Is Mountain Protocol Safe?

|RWA
C-

Risk Grade: C- (54/100)

Mountain Protocol is rated as elevated risk — multiple novel mechanisms and notable interaction risks.

D+ (historical rating): strong compliance masked critical single-entity and centralized-oracle dependency risks that ultimately materialized

Mountain Protocol issued USDM, a yield-bearing stablecoin backed 1:1 by short-term US Treasury bills, operating from September 2023 until August 2025 when it was acquired by Anchorage Digital and wound down. USDM was the first regulated permissionless yield-bearing stablecoin: holders automatically accrued T-Bill yield (~5% APY at peak) via daily rebasing without needing to stake or lock tokens. The protocol was regulated by the Bermuda Monetary Authority (Class M license), required KYC only for primary users (minting/redemption), and held reserves in bankruptcy-remote segregated accounts with monthly third-party attestations. At its peak in early 2024, USDM reached ~$155M in circulating supply and was integrated into Curve, Morpho, and Balancer as yield-bearing collateral. Despite strong regulatory compliance and a clean security record (zero exploits, two OpenZeppelin audits), USDM's fundamental risk was complete dependence on Mountain Protocol as a single regulated entity — a risk that materialized when Anchorage Digital's acquisition triggered the orderly wind-down. The protocol is no longer active.

TVL

Mechanisms

5

Interactions

4

Value Grade

B

Key Risks for Mountain Protocol Users

1.

Protocol is fully wound down — USDM is no longer operational as of August 2025; this rating reflects historical risk profile for research and backtest purposes

2.

Single regulated entity dependency: Mountain Protocol's corporate existence WAS the stablecoin — acquisition or regulatory action directly terminated the protocol

3.

Manual centralized oracle controlled all user balances via daily reward multiplier updates — a compromised ORACLE_ROLE key could have drained all holdings

4.

Regulation S restriction meant U.S. persons could only access USDM via secondary markets with no primary redemption rights

Top Risk Factors

  • Protocol fully wound down (Aug 2025) following Anchorage Digital acquisition — USDM no longer operational, all holdings required to redeem via secondary markets
  • Single regulated entity dependency: Mountain Protocol IS the stablecoin — BMA license revocation or entity insolvency would collapse the peg with no on-chain fallback
  • Centralized manual oracle (ORACLE_ROLE) controlled daily reward multiplier — single address could manipulate all USDM balances globally if compromised

Risk Score Breakdown

Mountain Protocol's highest risk area is Interaction Severity (20/20). Here's how each dimension contributes to the overall 54/100 score:

Mechanism Novelty3/15
Interaction Severity20/20
Oracle Surface7/10
Documentation Gaps2/10
Track Record3/15
Scale Exposure0/10
Regulatory Risk9/10
Vitality Risk10/10

Read the Full Mountain Protocol Risk Report

This protocol has 2 collapse scenarios. 2 critical and 2 high-severity interaction risks identified. See the full mechanism classification, interaction matrix, and deep-dive recommendations.

View Full Report →

Considering an investment?

Read our Investment Analysis →Compare RWA Alternatives →

Related RWA Safety Analyses

Is Goldfinch Safe?C-Is GoldFinger Safe?C-Is Nest Credit Safe?C-Is Vesta Equity Safe?C-Is cSigma Finance Safe?C

Related RWA Investment Analyses

Is Goldfinch a Good Investment?D+Is GoldFinger a Good Investment?DIs Nest Credit a Good Investment?C+Is Vesta Equity a Good Investment?D+Is cSigma Finance a Good Investment?D+

Ratings use Hindenrank's eight-dimension risk rubric. Lower score = lower risk. Grades range from A (safest) to F (riskiest). This is not financial advice.