[Asset Technical Assessment] USDC on Aave V3 Monad
Author: Aave Labs
Date: 2026-06-30
Summary
Technical assessment of USDC (USD Coin) for onboarding to Aave V3 Monad, following the Technical Asset Listing Framework.
Overall result:
MEDIUM ![]()
USDC on Monad is the genuine, native Circle stablecoin: the deployed code is byte-for-byte the audited FiatTokenV2_2, a live Chainlink USDC/USD feed is present and fresh, and the only cross-chain inflow is Circle’s Cross-Chain Transfer Protocol (CCTP V2), a correctly wired burn-and-mint route with no under-collateralised escrow. The asset is functionally sound. The principal consideration is that the most powerful authorities (the upgrade key, the minting authority, the pauser, the blacklister, and the equivalent CCTP roles) are concentrated in single Circle-controlled accounts with no on-chain timelock, which is Circle’s standard, by-design operating posture for a centrally issued, fully reserved fiat stablecoin.
Listing Recommendation
From a technical standpoint, USDC on Aave V3 Monad is technically eligible for listing, with conditions. Circle controls minting, burning, pausing, blacklisting, and contract upgrades through its own key management, which is the standard managed-control posture for this asset class. Two non-blocking recommendations to the issuer are noted: (a) migrate the upgrade authority and the other critical roles behind an on-chain timelock or multisig as a hardening measure to revisit as exposure to the asset grows; and (b) adapt and reduce the per-minter mint allowances to the asset’s circulating supply on each chain. Neither is a blocker for an initial listing.
Asset under review
| Field | Value |
|---|---|
| Asset | USD Coin (USDC) |
| Target chain | Monad (chain ID 143) |
| Target market | Aave V3 Monad |
| Token contract | 0x754704Bc059F8C67012fEd69BC8A327a5aafb603 |
| Native to target chain? | Yes. Native Circle issuance; new supply arrives through Circle’s own minting and through Circle’s CCTP V2, with no third-party bridge wrapper. |
| AAcA classification | Stablecoin (fiat-backed) |
USDC is Circle’s fully reserved, US-dollar-pegged stablecoin. On Monad it is the standard Circle FiatTokenV2_2 contract, an upgradeable token through which Circle controls minting, burning, pausing, blacklisting, and upgrades. Its value is anchored to $1.00 and backed by Circle’s off-chain reserves, with the on-chain token representing a claim on those reserves.
0. Pre-screening
USDC is deployed on Monad at 0x754704Bc…b603 as an upgradeable proxy, with the implementation at 0xbd520ea8…800b6d. The on-chain identity reads as a genuine Circle FiatToken (name and symbol USDC, six decimals, currency USD) and falls in the fiat-backed stablecoin class, which is not a non-approved or sanctioned category. A single canonical USDC address exists on Monad, with no competing native or bridged variant. The deployed implementation runtime bytecode is byte-identical to Circle’s audited FiatTokenV2_2, so there is no implementation rotation away from the audited version to track.
Rating:
GOOD ![]()
1. ERC20 Compliance
USDC on Monad is Circle’s FiatTokenV2_2 with six decimals: transfer() and transferFrom() return bool, with no fee on transfer, no rebasing, no ERC777 or ERC1363 hooks, and no flash mint. The only transfer restriction is Circle’s blacklist, which blocks named accounts rather than smart contracts generally, so contracts can otherwise hold and transfer the token freely. Six decimals sits within Aave’s accepted band and needs no precision adjustment.
Rating:
GOOD ![]()
2. Oracle
A live Chainlink USDC/USD feed exists on Monad with 8 decimals and a 1-hour heartbeat. At review the feed was fresh, with the latest answer well inside its heartbeat, so the price reference is usable for parameterisation.
Rating:
GOOD ![]()
3. Access Control
USDC follows Circle’s standard Ownable and role-setter pattern, with the token owner able to rotate the master-minter, pauser, and blacklister roles. The upgrade authority (the proxy admin), the token owner, the master-minter owner, the pauser, and the blacklister are each single externally owned accounts (EOAs) with no multisig and no on-chain timelock between the key and the action. There is no global supply cap: minting runs through a configured set of minters, most of which are single Circle-controlled accounts rather than contracts, each drawing down a per-minter allowance, and on Monad the active minting to date has been performed directly by one such Circle-controlled account against a standing allowance; the authority to grant and raise those allowances traces back to these single keys. The blacklister role is actively exercised as part of Circle’s standard compliance program. Burning is constrained to a minter’s own balance, so no key can burn tokens from an arbitrary account.
Rating:
MEDIUM
→ minting, pausing, blacklisting, and upgrade authority are concentrated in single Circle-controlled accounts with no on-chain timelock, Circle’s standard managed-control posture for this asset class.
4. Exchange Rate and Yield
Not applicable. USDC is a non-yield-bearing fiat stablecoin, pegged 1:1 to the US dollar and backed by Circle’s off-chain reserves. It does not rebase, exposes no exchange rate to manipulate, and carries no redemption queue on-chain.
