High Yield USD
About
High Yield USD (hyUSD) is a yield-bearing stablecoin (RToken) built on the Reserve Protocol. Designed as an overcollateralized DeFi savings flatcoin, it allows users to mint hyUSD against a basket of yield-generating collateral assets and passively accrue value as the underlying DeFi positions generate returns. The product targets holders seeking a savings vehicle that earns yield while maintaining a relatively stable peg.
Where Does Yield Come From?
How hyUSD earns yield
hyUSD generates returns from the interest, fees, and rewards paid by the assets that back it. These backing assets are all tokenized DeFi positions — meaning they are already invested in lending markets or liquidity pools that produce ongoing yield.
The collateral basket over time
When hyUSD first launched, its backing basket included:
- Curve/Convex LP tokens (MIM+3Crv, alUSD+FRAXBP, LUSD+3Crv) — these earned yield from trading fees and protocol incentives
- Flux Finance fUSDC, fUSDT, fDAI — these earned interest from lending markets
On Base (where hyUSD eventually launched and stayed active), the basket shifted to:
- Aerodrome eUSD/USDC LP tokens (~50%) — earning swap fees and rewards
- Compound USDC V3 deposit receipts (~25%) — earning lending interest
- Aave USDC V3 deposit receipts (~25%) — earning lending interest
All of these are positions that naturally produce yield.
Where the yield goes
The yield first fills a backing buffer. Once the buffer is full — meaning the total backing rises above 100% of the hyUSD supply — any extra revenue can be distributed. According to the Reserve Protocol app, that extra revenue goes 100% to RSR stakers (the insurance layer that overcollateralizes the system) and 0% directly to hyUSD holders.
So hyUSD holders do not receive direct token payouts. Instead, they benefit from the yield through a gradual increase in hyUSD's redemption value (the backing per token goes up as the buffer fills).
Risk level and current status
The protocol was designed, per its governance rules, to take low-to-moderate risk in pursuit of high DeFi yields. However, the protocol is now marked as Inactive on the Reserve app — meaning no new hyUSD can be minted and the backing basket can no longer be changed or rebalanced.
Persons
Tom
Deployer
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
Trust Security16-12-2024 - 24-12-2024 |
| Two critical high-severity issues were found and fixed, but 11 medium and 8 low-severity findings remain open, many relating to trade mechanics and token compatibility, meaning the protocol carries residual risk that must be addressed by competent governance and further mitigations before safe deployment. |
Cantina13-01-2025 - 20-01-2025 |
| The audit found no critical or high-severity issues; the two medium-risk findings (bid DoS and trade-collision bypass) pose conditional but real risks that should be remediated before mainnet deployment. |
Trail of Bits18-04-2025 |
| The audit reveals four medium-severity issues, all of which were either resolved (slippage protection, initial-supply DoS, ERC-777 incompatibility) or accepted as low-probability risk (1-wei bid DoS), making the protocol reasonably safe for deployment with acknowledged residual governance and stETH integration risks. |
Pashov02-06-2025 - 11-06-2025 |
| The audit found no Critical or High-severity issues, with one Medium (resolved) and five Low findings (three resolved, two acknowledged), indicating that the protocol has no imminent loss-of-funds risks but has residual design friction around filler state handling and auction execution that should be monitored in production. |
Trail of Bits11-08-2022 |
| The audit uncovered several critical design and implementation flaws, particularly around auction mechanics, access controls, and edge cases in token economics, with five high-severity findings indicating material risks to system solvency and user funds. The Reserve team was advised to address all findings before mainnet deployment, with particular emphasis on fixing auction initiation issues and reducing centralization risks from excessive owner privileges. |
Trail of Bits11-08-2022 |
| The fix review confirms that Reserve has sufficiently addressed nearly all security concerns from the original audit for the p1 release candidate, with only one acknowledged residual risk (compiler optimizations) and one partially resolved access control issue that could permit dual ownership. Overall, the protocol's security posture has been materially strengthened for deployment. |
Solidified16-10-2022 |
| The audit found two critical issues — one was fixed and one acknowledged — while most other findings carry acknowledged or pending status, indicating residual design and implementation risks that the protocol team should continue to address. |
Ackee Blockchain07-10-2022 |
| The audit confirms a well-designed protocol with solid test coverage; the three medium-severity issues do not directly endanger the protocol in a reasonable timeframe, and all critical/high/medium findings that were fixable have been resolved in Revision 1.1. Residual risks (unlimited allowance, optimizer usage) are acknowledged by the client with documented mitigations, making the codebase safe for deployment. |
Halborn28-08-2022 - 10-10-2022 |
| The Halborn audit found no critical or high-severity vulnerabilities, with all three low-risk issues and most informational items resolved, indicating a strong security posture for the protocol at the time of assessment. |
Code4rena06-01-2023 - 20-01-2023 |
| The Code4rena contest revealed two High-severity and 25 Medium-severity issues, the most critical of which (cToken exchange rate manipulation and inefficient basket range) were addressed by the sponsor, making the protocol measurably safer for release 2.1.0; residual risks around redemption timing and reward distribution were partially mitigated and documented. |
