Hyperstable
About
Hyperstable is a decentralized, over-collateralized stablecoin protocol on HyperEVM that lets users deposit supported crypto collateral (HYPE, wstHYPE, uBTC, uETH) into isolated vaults to mint the USH stablecoin, designed to trade at one US dollar. It combines a CDP borrowing engine with a dual-token model (USH stablecoin + PEG governance token) and a vote-escrow (veCDP) mechanism: locking PEG into vePEG grants governance rights over emissions, a share of protocol revenue from interest and liquidation fees, and anti-dilution rebases. The protocol serves borrowers (leverage/capital access), liquidity providers and lenders (earn PEG rewards), and PEG/vePEG holders (fee distribution, voting power, and external bribes).
Where Does Yield Come From?
Yield in Hyperstable comes from three basic sources: borrowing costs, penalty fees, and newly created PEG tokens. These rewards flow to different people depending on what they do in the protocol.
1. Borrowing Interest (Protocol Revenue)
When someone takes out a loan by minting USH stablecoins against their crypto collateral, they pay a floating interest rate. That rate has two parts:
- A curve-based rate that stays low when a vault has plenty of collateral relative to its debt, and rises when it gets riskier.
- A peg-adjustment rate that changes to help keep USH trading near $1 — it drops when USH is trading above $1 (to encourage borrowing) and rises when USH is below $1 (to slow borrowing and reduce supply).
All this interest goes into the protocol treasury and eventually flows to vePEG holders (people who lock the PEG governance token for a vote-escrowed version).
2. Liquidation Fees
If a borrower's health factor (ratio of collateral to debt) falls too low, anyone can liquidate the position. The protocol collects a penalty fee on the seized collateral. These fees also become protocol revenue shared with vePEG holders.
3. PEG Emissions (New Token Rewards)
PEG tokens are created on a fixed schedule. Of the initial 500 million PEG supply, the protocol allocates:
- 21% to weekly voter incentives
- 21% to referral rewards
- 4% to PEG liquidity pools
These newly minted PEG tokens flow through gauges — special smart contracts that hold staked LP tokens (from USH trading pairs) or lender deposit receipts. vePEG holders vote on which gauges get what share of the weekly PEG emissions. Then, liquidity providers and lenders who put their tokens into a gauge earn a proportional slice of the PEG sent to that gauge.
4. What vePEG Holders Earn
Locking PEG for anywhere from 1 week to 1 year gives you vePEG (a non-transferable token with voting power). The longer you lock, the more vePEG you get — e.g., 100 PEG locked for 1 year = 100 vePEG, but for 3 months = 25 vePEG.
vePEG holders earn four types of rewards:
- Protocol revenue share from borrowing interest and liquidation fees
- Extra weekly PEG from the voter incentive pool
- Bribes paid by external projects or users who want to steer gauge votes toward their own liquidity pools
- Anti-dilution rebase — extra PEG that rewards locking the most when few others are locking. It's calculated to grow bigger when the total amount locked is smaller relative to the total PEG supply.
5. Borrower Rebates & Referrals
Borrowers can earn PEG rebates that lower their effective interest cost. Meanwhile, people who refer new borrowers receive PEG each week based on how much USH those referrals mint. Referrers can choose to take 25% as liquid PEG or 100% as max-locked vePEG.
6. Treasury Reinvestment
The protocol treasury (which started with 24.8% of the initial PEG supply) keeps its PEG auto-locked as vePEG. It votes for PEG liquidity pools and partner pools, and it uses accumulated profit to buy more PEG from the market and lock it too. This creates a cycle: more protocol revenue → more PEG bought and locked → more governance power locked in the treasury.
The Core Flywheel
CDP revenue (borrow interest + liquidation fees) → distributed to vePEG holders. PEG emissions → directed by vePEG votes → reward liquidity providers and lenders. External bribes → attract vePEG votes → concentrate liquidity where the protocol needs it most.
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
0x5205-02-2025 - 18-02-2025 |
| The audit uncovered 8 material issues (3 High, 5 Medium), all of which were confirmed as remediated during the fix review on 21-02-2025, substantially reducing the protocol's risk exposure. Users should verify that the remediated commits are deployed in the live HyperEVM mainnet contracts. |
0x5218-03-2025 - 20-03-2025 |
| All 10 findings (3 high, 4 medium, 3 low) were addressed and remediated in follow-up commits, with the delegation feature removed to fully fix two of the medium-severity issues, making the protocol safe for deployment after the fixes. |
0x5228-04-202529-04-2025 |
| The audit found only low-severity issues, all of which were either remediated or acknowledged for post-deployment adjustment, indicating sound contract design with no critical or high-risk vulnerabilities. |
Pashov Audit Group26-02-2025 - 03-03-2025 |
| The audit identified one high-severity governance manipulation risk and nine medium-severity issues spanning initialization, liquidation economics, reward accounting, and decimal handling—most of which the team resolved before deployment. While no critical vulnerabilities were found, the residual acknowledged items (e.g., self-liquidation loss mechanics and inflation-attack susceptibility) warrant ongoing monitoring and possibly a follow-up review after production deployment. |
Pashov Audit Group19-03-2025 - 21-03-2025 |
| The audit identified one critical authorization bypass and several high-severity logic flaws in delegation, reward distribution, and perpetual-lock handling, all of which were resolved; the residual medium and low findings are mostly design clarifications and safeguards that do not compromise core solvency, making Hyperstable safe for deployment after the fixes are applied. |
0xKato, 0xWeiss12-03-2025 - 26-03-2025 |
| All critical and high-severity issues were fixed by the development team, and most medium-severity findings were also resolved, leaving only minor acknowledged items and the unfinished oracle noted as future work. The audit indicates the protocol's core mechanics (vaults, liquidations, voting escrow) were substantially hardened, though the acknowledged slippage in liquidations and the placeholder price feed remain residual risks to monitor. |
Anthias (Anthias Labs)01-04-2025 - 31-05-2025 |
| The parameter review reveals Hyperstable's HYPE collateral settings are conservatively safe (no liquidations, health factors above 1.5), but the overly constrained interest rate configuration—near-zero floor, 2% cap, and a high manual rate overriding the adaptive IRM—limits the protocol's ability to dynamically manage risk and respond to market shifts as it scales. |
Backers
Hyperstable's PEG token distribution page allocates 1.4% of the initial 500M PEG supply to "Echo" (liquid), 3.8% to "Angels" (locked as vePEG), and 9% to a "Series A reserve" (locked as vePEG). The homepage lists a "Backed by Angels" section featuring the following named angel investors: HypurrXBT, Peanut.hl, Grills, Masky.hl, Fiskantes, Luke Cannon, JUN.hl, Flips.hl, Degentraveller.hl, Stephen, ComfyCap, Bonkos, Sisyphus, Based16z, Ericonomics, Pk79z, and Tobias Reisner. Additionally, "Jez" and "Blurr" are listed alongside auditors and angels on the site. No specific investment amounts, round dates, or traditional venture capital firms are disclosed on official sources.
Legal
Status and notes
No imprint, terms of service, privacy policy, or operator entity disclosed on the official website (hyperstable.xyz), documentation (gitbook), or GitHub organization page. The only legal-like statement is a generic risk disclaimer in the documentation reading: "Hyperstable is an experimental protocol. Users should understand the risks involved with DeFi protocols, including smart contract risk, liquidation risk, and potential loss of funds." No company name, legal entity form, or registration jurisdiction is mentioned on any official source.