Rating:
N/A ![]()
5. Token Architecture
USDC on Monad is a single canonical deployment, with no migration contract or duplicate entry point affecting the same supply. Supply changes only through the configured minter set and is observable through standard Mint, Burn, and Transfer events. The token logic contains no tx.origin authorization and no delegatecall beyond the proxy’s standard forwarding to its implementation, and every privileged function carries an explicit access-control modifier.
Rating:
GOOD ![]()
6. Bridge and Cross-Chain Risk
The only cross-chain inflow into Monad supply is Circle’s CCTP V2, a burn-and-mint design with no escrow or lockbox: USDC is burned on a source chain and an equal amount minted on Monad, so there is no pooled collateral that could become under-collateralised. The full bridge framework was applied, and no other bridge route (no LayerZero, CCIP, Wormhole, Hyperlane, or Axelar) mints this token. CCTP V2 is the only cross-chain mint path, though on Monad to date supply has been created by Circle’s own direct minting rather than through the CCTP TokenMinterV2, which is configured but has not yet minted on Monad. The route is correctly and reciprocally wired between Monad and Ethereum, uses the canonical CCTP V2 contracts, carries a non-zero per-message burn cap, and verifies cross-chain messages with a 2-of-2 Circle attester set. As with the token itself, every administrative role across the CCTP contracts is a single Circle-controlled account, so the cross-chain path rests on Circle’s key management rather than an independent on-chain check.
Rating:
MEDIUM
→ the route is mechanically sound, but all CCTP administrative authorities are single Circle-controlled accounts with no on-chain timelock, consistent with Circle’s single-issuer model.
7. Audit and Security History
The deployed Monad implementation runtime bytecode is byte-identical to Circle’s audited FiatTokenV2_2, differing only in a per-deployment linked-library address and the trailing metadata hash, so there is no logic difference from the audited version. The most recent code change to this implementation line, the v2.2 changeset, was audited by Halborn, and USDC is one of the most widely deployed stablecoin contracts in production with no disclosed exploit and a public bug bounty. The CCTP V2 contracts were audited by ChainSecurity, with additional reviews attributed to OtterSec, Halborn, and Zellic, and no CCTP exploit has been disclosed in production. There is no post-audit logic rotation on Monad.
Rating:
GOOD ![]()
8. Dependencies
USDC relies on Circle’s CCTP V2 for the cross-chain mint path, the Chainlink USDC/USD feed for valuation, and Circle’s off-chain reserves as the ultimate backing. CCTP is production Circle infrastructure, correctly wired and audited, and the price feed is independently verified and live. The reserve adequacy behind the peg is attested off-chain and cannot be verified through on-chain reads, which is the inherent dependency of any fiat-backed stablecoin. USDC is not staked or restaked and has no slashing or withdrawal-queue exposure.
Rating:
MEDIUM
→ dependencies are production-grade and correctly wired, but the CCTP administrative authorities are single Circle-controlled accounts and the reserve backing is attested off-chain rather than verifiable on-chain.
9. Summary
Findings table
| Area | Key finding | Rating |
|---|---|---|
| 0. Pre-screening | Single canonical Circle USDC at 0x754704Bc…b603; fiat-backed stablecoin class; deployed implementation byte-identical to audited FiatTokenV2_2, no rotation. |
Good |
| 1. ERC20 | Circle FiatTokenV2_2 with six decimals; returns bool, no fee on transfer, no rebase, no hooks, no flash mint; only restriction is the blacklist. |
Good |
| 2. Oracle | Live, fresh Chainlink USDC/USD feed (eight decimals, 1-hour heartbeat). | Good |
| 3. Access control | Upgrade, minting, pause, and blacklist authority concentrated in single Circle-controlled accounts with no on-chain timelock; most minters are accounts rather than contracts and active minting is by a single Circle-controlled account; blacklist actively used; no global supply cap; burn is self-only. | Medium |
| 4. Exchange rate / yield | Not yield-bearing; 1:1 fiat peg backed by Circle’s off-chain reserves; no exchange rate, no on-chain redemption queue. | N/A |
| 5. Token architecture | Single canonical deployment; standard supply mechanics with standard events; no tx.origin, no delegatecall beyond proxy forwarding; access-controlled privileged functions. |
Good |
| 6. Bridge and cross-chain | Circle CCTP V2 burn-and-mint, no escrow; correctly and reciprocally wired, 2-of-2 Circle attesters; CCTP minter configured but not yet used on Monad (supply minted directly by Circle); all CCTP admin authorities single Circle-controlled accounts. | Medium |
| 7. Audit and security | Deployed bytecode byte-identical to audited FiatTokenV2_2 (Halborn); CCTP V2 audited by ChainSecurity and others; no disclosed exploit; no post-audit rotation. |
Good |
| 8. Dependencies | CCTP V2 and Chainlink feed, both production-grade; CCTP admin authorities are single Circle-controlled accounts; reserve backing attested off-chain. | Medium |
Disclaimer
Aave Labs has no formal or informal affiliation with Circle or the USDC issuer beyond this technical assessment. Aave Labs has not been compensated by Circle or any related party in connection with this work.
Copyright
Copyright and related rights waived via CC0.