Summary
LlamaRisk preliminarily supports the onboarding of cirBTC to Aave V3 Ethereum Core and Aave V4 Core Hub, contingent upon the successful bootstrapping of sufficient market liquidity. cirBTC is a Bitcoin wrapper issued by Circle and backed 1:1 by native BTC held in custody by Circle’s regulated affiliate. Minting and redemption are permissioned to verified Circle Mint customers, with cirBTC currently issued natively on Ethereum and Arc. Future cross-chain transfers are expected to be facilitated through Circle’s Cross-Chain Transfer Protocol (CCTP), although support for cirBTC is not yet live.
As of June 18, 2026, the total cirBTC supply is approximately 0.0098 cirBTC, reflecting the asset’s very early launch stage. No meaningful circulating supply exists outside of Circle-controlled addresses, and no liquidity has been deployed on decentralized exchanges. Additional concerns include reliance on centralized admin and owner EOAs (MPC usage unverified) instead of multisigs, the lack of a timelock on cirBTC contract upgrades, and a relatively low maximum bug bounty payout of $5K for critical severity findings.
LlamaRisk will update this assessment following further clarifications from Circle and evaluate the asset’s alignment with the proposed Aave Risk Framework accordingly. Recommended caps and risk parameters for cirBTC will be published once the circulating supply increases and liquidity is sufficiently established.
1. Asset Fundamental Characteristics
1.1 Asset
cirBTC (Circle Wrapped Bitcoin) is an ERC-20 token backed 1:1 by native BTC held in custody at Circle. It is issued by Circle International Bermuda Limited (CIBL), the same Circle affiliate structure behind USDC. The asset is a wrapped representation of Bitcoin with its value derived entirely from the underlying BTC reserve and the 1:1 BTC redemption rights available to eligible, verified customers.
The Ethereum cirBTC contract was deployed on April 2, 2026, and has a negligible total supply of roughly 0.0098 cirBTC across a handful of small mints, indicating the asset is in an early launch. Circle has stated that BTC reserves will be verifiable through a planned Chainlink Proof of Reserve integration, which is expected to provide on-chain attestations of the BTC held across Circle’s hot and cold custody wallets.
1.2 Architecture
cirBTC is built on Circle’s FiatTokenV2_2 smart contract architecture, the same contract system used for USDC and EURC. cirBTC minting and burning are permissioned and restricted to verified Circle Mint customers who have completed KYC/AML requirements, while the token “can be transferred as a standard ERC-20” once minted.
Circle Mint
Circle Mint is an enterprise-grade platform that enables institutions to directly mint and redeem cirBTC, alongside USDC and EURC, with no spreads or Circle-imposed per-transaction fees. Designed for businesses and institutional distributors, Circle Mint supports high-volume issuance and redemption through a rigorous onboarding process. It is not available to retail consumers or individuals seeking personal-use access to cirBTC.
Minting/Burning
The mint-and-burn flow ties the on-chain supply to the off-chain reserve. To mint, a Circle Mint customer sends BTC to a Circle-provided deposit address. Once the deposit is confirmed, the BTC is moved to Circle’s reserve, and an equivalent amount of cirBTC is minted on-chain and credited to the customer. To redeem, the cirBTC is burned on-chain, the corresponding BTC is released from the reserve, and the BTC is sent to the customer’s Bitcoin address.
On-chain mint allowances are managed by a MasterMinter contract that configures Minter roles and their on-chain allowance limits. At review, a single Minter EOA address has a current allowance of approximately 0.00065 cirBTC, consistent with the early-stage supply observed.
Fees
While Circle does not charge minting or redemption fees, customers are responsible for applicable blockchain network fees. Minting and redemption may also be subject to account limits and compliance review.
Bridging Risk
cirBTC is natively issued on Ethereum and Arc. Expansion to additional blockchain networks is expected to be facilitated by Circle’s Cross-Chain Transfer Protocol (CCTP). Although cirBTC is not currently supported by CCTP, integration is planned for the future.
CCTP is a burn-and-mint protocol. Rather than locking a token on a home chain and minting a wrapped representation elsewhere, it burns the native token on the source chain and mints an equal amount of the same native token on the destination chain, so every unit remains canonical, and there is no escrow contract holding bridged collateral. The contracts are open source in Circle’s evm-cctp-contracts repository.
The mechanism runs across three contract roles per chain. The TokenMessenger exposes depositForBurn, which pulls the user’s tokens and calls the TokenMinter to burn them, while the TokenController, which it inherits, enforces a per-message burn limit and holds the registry that pairs each local token with its counterpart token on each remote domain, assuming a 1:1 fungible exchange. The MessageTransmitter then emits the cross-chain message. On the destination chain, the relationship is reversed: a caller submits the message and Circle’s signed attestation to the destination MessageTransmitter, which verifies the attestation before the TokenMessenger instructs the destination TokenMinter to mint the equivalent amount of the native token to the recipient. The TokenMinter accepts only mint and burn calls from the registered local TokenMessenger, keeping issuance bounded to the protocol path.
