Paxos
About
Paxos is a regulated blockchain infrastructure platform for enterprises, offering stablecoin issuance, custody, and crypto brokerage services under oversight by the OCC, NYDFS, and MAS. The platform powers regulated digital assets including Global Dollar (USDG), Pax Dollar (USDP), Pax Gold (PAXG), and PayPal USD (PYUSD), each fully backed 1:1 by their underlying reserves and redeemable on a one-to-one basis. Paxos enables global enterprises — such as PayPal, Robinhood, and Kraken — to build stablecoin-based payment, settlement, and treasury products through its API-accessible infrastructure.
Where Does Yield Come From?
Paxos is a platform for building regulated digital money and crypto services — it is not itself a yield-earning or staking product. But one of its stablecoins, Global Dollar (USDG), comes with a twist that lets participating businesses earn returns.
Here is how it works.
USDG is a stablecoin (a digital token always worth $1) issued by Paxos entities in Singapore and Europe. Every USDG in circulation is backed by real-world reserves — cash and similar safe assets — held in separate accounts. Those reserves naturally earn some investment return.
Most stablecoin issuers keep that return for themselves. The Global Dollar Network does something different: it shares the reserve earnings with the businesses that help grow USDG's use. Companies like exchanges, digital wallets, and payment processors can receive rewards based on how much USDG they mint, hold, or help others use. According to Paxos's official docs, partners can receive up to 100% of the returns generated by the USDG reserves held on their platform.
This means the yield is not coming from crypto lending, staking, or DeFi farming. It comes purely from the traditional returns on the fiat (government-currency) reserves that back the stablecoin. Paxos publishes monthly third-party reports so anyone can verify what the reserves contain.
Persons
Charles Cascarilla
CEO + Co-Founder
Walter Hessert
Head of Strategy
Bill Bradley
Board of Directors
J. Christopher Giancarlo
Board of Directors
Patricia Kemp
Board of Directors
Scott Malpass
Board of Directors
Jim Manzi
Board of Directors
Brian Stern
Board of Directors
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
ChainSecurity01-08-201812-09-2018 |
| The audit found only minor issues, all of which were addressed or acknowledged by Paxos before deployment, and confirmed that the code follows good practices and common vulnerability classes are absent in the audited scope. |
Nomic Labs10-09-2018 |
| The audit identified zero security vulnerabilities across all severity levels, with the Paxos team addressing the vast majority of code-quality and architectural recommendations, resulting in a clean bill of health for the PAX stablecoin contracts. |
Trail of Bits01-10-2018 - 15-10-2018 |
| The audit found no high or medium severity issues, with only two low-severity and four informational findings — all accepted by Paxos — demonstrating a solid security posture for a regulated stablecoin with well-understood residual risks around the law enforcement role and supply controller. |
Trail of Bits18-01-2023 |
| The PYUSD token contract was found to be well-secured with no critical or high-severity vulnerabilities; the single medium-severity finding was remediated, and all unresolved low/informational items were accepted as intentional design choices or manageable risks for the intended single-chain deployment. |
Halborn24-07-2025 - 25-07-2025 |
| The audit identified only a single informational finding (unrestricted domain separator initialization), which was acknowledged by the Paxos team, and all reported findings are marked as addressed, posing no material risk to fund safety or protocol integrity under normal operating conditions. |
ChainSecurity01-08-2018 - 12-09-2018 |
| The ChainSecurity audit found no critical or high-severity vulnerabilities in the PAXOS Standard contracts; the three medium/low issues found were all addressed or acknowledged by PAXOS, and the report commends the project's clean coding practices and test coverage. |
Nomic Labs10-09-2018 |
| The Nomic Labs audit found no exploitable security vulnerabilities in the Paxos Standard (PAX) contract, and all architectural and code-quality recommendations were addressed by the Paxos team, resulting in a hardened, production-ready stablecoin implementation. |
