Important: USDX is a stablecoin, not a bank deposit or government-backed instrument. It is not covered by any deposit insurance scheme. Holding USDX involves risks, some of which could result in the partial or total loss of value. You should read this Risk Disclosure in full before minting, holding, or redeeming USDX.
01 Overview
USDX is designed to maintain a stable value of 1 USD per token, backed by verified reserves. The design aims to mitigate many risks associated with stablecoins — including opacity, bridge dependency, and weak compliance infrastructure. However, no stablecoin is risk-free. This document sets out the material risks known to USDX at the time of publication.
Risk ratings (High / Medium / Low) indicate our current assessment of the likelihood and severity of each risk materialising. Ratings are not guarantees and may change over time.
02 Smart contract risk
USDX operates through a set of smart contracts deployed on multiple EVM networks. These contracts — including the token, Compliance Registry, Reserve Oracle, Mint/Burn Controller, and Global Supply Controller — are subject to the following risks:
- Programming errors: Despite thorough testing, fuzz campaigns, and independent security audits, smart contracts may contain bugs that could be exploited. A critical vulnerability could affect token balances, the freeze mechanism, or the minting/burning process.
- Upgrade risk: Protocol upgrades require multisig approval and a 48-hour timelock. However, a flawed upgrade could introduce new vulnerabilities. The timelock mitigates but does not eliminate this risk.
- Dependency risk: The protocol depends on the security and correctness of the EVM itself, the underlying blockchain consensus, and third-party libraries. Undiscovered vulnerabilities in any of these could affect USDX.
USDX commissions independent security audits before major releases and maintains a responsible disclosure programme. Audit reports are published at docs/ when available.
03 Oracle and data integrity risk
Reserve state is published to on-chain contracts by authorised Reserve Reporter operators. The following risks apply to this system:
- Stale data: If the backend observer is unable to publish for more than 24 hours, reserve data becomes stale. The protocol flags this condition in the public API status endpoint, but does not automatically halt operations. Users should monitor reserve freshness independently.
- Operator compromise: If a Reserve Reporter key is compromised, false reserve data could be published on-chain. USDX uses independent attestation to detect such discrepancies, but detection is not instantaneous.
- Backend infrastructure failure: The observer worker and API backend are operated by USDX. A sustained infrastructure failure could prevent publication of reserve snapshots, degrading transparency without directly affecting token functionality.
04 Reserve and custodian risk
USDX reserves are held by regulated third-party custodians. The following risks apply:
- Custodian insolvency: If a custodian holding USDX reserves becomes insolvent, access to reserve assets may be delayed or impaired. USDX uses a multi-custodian structure with per-institution exposure limits to reduce concentration risk, but this does not eliminate it.
- US Treasury Bill market risk: T-Bills and government MMFs are low-risk instruments but are not zero-risk. In an extreme market dislocation, the market value of reserve assets could fall below par value, temporarily impairing the 1:1 backing ratio.
- Banking risk: Cash held at regulated banks is subject to bank failure risk. USDX limits concentration at any single institution and uses institutions in multiple jurisdictions, but a systemic banking crisis could affect multiple custodians simultaneously.
- Attestation latency: Independent attestations are published on a disclosed cadence. Between attestation publications, the accuracy of published reserve data relies on USDX's own reporting processes.
05 Liquidity risk
USDX is designed to prioritise liquidity, with at least 80% of reserves held in T-Bills, bank cash, and government MMFs. However, liquidity risk remains:
- Mass redemption events: A simultaneous large-scale redemption demand could exceed the immediately liquid portion of reserves. USDX publishes both total and liquid reserve figures to allow users to assess this risk. Redemption SLAs are defined and published.
- Redemption queue: During high-demand periods, redemptions are processed in order. There may be a delay between submitting a redemption request and receiving fiat proceeds.
- Secondary market liquidity: The secondary market price of USDX in decentralised exchanges is determined by supply and demand. In periods of market stress, USDX may briefly trade below $1.00 on secondary markets, even if the protocol's 1:1 backing invariant is intact.