Source: Circle Docs
The trust anchor for CCTP is Iris, Circle’s off-chain Attestation Service, rather than an independent validator or an oracle network. After a burn, Circle’s attesters observe the source-chain event and produce a signature that the destination MessageTransmitter checks against an on-chain attester set using an m-of-n threshold. The V2 MessageTransmitter enforces a 2-of-2 attester threshold. These attesters (att1, att2) can be modified by the attesterManager role. This threshold is below the minimum verifier set size of three recommended under the proposed Aave Risk Framework. Accordingly, we recommend increasing the enabled attester count to at least three participants.
The security consequence for CCTP is that cross-chain integrity would rest on the same single-issuer trust model as the token itself. A compromise of Circle’s attester keys could authorize a mint on a destination chain that is not backed by a real burn.
1.3 Tokenomics
The total supply of cirBTC is not fixed, and only Circle is authorized to issue new tokens. 8 unique addresses hold cirBTC on Ethereum.
1.3.1 Token Holder Concentration
As of June 18, 2026, Circle’s EOA holds approximately 96.75% of the total cirBTC supply, which stands at just 0.0095 cirBTC (about $607), highlighting the token’s very early stage of issuance and circulation.
2. Market Risk
cirBTC is currently in its initial launch phase, with a total supply of just 0.0098 cirBTC on the Ethereum Mainnet. As a result, no liquidity has yet been deployed on decentralized exchanges. Circle has indicated in the whitepaper that cirBTC/USDC and cirBTC/WBTC liquidity pairs will be introduced in the future to support price discovery and liquidation mechanisms. Similar to USDC and EURC, cirBTC may also become available on major centralized exchanges as adoption grows. Once liquidity is established and the circulating supply increases, we intend to publish an addendum assessing appropriate supply and borrow caps, as well as recommended Aave V3 and V4 market parameters for the asset.
3. Technological Risk
3.1 Smart Contract Risk
cirBTC inherits the smart contract risk profile of Circle’s FiatTokenV2_2 architecture. This codebase is battle-tested, having secured USDC and EURC tokens that are widely used across many chains. The source is open and maintained by Circle in the circlefin/stablecoin-evm repository.
When Circle introduced the v2.2 upgrade, the changeset underwent an independent audit by Halborn, a third-party blockchain security firm. However, we could not locate any of these audits publicly.
3.2 Bug Bounty Program
Circle has had a Bug Bounty Program live on HackerOne since May 2024, with the top bounty set at $5,000 for a critical-severity finding, which is relatively low given the TVL of USDC and EURC. The contracts in the scope can be found here.
3.3 Price Feed Risk
cirBTC has no protocol-enforced peg. Its on-chain price “will be determined by individual markets” rather than maintained by Circle, and the link between that price and BTC is the 1:1 redemption right. Because redemption is restricted to verified Circle Mint customers, the arbitrage that normally keeps a wrapper at par, buying the token at a discount and redeeming it for the underlying BTC, is available only to that permissioned set. If cirBTC trades below the value of its BTC backing, holders who cannot redeem have no direct way to close the gap, so the market price can, in theory, deviate from the BTC backing.
That said, each cirBTC is backed by and redeemable for native BTC at a 1:1 ratio, so its value is anchored to BTC rather than to a market of its own. Consistent with the standard pricing approach for other BTC-wrapped assets on Aave, we recommend pricing cirBTC using Chainlink’s BTC/USD feed to avoid volatility from a secondary market price feed.
3.4 Dependency Risk
Circle Infrastructure
cirBTC concentrates several dependencies in a single issuer and a small set of external systems. The most significant is Circle itself. Circle controls minting and burning, holds the BTC reserve in its in-house custody with no third-party qualified custodian, operates the Circle Mint distribution platform through which redemptions are processed, and plans future cross-chain support through CCTP. Circle also holds every privileged contract role, including the Proxy Admin, which can upgrade the implementation. Therefore, a failure or compromise at Circle affects reserve, redemption, and contract control.
Bitcoin Network
cirBTC depends on the Bitcoin network for the deposit and withdrawal legs of minting and redemption, where congestion, fee spikes, or protocol changes can affect the speed or cost of those operations.
4. Counterparty Risk
4.1 Governance and Regulatory Risk
cirBTC is issued by Circle International Bermuda Limited (CIBL), described in the whitepaper as “a regulated entity within Circle’s corporate structure” and on the product page as “a Class F Digital Asset Business licensed and regulated by the Bermuda Monetary Authority.” BTC reserves are held by the Bermuda entity prior to minting “in accordance with the applicable regulatory framework for digital asset issuance.” Distribution (Circle Mint) is provided by Circle Internet Financial, LLC (NMLS #1201441), the US-regulated affiliate that holds the New York BitLicense and money-transmitter authorization.
