Paxos
Protocol Security — Category Scores
Smart Contract Security
Completed Audits
3+ audits
Auditor Reputation
Top-tier (e.g. QuillAudits)
Critical Vulnerabilities Found
All resolved
Upgradeability Risk
Admin-controlled
Admin Privilege Controls
Multisig owner
Test Coverage
Above 80%
Formal Verification
None
Fuzzing
Basic fuzzing
ERC Standard Compliance
Compliant + verified on-chain
Audit Recurrence
Annually
Spell Review / Governance Review
Internal security review
Oracle & Data Integrity
Oracle Decentralization
3+ providers / Chainlink
Price Deviation Protection
Circuit breakers + fallback
Fallback Oracle System
Automated failover
Manipulation Resistance
Strong (TWAP, multi-source)
Custody & Asset Backing
Custody Provider
Top-tier regulated + insured
Proof of Reserves
Real-time on-chain PoR
Redemption Guarantee
Regulatory backed
Insurance Coverage
Fully insured + regulated insurer
Redemption & Liquidity Safety
Redemption Mechanism
Automated + guaranteed
Liquidity Buffer
Above 15%
Governance Risk
Emergency Shutdown Controls
Multisig pause + timelock
Timelock Delay
24 - 48 hours
Compliance & Transfer Restrictions
KYC Gating
KYC + AML monitoring
Whitelist Enforcement
Compliant transfer agent
Jurisdiction Restrictions
Full regulatory compliance
Operational Security
Bug Bounty Program
Structured program
Incident Response Plan
Tested + drilled plan
Monitoring Systems
AI-powered threat detection
Third-Party Dependency Risk
All dependencies audited
Operational Audit (SOC 2 / ISO 27001)
SOC 2 Type II certified
Learn More
PAXOS SECURITY FAQ
Paxos has an RWA Protocol Security Score of 87/100 with a grade of A. This protocol-level score is evaluated across 8 risk categories: smart contract security, oracle integrity, custody, redemption safety, governance, compliance, operational security, and transparency.
Paxos's protocol security score of 87 is a weighted average across 8 protocol risk categories: • Smart Contract Security (20%) • Oracle & Data Integrity (15%) • Custody & Asset Backing (15%) • Redemption & Liquidity Safety (10%) • Governance Risk (10%) • Compliance & Transfer Restrictions (10%) • Operational Security (10%) • Transparency & Proof Systems (10%) Each protocol category is scored 0–100 and multiplied by its weight to produce the overall score.
A protocol security grade of A means Paxos has an excellent security posture, placing it among the top-ranked RWA protocols on the leaderboard. The protocol demonstrates strong controls across most or all of the 8 evaluated risk categories.
The RWA Protocol Security Score of 87 (A) indicates Paxos's security posture relative to other RWA protocols on the leaderboard. This protocol security score should be one factor in your due diligence — also review the detailed category breakdown, consider regulatory compliance in your jurisdiction, and consult security professionals for high-value decisions. A higher protocol security score reflects stronger controls but does not constitute a guarantee of security.
Each RWA protocol is assessed across 8 risk categories: 1. Smart Contract Security — Protocol audit history, vulnerability resolution, upgradeability, admin privileges, test coverage. 2. Oracle & Data Integrity — Oracle decentralization, price manipulation protections, protocol fallback mechanisms. 3. Custody & Asset Backing — Protocol custody provider quality, multisig controls, proof of reserves, insurance coverage. 4. Redemption & Liquidity Safety — Protocol redemption mechanisms, liquidity buffers, bank-run protections. 5. Governance Risk — Protocol admin key management, token distribution, emergency controls, timelock delays. 6. Compliance & Transfer Restrictions — Protocol KYC gating, whitelist enforcement, jurisdiction restrictions. 7. Operational Security — Protocol bug bounty programs, incident response, monitoring, operational audits. 8. Transparency & Proof Systems — Protocol public financial disclosures, audit reports, on-chain asset verification.
