Every percentage point of yield on a stablecoin comes from somewhere. Identifying where it comes from is the same as identifying the risk. A 3.5% return from short-term US Treasury bills carries a fundamentally different risk profile from a 3.5% return funded by token emissions or opaque lending books. The number is not the story; the source is.
This article maps the risk categories that apply to every major form of stablecoin yield — DeFi lending, tokenized Treasury products, and centralized platforms — and flags what to watch for in each.
Risk category 1: smart-contract exploits
DeFi yield products — lending protocols, yield aggregators, liquidity pools — run on smart contracts. A smart contract is code deployed to a blockchain; it executes exactly as written, with no ability to pause or patch mid-execution. If the code has a bug, or if an attacker finds a path the developers did not anticipate, the funds in that contract can be drained in a single transaction.
Hackers stole over $2.47 billion from DeFi protocols in the first half of 2025 alone, already exceeding the total for all of 2024. A recent example: the Resolv protocol was exploited for roughly $25 million when a user deposited 100,000 USDC and received approximately 50 million USR tokens — 500 times the expected amount — because the contract lacked oracle checks and minting limits. The bug was not in the cryptography; it was in the business logic.
Mitigating factors exist but are not guarantees:
- Audits reduce bug density but cannot prove the absence of all bugs. An audited contract can still be exploited.
- Protocol age is meaningful — a contract that has held $1 billion for three years without incident has more empirical evidence of safety than a new contract. But past safety does not guarantee future safety; the attack surface evolves as DeFi composability grows.
- Immutability cuts both ways. Morpho Blue's core is immutable — the code cannot be updated. That means no team can patch it, but it also means no team can introduce a malicious update.
The risk scales with complexity. A simple lending pool with two assets and an established oracle carries less attack surface than a multi-strategy yield vault that integrates with five protocols. "More complex" and "higher yield" often go together for this reason.
Risk category 2: depeg
A stablecoin can trade below $1. The severity ranges from a brief technical dislocation to a total collapse.
Brief dislocation: USDC traded at $0.88 in March 2023 for roughly 48 hours after Circle disclosed that $3.3 billion of its reserves were held at Silicon Valley Bank, which regulators had just seized. The depeg was driven by panic selling, not reserve insolvency — Circle's reserves were recovered in full when the FDIC backstopped uninsured deposits. Holders who sold at the bottom lost 12%.
Structural collapse: TerraUSD (UST) was an algorithmic stablecoin that held its $1 peg through an arbitrage loop with its sister token LUNA. When confidence cracked in May 2022, the loop became a reflexive spiral. UST lost its peg entirely and has never recovered. Holders of the assets-under-management were largely wiped out. Approximately $40 billion in combined market cap was erased.
The risk profile is different depending on design:
- Fiat-backed, audited reserves (USDC, USDT): Depeg risk is low but not zero. Reserve quality, custodian risk, and issuer solvency are the key variables.
- Crypto-backed (DAI, LUSD): Overcollateralization provides a buffer, but if collateral crashes faster than liquidations can clear, undercollateralization is possible.
- Algorithmic (TerraUSD, et al.): The collapse mechanism is reflexive. Treat as high risk regardless of track record.
Yield-bearing tokens like USDY, USYC, and BUIDL have an additional depeg vector: if the secondary market for these tokens becomes illiquid during stress, they may trade below their net asset value before primary redemption is available.
Risk category 3: counterparty and custodian risk
Whether you are depositing into a DeFi protocol or a centralized platform, you have counterparty exposure. In DeFi, the counterparty is the protocol's smart contract and the governance structure that controls it. In centralized platforms, it is the company that holds your assets.
Centralized platform failure: FTX collapsed in November 2022, freezing approximately $8 billion in customer funds. Many of those customers held stablecoins they expected to be safe. The lesson is that holding stablecoins on an exchange or a centralized yield platform means holding a claim on that company, not a direct on-chain balance. If the company fails, recovery depends on bankruptcy proceedings.
Protocol governance attacks: DeFi protocols with token-governed upgrades are susceptible to governance exploits, where an attacker acquires enough governance tokens to pass a malicious proposal. Beanstalk Protocol lost $182 million to a governance attack in 2022. Protocols with timelocks and multi-sig requirements are more resistant.