Each cirBTC is fungible 1:1 with a dedicated reserve of native BTC held at Circle. The whitepaper states the BTC is “held in custody at Circle’s regulated affiliate, held for the exclusive benefit of cirBTC holders and legally segregated from Circle’s corporate assets,” stored in “air-gapped cold storage vaults, with no reliance on third-party custodians.” Reserves are split between cold storage (geographically separated, encrypted, multi-approval) and hot wallets for operational responsiveness. Administrative actions require “the cryptographic consensus of multiple individuals across different functions,” with no single individual in control.
All custody is in-house at Circle - there is no third-party qualified custodian and therefore no custodian diversification; the whitepaper itself lists custody risk (operational failure, key compromise, physical breach) as a residual risk. Further, the whitepaper does not contain an explicit covenant that reserve BTC will never be lent, staked, or rehypothecated. No such use is disclosed, and none is implied, while there is no yield feature of the asset.
Minting and burning are documented and permissioned. A Circle Mint customer deposits BTC to a Circle-provided address; on confirmation, the BTC moves to Circle’s reserve, and an equivalent cirBTC is minted. Redemption reverses this: cirBTC is burned on-chain, and the corresponding BTC is released from the reserve to the customer’s Bitcoin address.
The redemption right is permissioned: minting and burning are “restricted to verified Circle Mint customers who have completed KYC/AML requirements,” while the token “can be transferred as a standard ERC-20” once minted. The whitepaper’s own “External Price Risk” section confirms cirBTC is “not pegged or in any other way maintained by Circle beyond the 1:1 BTC redemption rights available to eligible, verified customers.” For collateral use in lending protocols, this means par convertibility is not guaranteed to all holders, and the Pauser role can halt mint/burn entirely.
4.2 Access Control Risk
4.2.1 Contract Modification Options
The following contracts power the cirBTC architecture on Ethereum:
- cirBTC: Upgradeable ERC20 contract deployed behind FiatTokenProxy, which serves as a proxy to route function calls to the implementation contract and is owned by an EOA.
- Implementation Contract: Deployed behind FiatTokenV2_2, which implements the core logic for FiatToken functionality.
Circle uses a role-based access control mechanism for cirBTC contracts, and the controlling wallets are as follows:
| Controlling Wallet |
Role |
Functionality |
| EOA 1 |
owner |
Re-assign any role except for admin. |
| EOA 2 |
admin |
Manage proxy-level functionalities. |
| EOA 3 |
pauser |
Pause the contracts, preventing all transfers, minting, and burning. |
| EOA 4 |
blacklister |
Prevent transfers to/from an address and prevent it from minting/burning. |
| EOA 5, owner of the masterMinter contract |
masterMinter |
Add/remove minters and increase their minting allowance. |
| One permissioned address, Minter EOA-1 |
minters |
Create/destroy tokens. |
| Unassigned |
rescuer |
Transfer any ERC-20 token locked in the contract. |
Here is a list of sensitive functions exposed by these contracts:
- mint/burn: Authorized entities, referred to as
minters, are permitted to mint and burn tokens. These entities are affiliated with Circle and undergo a thorough vetting process before being granted the ability to mint new tokens. masterMinter adds new minters via the configureMinter method, each with a specified minterAllowance configured by Circle. The following are the permissioned minters approved by Circle, with their respective mint limits:
- pause: The ability to pause or unpause the contract is restricted to the
pauser role, which Circle controls. When the contract is paused, all transfers, minting, burning, and adding new minters are disabled. However, operations such as modifying the blacklist, removing minters, changing roles, and performing contract upgrades remain functional.
- blacklist: Circle can blacklist an address through the
blacklister role, and such an address cannot transfer assets in any way.
4.2.2 Timelock Duration and Function
There is no timelock configured on the cirBTC contract upgrades.
4.2.3 Multisig Threshold / Signer identity
The cirBTC token contract is controlled by owner EOA 1 and admin EOA 2. While these may be MPC wallets, their status could not be independently verified.
Note: This assessment follows the LLR-Aave Framework, a comprehensive methodology for asset onboarding and parameterization in Aave V3. This framework is continuously updated and available here.
Price feed Recommendation
We recommend using Chainlink’s BTC/USD feed to price cirBTC on Aave V3 Core and V4 Core.
Disclaimer
This review was independently prepared by LlamaRisk, a DeFi risk service provider funded in part by the Aave DAO. LlamaRisk is not directly affiliated with the protocol(s) reviewed in this assessment and did not receive any compensation from the protocol(s) or their affiliated entities for this work.
The information provided should not be construed as legal, financial, tax, or professional advice.
