The Gemini cryptocurrency exchange, founded by the Winklevoss twins, announced on Monday that the company has launched a stablecoin built on the ERC-20 standard.
Named “Gemini Dollar” (GUSD) the coin’s value will be “strictly pegged 1:1 to the U.S. dollar”, according to the whitepaper. Of course, many stablecoins exist that are pegged to USD, such as Tether (USDT) and Dai (DAI), though some pegs are reserve-based and other are algorithmic.
The technical specifications for Gemini coin are a large factor for improving trust, and below we will take a deep dive into the token’s whitepaper.
Issuing and Redeeming GUSD
Gemini tokens and the amount in circulation can be viewed by the public on the Ethereum blockchain. An independent accounting firm will be retained to perform regular, full audits of the Gemini Trust Company to ensure that the tokens have the dollars to back them.
The blockchain will verify the overall supply of coins, while a third-party auditing firm will verify dollar amounts in accordance with auditing laws.
Gemini dollars are created on the blockchain whenever customers withdraw tokenized dollars from the Gemini exchange. They are destroyed or “redeemed” whenever users deposit them in their Gemini accounts.
Withdrawals can be sent to and stored on any Ethereum address as part of the ERC-20 protocol. The Gemini token retains all features in the ERC-20 protocol, namely smart contracts.
Smart Contracts as Governance, Logic, and Ledger
Stablecoins often feature heavy trading volume against bitcoin on exchanges that do not list physical USD.
As the whitepaper states, Gemini wants to retain strict control over the token so that they can perform any upgrades. Gemini wants to:
- Resolve vulnerabilities;
- Extend the system with new features;
- Improve the system and optimize its operational efficiency; and
- Pause, block, or reverse token transfers in response to a security incident (i.e., catastrophic event) or if legally obligated or compelled to do so by a court of law or other governmental body.
They do this by laying smart contracts that perform different functions. The “Proxy” layer controls the rights for creating and transferring coins. As an assumption, this Proxy layer allows an easier mechanism to halt coin trading and issuance if there is a security incident. The Proxy acts as a governing layer for who and what can take place on the blockchain and execute the smart contract logic contain in the Impl layer.
The middle layer, called “Impl” (most likely an abbreviation for “implementation” ), contains the data and logic for smart contracts, whether that’s creating new tokens or transferring them under certain conditions. The Impl layer has smart contract features similar to most ERC-20 tokens. However, the idea is that the smart contract features only work assuming the Proxy has allowed the right to execute them.
The final smart contract layer is the actual ledger, called the “Store.” This layer maps token owners to their balances and serves as “the external and eternal Gemini dollar ledger.” This is where the public can view the ledger for Gemini coin transactions.
As a developer, the way I picture the smart contract layers is much like a web stack. The Proxy is the local server that allows files to execute. If the webmaster doesn’t want a file to execute anymore, they would remove it from the server. The files, or the “Impl” layer, need to store data in a database so it can be retrieved later at any time. The database is the “Store” of the essential information that is generated by the file’s logic.
Though this is a very simplified example, the three-tiered approach highlights the separate functions that each smart contract layer has. They are built in a way to allow easy of central control, but also to allow the flexibility smart contract developers need with ERC-20 tokens.
Custodianship: Offline Keysets as Final Approval
Gemini will require smart contract developers to get approval from a custodian or a keyset. For the developer, these can be either online or offline. However, the custodian will look to another custodian and so on, creating a chain until one reaches an offline keyset. At this point, the whitepaper states, “If a smart contract’s custodianship terminates to an offline keyset, an offline approval mechanism for its actions has been created.”
The idea is that the chain of custodians must terminate to a centralized offline keyset in order to approve the developer’s smart contract.
If Gemini ever needs to upgrade the smart contract Impl layer, a system is in place to pause the network and swap the old Impl layer with the new one, while bringing old smart contracts to the new Impl layer.
Both the Proxy and Store layer will treat the new Impl smart contract layer as authoritative and disregard the old one. Additionally, currently active tokens will be carried over to the new Impl.
Strict Limit on How Many GUSD Coins Can be Printed
Printing new tokens is a sticky subject in the history of stablecoins because each new token should have exactly one dollar to back it in reserve. The Gemini coin will use a hybrid online and offline custodian mechanism to ensure that the amount of tokens never exceed the underlying USD balance.
A method built into the Imply layer, called “PrintLimiter”, takes care of this for GUSD. PrintLimit, as the name implies, sets a hard limit on how many tokens the Impl layer can create. The limit has a check-and-balance procedure in place whenever token supply must change. A limit increase has to first get approval from an offline keyset (i.e. custodian). A decrease requires approval from an online custodial key.
Coins cannot be printed at whim. A limit will always be in place, and any changes to it must be approved by the chain of custodians, both online and offline.
It seems clear that the Gemini exchange put thought into the implementation of their stablecoin. The separation of custodianship, issuance, and developer logic is a unique take for a semi-centralized token.