Blockchain analysis company Chainalysis stated in a report that stablecoins are designed to offer low volatility and fast settlement, playing a critical role in centralized exchanges, decentralized finance (DeFi), and global payment systems. However, these tokens also face various security risks due to differences in their issuance and management.
In summary, stablecoins are divided into two types: centralized stablecoins like Tether's USDT and Circle's USDC, and decentralized stablecoins such as Ethena's USDe and Sky's USDS. Data shows that centralized stablecoins are significantly more popular than decentralized ones, currently accounting for about 90% of overall stablecoin activity.
Risks of centralized stablecoins
Chainalysis stated that the utility of stablecoins makes them a target for cybercriminals, who seek to steal user assets and infiltrate related infrastructure and protocols for profit. Their report stated:
"Centralized stablecoins like USDC and USDT are backed by reserve assets held by their issuers, typically including cash, short-term government bonds, or other low-risk assets. While this support model provides transparency and regulatory compliance, it also introduces significant custody risks — users must trust that the issuer will maintain adequate reserve assets and operate with integrity."
This is why the stablecoin bill currently being considered by the US Congress stipulates that issuers must undergo regular independent audits, and asset reserves can only hold the safest instruments. A few years ago, Tether's reserves included a significant amount of commercial paper (short-term corporate debt), which relied on corporate credit, but Tether later discontinued this practice.
Additionally, these stablecoins face regulatory risks and points of centralization failure, as disruptions in the operations of issuing companies or government actions could affect the overall token supply and their availability in the global market. Currently, most activities of centralized stablecoins occur on DeFi and centralized exchanges.
Proportion of centralized stablecoins' activity across various chains (Source: Chainalysis)
Chainalysis also pointed out that centralized stablecoins face risks related to the custody of reserve assets and control over issuance. If hackers breach the infrastructure of a stablecoin issuer, they could steal reserve funds or gain the ability to mint unauthorized tokens. These vulnerabilities could undermine market confidence in the reserve backing of the stablecoin and potentially trigger turmoil in the overall market.
Risks posed to the financial system
Chainalysis indicated that the integration of stablecoins with traditional finance also generates new systemic risk vectors that extend beyond individual protocols or platform levels. Many DeFi protocols heavily rely on stablecoins as a source of liquidity, and if a major stablecoin experiences an incident, it could trigger cascading liquidations between interconnected protocols, potentially causing the DeFi ecosystem to come to a widespread halt.
Regarding the impact on traditional finance, Chainalysis pointed out:
"The potential spillover crisis from the collapse of major stablecoins poses a particular concern for institutional adoption. As traditional financial institutions increasingly hold or trade stablecoins, the unique risks associated with crypto are also rising. A significant decoupling event could force institutions to incur losses, potentially impacting their ability to serve traditional banking clients."
Chainalysis also mentioned the risks of decentralized stablecoins, which are usually backed by collateralized crypto assets or managed through algorithmic mechanisms, eliminating reliance on traditional custodial institutions. However, this decentralized approach also brings different security challenges, particularly smart contract vulnerabilities, where attackers could exploit flaws to manipulate token issuance or steal assets from collateral pools. Other risks include oracle failures, loss of investor funds due to fraudulent protocols created by scammers, and flash loan attacks.
Data source
Source