Code4rena15-06-2023 - 29-06-2023 |
| The audit revealed two high-severity and twelve medium-severity vulnerabilities, most of which were mitigated in subsequent pull requests; however, four medium-severity mitigation errors were identified during the follow-up review, and two issues (M-05 and M-12) were not mitigated, indicating residual design and operational risks that governance and users should monitor closely. |
Code4rena25-07-2023 - 04-08-2023 |
| The audit revealed 3 high and 15 medium severity findings concentrated in collateral pricing, reward accounting, and oracle handling; all critical issues were resolved through code fixes or component removal, and the remaining medium-severity items were either mitigated or formally acknowledged, resulting in a materially improved security posture for the collateral plugin layer. |
Trust Security01-09-202309-10-202302-01-2024 |
| The audit found four high-severity and thirteen medium-severity issues, with most critical flaws (incorrect price feeds, reward theft vectors, governance bypass) fixed or mitigated before deployment; residual acknowledged risks around reward distribution fairness in certain wrappers and configuration limitations require ongoing governance oversight. |
Trust Security22-01-2024 - 27-01-2024 |
| The audit found one critical High issue (incorrect price-per-share calculation) which was fixed, and one Medium issue (backing buffer drainage on basket reweighting) which remains open with a partial mitigation; the three Low issues were all fixed, and the additional recommendations address operational hardening. The protocol's safety is materially improved by the resolved findings, though the open Medium finding warrants continued attention from governance. |
Solidified25-04-2024 |
| The audit found no critical or high-severity vulnerabilities, indicating the core protocol logic is sound; however, several medium-severity configuration and edge-case risks were identified and acknowledged, so governance and deployment procedures should be carefully managed. |
Trust Security30-04-2024 - 02-05-2024 |
| The audit found no critical or high-severity issues; the single low-severity finding was remediated in the mitigation review, and the additional recommendations address operational robustness rather than exploitable vulnerabilities in the core plugin logic. |
Trust Security24-05-2024 |
| The audit found no critical or high-severity issues; the single medium issue and most low issues were fixed, and the remaining two lows were acknowledged, so the 3.4.0 upgrade spell is considered safe for deployment with the documented mitigations applied. |
Solidified06-06-2024 |
| The audit found zero critical or major vulnerabilities, and the minor issues and informational notes were primarily acknowledged or addressable via comment/documentation fixes, indicating a strong security posture for the Reserve Protocol 3.4.0 release. |
Trust Security11-07-2024 |
| The audit found no high, medium, or critical vulnerabilities; only four low-severity configuration issues were identified, of which three were fixed and one was acknowledged, indicating sound plugin security with only minor deployment parameter risks. |
Trust Security03-07-2024 |
| The audit identified one high and one medium severity vulnerability, both of which were fixed prior to publication, while a low-severity timing constraint was acknowledged. With the critical reentrancy and validation fixes applied, the collateral plugins are adequately hardened, though the acknowledged timing limitation requires careful governance configuration for inner RTokens. |
Code4rena29-07-2024 - 19-08-2024 |
| The audit identified no critical or high-severity vulnerabilities, and all seven medium-severity findings were confirmed mitigated, indicating that the Reserve Core 4.0.0 release has been meaningfully hardened against the discovered risks. Residual design considerations (such as the Dutch auction settlement edge case left out of mitigation scope) do not pose an immediate threat to protocol solvency. |
Trust Security26-07-2024 |
| All Medium-severity findings were fixed, and the protocol's critical attack surfaces (GNOSIS auction overflow, peg arbitrage, unsafe normalization) were adequately remediated; residual acknowledged rounding and timing issues in the Distributor present low ongoing risk that governance should monitor. |
Trust Security15-01-2026 |
| All 1 high, 6 medium, and 5 of 8 low severity findings were fixed, with remaining 3 low findings acknowledged, demonstrating thorough remediation before the 4.2.0 release. |
Oak Security12-03-2026 |
| The audit found zero critical or high-severity vulnerabilities, with all 23 informational findings acknowledged by the team, indicating the v4.2.0 upgrade is well-hardened with only minor code quality and documentation concerns remaining. |
Certora22-12-2025 - 12-01-2026 |
| The formal verification confirms the Fixed.sol library is correct with respect to its specifications, and all discovered Medium and Low severity bugs were fixed before finalization; the remaining informational items and test-coverage suggestions pose no material safety risk to the protocol. |
Legal
Status and notes
No legal form, imprint, terms, or privacy policy were disclosed for High Yield USD (hyUSD) on its official website (linktr.ee/hyusd) or in the Reserve Protocol RToken registry. hyUSD is a permissionlessly created RToken on the Reserve Protocol; the protocol's user-facing interfaces (reserve.org, app.reserve.org) are operated by ABC Labs, LLC, a Delaware LLC headquartered in the US, governed by Delaware law with arbitration in Reno, Nevada. The support email domain (high-yield.io) does not resolve.