GHO
About
GHO is a decentralised, over-collateralised stablecoin native to the Aave Protocol, pegged to the US Dollar and governed by the Aave DAO. Users can mint GHO by supplying approved collateral assets into Aave V3 on Ethereum and borrowing GHO against them, while continuing to earn interest on their supplied collateral. The stablecoin operates through a facilitator model with governance-defined mint caps, and is available across multiple networks via Chainlink CCIP bridging.
Where Does Yield Come From?
GHO is a stablecoin (a digital token meant to stay equal to 1 US dollar) that runs on the Aave protocol. It is managed by the Aave DAO, a community-led governing body. Below are the ways GHO generates or handles yield.
1. Minting (borrowing) GHO on Aave V3
Users can put up approved assets (like ETH or USDC) as collateral in Aave V3 and borrow GHO against them. Unlike normal borrowing on Aave, GHO is created on the spot when you borrow — it is not taken from a pool of existing tokens. Users still earn interest on the collateral they supplied. How much you can mint depends on how much collateral you put in and a mint cap (a limit set by the DAO).
2. Borrow interest goes to the DAO treasury
The big difference from other Aave assets: 100% of the interest paid by GHO borrowers goes to the Aave DAO treasury, not to lenders or suppliers. The DAO sets the GHO borrowing rate. A group called the GHO Stewards (a 3-out-of-4 multisig managed by Aave Chan Initiative, Chaos Labs, TokenLogic, and karpatkey) can tweak the rate up or down by at most 5% every 2 days. The rate can never go above 25% per year. These adjustments are guided by whether GHO's price is staying close to 1 dollar.
3. Savings GHO (sGHO)
Holders of GHO can deposit it into the sGHO contract (think of it as a savings vault). Over time, depositors earn rewards paid in GHO through the Merit program (distributed via a platform called Merkl). There is no waiting period to withdraw, no risk of losing your deposited GHO (no slashing), and your funds are not lent out to anyone else. Rewards are claimed separately from your sGHO balance.
4. Peg Stability Module (GSM)
The GSM lets people swap GHO for other approved stablecoins (like USDC or USDT) at a fixed 1-to-1 rate. Each GSM instance charges a small fee on conversions, and that fee goes to the Aave DAO treasury. The GSM includes a price strategy (initially fixed at 1:1), a cap on how much of the outside stablecoin it can hold (exposure cap), and an emergency freeze system that pauses conversions if prices move outside safe bounds set by the DAO.
5. Flash Mint (GhoFlashMinter)
This is like a flash loan but for GHO — a user can mint and burn GHO within a single blockchain transaction, paying a fee. It is used for quick operations like liquidations, switching debt positions, or arbitrage (profit from price differences). It does not borrow from Aave's main pool.
6. Liquidations
If a GHO borrower's health factor drops below 1 (meaning their collateral is not worth enough anymore), their position can be liquidated. Liquidators repay the borrower's GHO debt and receive the borrower's collateral plus a bonus. Up to 100% of the GHO debt can be repaid in a single liquidation.
7. Cross-chain via Chainlink CCIP
GHO minted on Ethereum can be bridged to other blockchains (Arbitrum, Base, Avalanche, Gnosis, and Mantle). The bridging works by locking or burning GHO on one chain and releasing or minting it on the other. Each destination chain has its own CCIP facilitator with a separate mint cap set by the DAO.
