In the fast-paced domain of cryptocurrencies, industry giants are constantly seeking ways to advance and adapt. San Jose-based payment platform, PayPal, has been no exception to this trend. The company’s recent introduction of its own stablecoin, PayPal USD (PYUSD), signals a landmark move in its journey within the cryptocurrency sector.
The launch, however, was quickly met with discussions and concerns from various quarters regarding its security features.
The new Paypal USD stablecoin has an “assetProtection” role which can wipe your balance in two transactions (first `freeze`, then `wipeFrozenAddress`)
In smart contract security we call this a “centralisation attack vector” pic.twitter.com/RsmqvsnKvi
— pashov (@pashovkrum) August 7, 2023
Controversy Surrounding PYUSD’s “assetProtection” Role
PayPal’s step into the world of stablecoins is a significant one, given the platform’s massive user base. The creation of PYUSD, a digital currency pegged to the US dollar and issued by Paxos Trust, illustrates the company’s commitment to expanding the integration of cryptocurrencies into mainstream transactions.
Having initially dipped its toes in the crypto waters in 2020, PayPal’s launch of PYUSD cements its foothold in the landscape. However, despite the anticipation surrounding PYUSD’s introduction, a particular security feature within its system sparked debates.
The “assetProtection” role, possessing the ability to freeze and eventually nullify a user’s balance, raised eyebrows in the crypto community. Several users voiced concerns over this perceived “centralization attack vector,” debating its alignment with the decentralized principles fundamental to many digital currencies.
David Schwartz, Ripple’s CTO, known online as “JoelKatz”, recognized the magnitude of the issue and took to X (Twitter) to elucidate. Schwartz emphasized that the crux of centralization in PYUSD isn’t necessarily this controversial feature, but rather its value being intrinsically linked to PayPal’s legal assurance to swap it for actual dollars.
He underscored that the “assetProtection” function was integrated to shield users from inadvertently acquiring tokens that PayPal may not be legally obligated to exchange.
Nonsense. The centralization is that the value of the stablecoin is based on PayPal being legally obligated to redeem it for dollars. This mitigates that risk by helping to prevent innocent people from receiving tokens that PayPal is not legally obligated to redeem.
— David “JoelKatz” Schwartz (@JoelKatz) August 7, 2023
Balance Between Centralization And Decentralization
Extending the conversation to the broader context of decentralization, Schwartz offered insights into PYUSD’s design. He underscored that while certain aspects may mirror traditional financial systems, the crypto components embedded within PYUSD present users with increased flexibility.
This allows for the transfer and management of assets in ways that don’t solely rely on existing financial infrastructures.
However, its crypto aspects do convey several benefits. For example, you aren’t reliant on the counterparty’s infrastructure to transfer it and even those who can’t or won’t do business with the counterparty can use it for payments. 2/2
— David “JoelKatz” Schwartz (@JoelKatz) August 8, 2023
Featured image from Unsplash, Chart from TradingView