Secure Mint Explained: How Chainlink Proof of Reserve Enhances the Security of Stablecoins, Tokenized Assets, and Wrapped Tokens
2024-10-2114004 Views
Decentralized finance (DeFi) provides an alternative framework for the creation of non-custodial financial services, combining digital representations of value (tokens) with autonomous code execution (smart contracts). While DeFi is interoperable with a wide range of tokens, the fastest growing categories of tokens include stablecoins, tokenized assets, and wrapped assets.
These categories of assets are unique in that the onchain tokens are collateralized by reserves held either offchain or another blockchain network, creating a 1:1 backing. Such assets must prioritize security and transparency in order to ensure that the amount of tokens issued onchain reflects the value of the reserves held offchain or cross-chain.
In this blog post, we explore how integration of Chainlink Proof of Reserve into the minting function of stablecoins, wrapped tokens, and tokenized assets—referred to as “Secure Mint”—increases the security and transparency of the DeFi ecosystem as a whole, while also facilitating greater trust by token holders.
The Risk of Infinite Mint Attacks and Resulting Ecosystem Contagion
Under normal circumstances, stablecoins, tokenized assets, and wrapped assets are fully collateralized as the issuing entity only mints additional tokens if there is sufficient reserves to maintain collateralization. For example, if a stablecoin has $10 million in reserves, and 9 million tokens have already been minted, then the issuer should only mint 1 million additional tokens to maintain a 1:1 collateralization.
However, if a malicious entity (code bugs or backend issues/mistakes) is able to mint additional tokens in excess of the amount of actual reserves, then all issued tokens become undercollateralized. For example, if a malicious entity mints 100 billion additional units of a stablecoin, but there is only $1 million in reserves, then collateralization drops from 100% to nearly zero.
Example of an infinite mint attack on a cross-chain wrapped token.
A compromised connection between a token and its offchain/cross-chain reserves not only poses a direct risk to holders of that token, but also to any DeFi protocol or platform that directly integrates with said asset. Malicious actors often take advantage of an infinite mint attack by selling the newly minted, unbacked tokens on an exchange or using the tokens as collateral in a lending protocol, extracting value from liquidity providers and at times leading to protocol insolvencies.