Fund manager risk for tokenized products: BUIDL is managed by BlackRock and custodied by BNY Mellon — two of the largest financial institutions in the world. The counterparty risk here is substantially lower than for a small DeFi protocol. But it still exists: the token contract itself could have a bug, and the fund's legal structure in a stress scenario would depend on securities law and fund insolvency proceedings.
Risk category 4: regulatory and access risk
The regulatory environment for yield-bearing stablecoin products shifted significantly in 2025–2026.
The GENIUS Act, passed by the US Senate in 2025, defines a permitted payment stablecoin as one that does not pay interest or yield to holders. This draws a legal line between payment instruments and investment products. The practical effect: BUIDL, USDY, and similar products cannot be marketed as payment stablecoins in the US — they are securities or investment products, subject to securities law.
For US retail investors, this means primary access to most high-quality yield-bearing tokens is restricted. Accessing them through DeFi secondary markets may be possible but adds regulatory ambiguity.
For non-US investors, the regulatory picture varies by jurisdiction. USDY restricts primary issuance to non-US persons; BUIDL restricts to accredited investors globally. Regulatory shifts in any jurisdiction can restrict access to products already held — an exchange can freeze accounts under regulatory compulsion even when the blockchain itself keeps running.
Risk category 5: liquidity and rate risk
Liquidity risk: USDC can be moved in any direction on almost every exchange and DeFi protocol instantly. BUIDL cannot. In a stress scenario, the ability to exit a yield-bearing position at close to par value depends on secondary market depth, which is substantially thinner for tokenized fund shares than for major payment stablecoins. Primary redemption from BUIDL involves Securitize and has a process; it does not happen in a single on-chain transaction the way a USDC withdrawal from Aave does.
Rate risk: DeFi lending rates fluctuate with borrower demand. During low-utilization periods in 2026, Aave's USDC rate fell near 2% — below some high-yield savings accounts. Tokenized Treasury yields track the Federal Reserve's policy rate: if the Fed cuts rates, these yields fall with them. A yield strategy built around a specific rate assumption can become uneconomic within weeks if market conditions change.
A risk map by product type
| Product type | Smart-contract risk | Depeg risk | Counterparty risk | Regulatory risk | Liquidity risk |
|---|---|---|---|---|---|
| DeFi lending (Aave v3) | Moderate | Low (USDC/USDT) | Moderate (governance) | Low-moderate | Moderate |
| DeFi lending (newer protocols) | High | Low-moderate | High | Low-moderate | High |
| Tokenized T-bill fund (BUIDL) | Low | Very low | Very low | Moderate | High |
| Tokenized note (USDY) | Low-moderate | Low | Low | Moderate | Moderate |
| CeFi yield platform | Low (off-chain) | Low | High | Moderate | Moderate-high |
| Algorithmic yield products | High | High | High | Low-moderate | High |
What a yield premium signals
The US T-bill rate in mid-2026 is approximately 3.3–3.5%. Tokenized T-bill products pay close to that, minus a small fee. DeFi lending on established protocols pays 3–7% depending on utilization — the premium above the T-bill rate is compensation for smart-contract risk and rate variability.
Any product offering sustained yields above 8–10% on a stablecoin basis warrants explicit identification of the source. Common mechanisms:
- Token emission subsidies: The protocol issues its own governance token to subsidize high yields. When emissions stop or the token loses value, the yield collapses.
- Leverage amplification: The yield is generated by looping borrowed funds through multiple protocols. This amplifies returns in stable conditions and amplifies losses in stress.
- Opaque off-chain lending: Some CeFi platforms use customer deposits for private credit or proprietary trading. The yield is real until the counterparty fails.
The higher the yield above the risk-free rate, the more explicit the risk source should be. If it cannot be identified clearly, that is itself informative.
For the mechanics of DeFi lending — how liquidations and interest rates work — see DeFi lending explained. For the specific access and structure of the leading tokenized Treasury products, see Tokenized money market funds: BUIDL, USYC, and what they mean for you.