Persons
Stani Kulechov
Aave Labs CEO
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
OpenZeppelin11-07-2022 - 27-07-2022 |
| The audit found two medium-severity issues concerning GHO's peg stabilization mechanics and a recursive loan dependency, both unresolved at the time; the remaining findings were informational best-practice recommendations, with over half subsequently fixed. |
OpenZeppelin18-10-2022 - 24-10-2022 |
| The audit found no critical or high-severity issues, with the sole medium-severity finding (discount lock period bypass) acknowledged but unresolved by the Aave team, leaving a known design risk in the GHO discount mechanism; all other findings were low-severity or informational and largely acknowledged without code changes, indicating moderate residual risk that is partially mitigated by governance controls. |
ABDK (ABDK Consulting)01-03-2023 |
| No critical issues were found; all 2 Major issues that posed operational risk were fixed, and the remaining 4 active Major issues were acknowledged/info-level design preferences, so the audit indicates the GHO codebase was in a reasonable security posture at the time of review. |
Certora30-01-2023 - 28-02-2023 |
| The formal verification confirmed that all GHO smart contracts satisfy their specifications after the three Low-severity issues were corrected, with no Critical, High, or Medium vulnerabilities found — indicating the protocol's design is sound at the formal verification level, though the scope is limited to the properties specified and real-world deployment risks remain outside this analysis. |
Sigma Prime06-07-2023 |
| The single High-severity issue (interest mis-accounting on behalf-of repayments) was resolved, and all Low/Informational items were either fixed or acknowledged, indicating that the core GHO smart contracts passed review with no unresolved critical or medium risks. |
Sigma Prime13-06-2023 |
| The Gho Steward contract passed its Sigma Prime review with only two informational-level findings, both of which were acknowledged and resolved or closed; no security vulnerabilities of critical, high, medium, or low severity were identified, indicating the contract was in a sound security posture at the time of review. |
Emanuele Ricci (StErMi)11-09-2023 - 20-09-2023 |
| The audit identified four medium-severity issues, none critical or high, with the most impactful risks (fund loss from zero-address treasury initialization) having been fixed; the remaining acknowledged items are mitigated by DAO governance review and deployment safeguards, making the GSM contracts reasonably safe for their intended use with appropriate governance oversight. |
Sigma Prime23-10-2023 |
| The audit found no critical or high-severity vulnerabilities, with the single medium-severity risk (depeg-based value extraction) mitigated by the OracleSwapFreezer mechanism and DAO-monitored exposure caps; all remaining low-severity and informational items were addressed or acknowledged, supporting the safety of the GHO Stability Module deployment. |
Certora09-08-2023 - 07-12-2023 |
| The formal verification identified 12 informational-severity issues involving rounding and fee inconsistencies, all of which were promptly remediated, with no critical or high-severity vulnerabilities found across the GSM contracts. |
Certora03-03-2024 - 14-03-2024 |
| The audit found no bugs or vulnerabilities in the GhoStewardV2 contract, with all formal verification rules passing. The protocol's parameter change controls appear sound under the verified specification, though the disclaimer notes the guarantees are scoped to the provided specification only. |
Certora08-05-2024 - 11-06-2024 |
| The audit found no critical, high, medium, or low severity vulnerabilities, confirming that the upgradeability aspects of the GHO token contracts are secure; the single informational finding (deprecated function call) was promptly fixed by the protocol team. |
Certora15-09-2024 |
| The audit identified only low-severity and informational issues, all of which were fixed, and formal verification rules passed, indicating the Modular Gho Stewards contracts are well-secured with no residual high-risk concerns. |
Certora07-07-2025 - 15-07-2025 |
| All three discovered vulnerabilities (1 high, 1 medium, 1 low) were confirmed and subsequently fixed, and the audit validated that core invariants, facilitator credit caps, and trust boundaries hold under both normal and adversarial conditions. |
Certora03-09-2025 - 08-09-2025 |
| The sGHO ERC4626 vault audit by Certora found no Critical, High, or Medium severity issues, with only one acknowledged Low-severity DoS vector and one Informational finding that was already fixed, indicating a well-scoped and sound codebase. |
Backers
No investor or backer information was found for GHO on its official website (gho.xyz). GHO is a decentralised stablecoin native to the Aave Protocol, minted through the Aave Protocol and governed by the Aave DAO. As a protocol-native asset rather than a separately funded venture project, GHO does not have disclosed venture capital investors, funding rounds, or backers. The Aave Protocol (from which GHO originates) was originally developed by Aave Labs (formerly ETHLend), but no specific investment rounds or backers for the GHO stablecoin itself are documented on any of the official gho.xyz or aave.com pages visited.
Legal
Legal form
Not explicitly disclosed on official sources (Aave Labs is the named entity, but its corporate form — e.g. Ltd, LLC, Foundation — is not stated in any of the Terms of Service, Privacy Policy, or About page visited)
Registration jurisdiction
Cayman Islands (Terms of Service Section 15 governing law; arbitration seat Cayman Islands per Section 9; Privacy Policy references the Cayman Islands Data Protection Act and the Data Protection Ombudsman of the Cayman Islands)
Status and notes
The website gho.xyz and the Interface (app.aave.com) are operated by Aave Labs ("we," "us," "our") per the Terms of Service (updated 6 Jan 2026) and Privacy Policy (updated 21 May 2025). The footer disclaimer on all pages states: "Aave Labs does not control or operate any version of the Aave Protocol on any blockchain network." Contact: [email protected]. No separate imprint (impressum) page or commercial registry number was found on gho.xyz. GHO itself is a decentralised stablecoin governed by the Aave DAO, not by Aave Labs directly.