06 Cross-chain and network risk
USDX uses a native burn-and-mint architecture that eliminates bridge smart contract risk. However, cross-chain operations carry residual risks:
- Network outages: Any of the 11 supported networks could experience an outage, halting token transfers, minting, or burning on that network. The global supply controller tracks cross-chain state, but reconciliation may be delayed during network outages.
- Consensus failures: A blockchain reorganisation (reorg) on a supported network could temporarily invalidate a transaction that appeared confirmed. USDX uses block confirmation thresholds to mitigate this risk.
- Network deprecation: If a supported network is deprecated or significantly altered, USDX may need to migrate or discontinue support for that network, which could affect token holders on that chain.
- Observer block span limits: The backend observer has per-network block scan limits. In the event of a very large backlog of events (e.g., after a prolonged network outage), catch-up may be delayed.
07 Regulatory and legal risk
Stablecoin regulation is evolving rapidly and varies significantly across jurisdictions. The following regulatory risks apply to USDX:
- New regulations: Governments may enact laws that require USDX to change its business model, obtain licences, restrict eligible users, or cease operations in certain jurisdictions. Compliance with new regulations may be costly or operationally disruptive.
- Sanctions: USDX screens users and wallet addresses against applicable sanctions lists. However, sanctions regimes change frequently. Inadvertent violations or retroactive application of new sanctions could expose USDX to regulatory action.
- Legal orders: Courts or regulators may order USDX to freeze assets, disclose user information, or take other actions that affect token holders.
- Tax treatment: The tax treatment of stablecoins and related transactions varies by jurisdiction and may change. Users are responsible for their own tax obligations.
08 Operational risk
USDX is operated by a team of personnel and relies on third-party service providers. Operational risks include:
- Personnel risk: The departure or incapacitation of key personnel could disrupt operations, particularly in areas requiring specialised knowledge.
- Third-party dependencies: USDX depends on KYC providers, custodians, banking partners, and RPC node operators. Failure of any critical third party could disrupt the Service.
- Infrastructure attacks: The backend API and observer infrastructure are subject to denial-of-service attacks, which could temporarily degrade the Transparency Hub without affecting on-chain token functionality.
- Process errors: Manual errors in reserve management, compliance operations, or backend configuration could lead to incorrect data publication, delayed redemptions, or compliance failures.
09 Governance risk
USDX governance uses multisig controls with a 48-hour timelock for material parameter changes. Governance risks include:
- Multisig compromise: If a sufficient number of multisig keyholders are compromised simultaneously, an attacker could execute unauthorised protocol changes. The timelock provides a window for detection and response.
- Key loss: Loss of multisig keys could impair the ability to upgrade protocols or respond to emergencies. USDX maintains secure key backup procedures.
- Emergency actions: Emergency multisig actions with a shorter delay are available for critical situations. Misuse or unauthorised use of emergency powers represents a governance risk.
10 Key management risk
USDX tokens are held in blockchain wallets controlled by private keys. The security of your tokens depends entirely on the security of your private keys:
- Loss of private keys results in permanent loss of access to tokens. USDX cannot recover lost keys or restore access.
- Theft of private keys — through phishing, malware, or other attacks — could result in loss of tokens. USDX cannot reverse confirmed blockchain transactions.
- Use of custodial wallets introduces counterparty risk with the wallet provider.
You are solely responsible for the security of your wallet and private keys.
11 No guarantee of peg
No guarantee: USDX is designed to maintain a 1:1 peg to the US dollar. The design includes structural safeguards — full reserve backing, continuous transparency, liquidity priority, and governance controls. However, USDX does not guarantee that the peg will be maintained under all circumstances. It is not a bank deposit, it is not insured by any government agency, and it is not backed by a central bank. In extreme scenarios, the value of USDX could fall below $1.00.
The risks described in this document are not exhaustive. Additional risks may arise that are not currently foreseen. Users should make their own independent assessment of USDX before minting, holding, or using USDX tokens. This document does not constitute financial, legal, or investment advice.
12 Contact
For questions relating to this Risk Disclosure or the risks associated with USDX:
Email: contact@usdx.finance
Technical whitepaper: usdx.finance/whitepaper/