then unfreeze the address by calling the unfreeze(address) function.
  • The PAUSER_ROLE address (currently not assigned) can pause AUSD actions separately, giving more flexibility. The role can pause/unpause: mint, burn, freeze, transfer, and signatures verification by calling setIsMintPaused, setIsBurnFromPaused, setIsFreezingPaused, setIsTransferPaused, setIsSignatureVerificationPaused, respectively.

Miscellaneous

  • The system has two technical audit reviews by Certora and Cantina Spearbit.
  • Different EOAs currently control several critical parts of the AUSD system, such as mint/burn tokens, upgradability, and management of the roles responsible for different actions. Historically, this approach has been proven to be risky, as it could result in, e.g., unexpected malicious code in an upgrade or unauthorized addresses controlling roles if the private keys get leaked.
    However, we have confirmed with the Agora team that the usage of EOAs is due to the underlying MPC (multi-party-computation) infrastructure securing them, a quite common practice in exchanges, centralized digital assets custodians, and other regulated parties.
    Even if this adds very important centralization and trust assumptions, we believe it is acceptable at this stage, and with the type of listing proposed.

Asset Pricing

Similar to the recommendations of the risk providers, we suggest using the AUSD/USD Chainlink feed through a CAPO stables adapter.



Conclusion

We think AUSD doesn’t have any problem in terms of integration with Aave, and there is no major blocker.