The New York Department of Financial Services (NYDFS) announced today that Paxos, the issuer of PayPal USD (PYUSD), mistakenly minted $300 trillion worth of unbacked stablecoins on October 15, 2025. The regulator stated that it is in communication with both Paxos and PayPal regarding the incident.
This occurrence, which temporarily increased PYUSD’s supply beyond the total of the global economy, has prompted renewed scrutiny of the operational and systemic risks associated with the stablecoin industry.
Sponsored
Sponsored
Paxos’ $300 Trillion Minting Error Exposes Major Risks in the Stablecoin Industry
Based on on-chain data, the incident started as a normal transfer of $300 million between Paxos-controlled wallets.
The Information reports that the NYDFS pointed out the issue, referencing a fat-finger incident that is more alarming than Citigroup’s error last year. Citigroup mistakenly credited a client with $81 trillion before canceling the transaction.
A former Salesforce engineer, Sam Ramirez, described how Paxos attempted to rectify their mistake. They tried to remint the 300 million they had burned back into the original wallet but mistakenly minted 300 trillion instead.
Within an hour, Paxos burned the excess supply, restored all balances, and confirmed no customer funds were impacted. The company also clarified that there was no external breach.
However, the vast scale of the minting error has revived concerns about the reliability of collateralization mechanisms and raised questions regarding manual oversight in stablecoin management.
Sponsored
Sponsored
Chainlink’s community liaison, Zach Rynes, explained how proof of reserve (PoR) could have prevented this entire debacle.
“…this is a clear example of a situation where Chainlink Proof of Reserve could have averted this entire PR disaster. Specifically, asset issuers can integrate Chainlink PoR into the minting function of their token contract as a validation measure,” Rynes noted.
Rynes indicated that this integration would have prevented the issuance of additional tokens unless Chainlink PoR had first confirmed that there were sufficient off-chain reserves to maintain 100% collateralization.
Ultimately, it would have averted infinite mint attacks, where numerous unbacked tokens are minted, jeopardizing all markets that list and support that token.
Rynes’ comments sparked industry discussion on whether real-time proof-of-reserves validation should be mandatory for all regulated stablecoins.
Sponsored
Sponsored
Questions of Collateral and Conduct Arise in the Face of Market and Regulatory Repercussions
Financial blog Zero Hedge promptly raised a question that many were contemplating. Others also emphasized the risk of potential intentional manipulation.
“…what precisely was this $300 trillion in ‘stablecoin’ collateralized by when it was minted, whether mistakenly or not,” the well-known account on X posed.
Such concerns highlight the hypothetical risk that operator access, if misused, could distort markets, even for short durations.
Sponsored
Sponsored
“Everyone noticed ‘300 trillion PYUSD minted’ and dismissed it as a software glitch. But timing and patterns are critical. This occurred just days after PayPal’s liquidity partnership (Spark, $1 B injection) and the public alignment of PYUSD with tokenized Treasuries… The ‘bug’ coincided with the refinery coming online. PayPal aims to adjust to $100 ASAP,” wrote 941.
This comment reflected a growing suspicion that the Paxos incident might be linked to liquidity transitions bridging traditional finance and tokenized Treasury assets.
Data analytics firm Santiment reported that the event “drew significant attention as it represents an enormous and unusual quantity of stablecoins being generated and subsequently burned.
The stablecoin market cap is nearing $310 billion. The Paxos overmint serves as an alarming reminder that even regulated issuers are susceptible to human error and insufficient process controls.
For regulators, this incident might expedite the push toward mandatory PoR integration, real-time issuance checks, and transparent audit standards.
If a single misplaced zero can create $300 trillion, the greatest risk to the stablecoin sector may no longer lie with hackers, but rather with its own operators.