Trail of Bits01-10-2018 - 15-10-2018 |
| The audit found no critical or high-severity vulnerabilities; the two low-severity and four informational-severity findings were all accepted by Paxos as intended design trade-offs, reflecting a system where regulatory compliance and law-enforcement functionality are prioritized over operational efficiency or obfuscation. |
Halborn24-07-2025 - 25-07-2025 |
| This targeted review identified no critical, high, medium, or low severity issues; the sole informational finding (unrestricted `initializeDomainSeparator()`) was acknowledged by the Paxos team, reflecting a well-scoped code change with minimal residual risk. |
Zellic15-12-2025 |
| This patch review found no vulnerabilities of critical, high, medium, or low severity; the single informational issue regarding domain separator versioning was acknowledged as intentional backward compatibility, confirming the signature validation enhancements were safely implemented. |
Trail of Bits09-09-2024 - 27-09-2024 |
| The audit found no high or medium severity vulnerabilities; the 4 low and 7 informational findings were all resolved by Paxos, indicating a strong security posture for the cross-chain messaging integration. |
Zellic07-11-2024 |
| The audit identified and remediated one critical vulnerability involving frozen-token cross-chain bypass, while the remaining two findings were informational; no high or medium severity issues were found, and centralization risks are mitigated by multi-sig custody of privileged roles. |
Halborn17-10-2025 - 03-11-2025 |
| The Halborn audit uncovered one high-risk arbitrary token-creation vulnerability and several medium-risk accounting flaws, all of which were resolved or acknowledged by the Paxos team, leaving no unresolved critical or high-severity issues in the final remediated codebase. |
Zellic24-02-2026 |
| The audit identified two high-severity double-claim vulnerabilities in the shares-based reward model, both of which were acknowledged and remediated by Paxos; once these are confirmed deployed, the codebase shows mature engineering with a cleanly simplified reward system, though testnet validation before mainnet launch is recommended. |
Trail of Bits01-10-2018 - 15-10-2018 |
| The audit found no high or medium severity vulnerabilities, with only two low-severity and four informational issues, all of which Paxos accepted as managed operational risks; the smart contracts are sound for production use under the existing operational controls and regulatory posture. |
Nomic Labs10-09-2018 |
| The audit found zero vulnerabilities across two review rounds, and all recommendations were addressed by Paxos—including adding ERC-20 allowance functions, adopting a standard upgradeability proxy, and splitting administrative roles—making the contract safe for deployment. |
ChainSecurity01-08-2018 - 12-09-2018 |
| The ChainSecurity audit found only minor-to-medium issues in the Paxos Standard contracts, all of which were acknowledged and resolved before launch; no high or critical vulnerabilities were identified, and the overall code quality was described as clean and well-documented, indicating a solid security posture for the regulated stablecoin. |
Legal
Legal form
Trust company (national banking association); also operates via limited company affiliates
Registration jurisdiction
United States (Paxos Trust Company, N.A. — a national banking association regulated by the Office of the Comptroller of the Currency); also New York (initial NYDFS limited purpose trust charter); Singapore (Paxos Global PTE LTD / Paxos Digital Singapore Pte. Ltd., licensed as a major payments institution by MAS); Finland (Paxos Issuance Europe Oy); Uruguay (Bruntal S.A. dba Paxos Uruguay)
Status and notes
Operator is Paxos Trust Company, N.A., a U.S. national banking association overseen by the OCC, with registered address at 450 Lexington Ave., Suite #3952, New York, NY 10163. The website footer states '© 2026 Paxos Trust Company, N.A. All Rights Reserved.' The Privacy Policy identifies Paxos Technology Limited (UK) as EEA/UK data controller and Paxos Global Pte. Ltd. as Singapore data controller. Comprehensive legal documents (General Terms and Conditions, Privacy Policy, Cookie Policy, stablecoin terms, risk disclosures, AML/KYC disclosures, licenses page) are published at paxos.com/terms-and-conditions/. The domain liftdollar.com redirects to the Paxos website.