Parallel
About
Parallel is a decentralized, modular, over-collateralized stablecoin protocol built on EVM chains. It issues stablecoins such as USDp backed by a basket of yield-bearing correlated assets (including sfrxUSD and sUSDe), and offers a Savings Module (ERC-4626 vault) where USDp holders stake their tokens to receive sUSDp, which automatically accrues yield generated by the protocol's revenues.
Where Does Yield Come From?
Holders of sUSDp (staked USDp) earn yield from the protocol's overall revenues, which come from several independent sources:
- Parallelizer Module fees — users deposit a basket of assets as collateral to mint USDp. When one of those assets drifts away from its intended value (de-pegs), the system automatically adjusts fees to protect USDp's stability. Fees are also charged when users mint or redeem USDp.
- Flashloan fees — charged when someone takes out a flashloan (a loan that must be repaid in the same transaction).
- Bridging Module fees — charged when funds move between chains.
On top of these fees, the collateral basket itself contains yield-bearing tokens (like sfrxUSD and sUSDe), so the backing assets also grow value over time.
How the revenue is split:
- 90% of all protocol fees from USDp go to sUSDp depositors through the Savings Module.
- 9% flows to the DAO Treasury.
- 1% goes to Angle Labs.
The Savings Module is a simple ERC-4626 vault (a standard type of yield-bearing vault). There are no deposit or withdrawal fees. Yield accrues automatically, block by block. Keepers appointed by the DAO periodically adjust the rate, but a configurable maximum cap prevents anyone from manipulating it. In short, the yield paid to sUSDp holders depends on what the protocol earns from its backing assets.
Audits
| Audit / Date | Findings | Verdict |
|---|---|---|
Certora03-04-2025 - 01-05-2025 |
| This Certora formal-verification audit found no critical or high-severity vulnerabilities; one medium issue and several low/informational findings were identified, most of which were fixed or acknowledged. The overall protocol safety is bolstered by the formal proofs, though residual rounding-edge-case risks and trust assumptions around reward sellers and the normalizer function remain design-level concerns. |
| The audit identified several high-severity vulnerabilities that were resolved before finalization, and multiple medium-severity risks were either fixed or acknowledged with mitigations; overall the Parallelizer codebase shows a thoughtful security posture, though reliance on guardian and governor privilege controls and acknowledged oracle/MEV risks require continued operational vigilance. | |
Zenith03-02-2025 - 12-02-2025 |
| The audit found no critical vulnerabilities and all four high-risk issues were resolved and verified, meaning the most severe attack surfaces were eliminated before deployment; the two acknowledged medium/low findings represent acceptable design trade-offs that the team consciously accepted. |
| All seven critical/high-risk vulnerabilities were resolved before publication, and the Auctioneer contract was removed entirely to eliminate game-theoretic attack surfaces, demonstrating strong remediation discipline. The audit confirms that the remaining centralization risks (governance privileges and emergency rescue functions) are acknowledged, making the protocol safe for deployment assuming trusted multisig administration. | |
| The single high-severity vulnerability (casting underflow causing stuck tokens) was fixed, and several low-severity issues were remediated, but multiple medium-severity findings around fee bypass and governance centralization risks were only acknowledged without code changes, leaving residual design risk for the protocol's fee model and admin privileges. | |
| The one critical-class issue (High) was resolved, and the Medium fee-bypass risk was acknowledged rather than fixed, so users may be able to avoid protocol fees; overall the contract's core bridging logic is sound after remediation of the High and Low findings. | |
Code4rena02-08-2022 - 07-08-2022 |
| The audit uncovered 4 high and 8 medium severity vulnerabilities affecting proxy ownership, access control, and vault rebalancing logic in Mimo DeFi, all of which were confirmed and resolved with reviewed mitigations prior to deployment. |
Code4rena28-04-2022 - 02-05-2022 |
| The two High-risk findings—arbitrary router call in liquidation and missing flash-loan receiver guard in SuperVault—were confirmed by the Mimo DeFi team and require remediation before deployment, while the Medium-risk issues primarily affect edge-case availability and reward fairness. |
Certik16-06-2021 |
| The Certik audit found no critical, major, or medium severity issues, with most findings being minor logic refinements and informational coding improvements; however, since all 16 findings were unresolved at report delivery, the reentrancy risk in DemandMiner and the excessive owner permissions on key functions should be remediated before mainnet deployment. |
Quantstamp02-11-2020 - 19-11-2020 |
| No high or medium risk issues were discovered; all six low-severity and informational findings were either fixed or acknowledged by the team, who also planned governance decentralisation. The audit found the codebase well-written, well-documented, and well-tested with no critical blockers to deployment. |
Legal
Legal form
Not disclosed on official sources
Status and notes
No imprint, terms of service, or privacy policy found on the main website (parallel.best) or the app (app.parallel.best) — all standard legal pages (terms, privacy, imprint, legal) return 404. The protocol code is licensed under MIT (parallel-core, copyright 2024 CooperLabs) and BUSL-1.1 (parallel-parallelizer, originally licensed by Angle Labs, Inc.). The GitHub organization lists [email protected] as email. The protocol documentation describes Parallel as a "decentralized, modular stablecoins protocol with different entities and individuals contributing to its development and adoption," without naming a specific operating legal entity.