For some surreal moments on October 15th, the Ethereum blockchain appeared to host the economic equivalent of a dream.
Paxos, the publisher of PayPal’s stablecoin PYUSD, accidentally minted $300 trillion worth of tokens, roughly 300 times the world’s GDP, before burning them just as fast.
This minting, visible on Ethereum’s public ledger, sent analysts, traders, and bots into overdrive.
Within minutes, Paxos confirmed that the incident was due to an internal operational error and not a hack. The company said that users’ funds were not affected.
Still, the sheer number involved in this mistake made PYUSD the most talked-about coin in cryptocurrencies for 24 hours straight. Blockchain analytics firm Santiment reported thousands of mentions every minute as social media reacted in disbelief.
what happened?
Blockchain security firm Quill Audits traced the cause of the incident to the token contract structure.
According to the brokerage, the PYUSD contract gave one Externally Owned Address (EOA) unlimited minting and firing rights without rate limits, amount caps, or multiparty approvals.
It further added that three transactions were executed in quick succession with a single key, minting 300 trillion PYUSD, which was then burned, and another 300 billion.
Considering this, Quill Audits concluded that:
“This suggests a bug in the backend system or a fatal human error, or both.”
Meanwhile, Sam Ramirez, chief engineer at Argentum, suggested that Paxos may have originally intended to transfer PYUSD 300 million between wallets, but accidentally burned it.
According to him, attempts to restore these tokens resulted in an overmintage of $300 trillion.
lesson?
Paxos’ mistake may have been harmless, but its impact is not. Currently, over $300 billion of stablecoins are in circulation around the world, with billions of dollars moving between Ethereum, Solana, and Tron every day.
At that scale, even a single automated error can cascade through decentralized lending protocols, liquidity pools, and payment rails. Notably, this error resulted in Aave, the largest DeFi protocol, freezing PYUSD transactions.
With this in mind, this glitch has reignited the debate about how stable collateral should work.
Unlike algorithmic stablecoins, asset-backed tokens such as PYUSD rely on off-chain reserves, such as U.S. government bonds or cash equivalents held by the issuer, to maintain their peg.
Critics argue that being able to mint new tokens without instant proof of collateral contradicts the entire model.
Chainlink’s Zach Ryan argued that this event could have been completely prevented with proof-of-reserve (PoR) checks built directly into the minting contract. he said:
“This prevents an ‘infinite mint attack’ where large amounts of unbacked tokens are minted, putting all markets that list and support the tokens at risk.”
Chainlink is an Oracle blockchain network that acts as a secure bridge between the blockchain and external real-world data.
Additionally, the case reveals why financial regulators have recently taken a greater interest in emerging sectors.
As Federal Reserve President Christopher Waller recently pointed out in a speech in September, digital payment systems must be “hardened against abuse, with redundancies and safeguards commensurate with the scale of global payments.”
Although he wasn’t specifically talking about Paxos, the message rings true. The infrastructure that currently supports billions of payments every day cannot rely on goodwill or responsiveness alone.
(Tag translation) Ethereum
