“Is X safe?” is the most researched question for every DeFi protocol. The honest answer is rarely yes or no. Different protocols carry different risks, and the right question is what risks are addressed by each protocol.
Ayni Gold It is a DeFi protocol that turns gold mining production into on-chain revenue, with stakeholders receiving PAXG rewards every three months from mining production in the Minerales San Hilario concession in Peru.
The model touches both DeFi smart contracts and real-world mining operations, meaning the verification problem is broader than that of vault-backed gold tokens or pure on-chain protocols.
Verifying a mining privilege is different from verifying a vault
PAXG and XAUT verify static gold. Reserves do not change much, and periodic certificates confirm the contents of the vault. The verification problem concerns checking whether a number matches.
Ayni Gold verifies dynamic mining production. Smart contracts manage staking and rewards. The nursery handles the distributions. A mining concession produces gold over time, with operational variables affecting production.
Each part of the chain needs its own verification because each part can fail independently. This structural difference shapes everything that follows.
Inside the audit results of Ayni Gold smart contracts
Ayni Gold’s smart contracts have been audited by two of the most established companies in the industry, and the results have been made public.
|
auditor
|
date
|
a result
|
|
certec
|
October 2025
|
Security score of 70.81 (top 25% of projects audited, vs. industry average of 65)
|
|
Peak Shield
|
October 2025
|
The logic and protocol audit found no critical security vulnerabilities
|
Two independent audits are important because different methodologies detect different categories of errors. certec and Peak Shield They have reviewed overlapping sets of major DeFi protocols over the past several years, and their methodologies are complementary and not redundant.
Audited contracts handle the automated flow of the protocol. Staking is managed through a smart contract. Quarterly PAXG distributions are automatically executed based on the published bonus formula. The 15% burn fee runs according to a schedule specified in the code.
None of this relies on manual intervention, which removes a class of risks associated with human error or operator manipulation.
Audits certify that there are no known vulnerabilities that match the auditor’s test suite on the audit date. They do not guarantee that contracts are free from exploitation against future technologies. This applies to every protocol that is audited.
How Ayni Gold handles custody without holding user tokens
The most common mistake in assessing the safety of DeFi is assuming that custody works the same way across all protocols. Ayni runs a non-custodial architecture, meaning that user tokens live on the blockchain rather than within Ayni’s central database.
Ayni’s CTO publicly stated in a YouTube video The protocol does not have an administrative function to access, transfer or withdraw user tokens.
The technical setup supports this claim. The user’s tokens remain in the user’s wallets, while the protocol’s smart contracts handle staking and reward distribution.
The guard is divided into three layers:
-
In-App Smart Wallet (TurnKey): For users who create wallets through the Ayni app, the TurnKey infrastructure handles secure key management. Transactions can only be signed and approved by the user via one-time email confirmation (OTP).
-
External wallets: Users can connect to MetaMask, Trust Wallet, or other self-custody options. In this setup, users manage their seed phrases entirely outside of the Ayni ecosystem. Ayni recommends enabling two-factor authentication for added security.
-
Bonus Custody (PAXG via Paxos): PAXG itself is a vault-backed token Issued by Paxos Trust Company, a NYDFS-regulated entity. PAXG’s physical gold backing is held in LBMA-certified vaults in London, is bankrupt-free, and undergoes regular independent audits to verify the serial numbers of the physical bullion.
The compact design means that Ayni Gold is not a custodial intermediary at any point in the user flow.
From Peruvian mining license to on-chain production data
The mining side of the protocol involves more layered verification, because physical mining at a real site introduces variables that cannot be covered by on-chain verification alone.
Legal and regulatory support
The mining operation is run by a company registered in Peru, and is not an informal arrangement. Minerales SH San Hilario SCRL owns a mining concession with an area of 8 square kilometers (No. 070011405) is registered with INGEMMET, the Geological and Mining Authority of Peru.
Token issuance and smart contract management are handled by a separate legal entity, AYNI TOKEN INC., registered as an international business corporation under the virtual assets laws of the British Virgin Islands.
This judicial separation is intentional. It isolates physical mining obligations (Peruvian jurisdiction) from token issuance and smart contract management (BVI jurisdiction).
Geological verification and production
Kangari Consulting, an independent geological assessment company, conducted a Scoping Study 2025 In franchise.
The study estimated the conceptual exploration target at 9 to 10.7 tons of gold. Scoping studies estimate recoverable potential, not certified production, but establish the geological baseline for the operation.
Ayni Gold deploys additional verifications in addition to licensing and geological work. GPS coordinates, images with timestamps and video updates from the mining site are provided openly.
Mining rates, operational costs, and net gold value are published on-chain along with other metrics of the protocol. Future plans include adding third-party production audits to verify on-chain production data on an ongoing basis.
Other safety mechanisms worth knowing about
Beyond the three basic layers of verification, many structural safeguards reduce risk in ways that do not fit neatly into “audits” or “custody processes.”
-
150% safety buffer on gold price: Mining operations break even at approximately US$1,842 per ounce, with operating costs of approximately US$5.92 per cubic meter of extraction. with Gold trades above $4,600the project holds a reserve capacity of over 150%, meaning that the economics of mining remain profitable even during sharp declines in prices.
-
Operational redundancy: Critical equipment is duplicated on site to eliminate single points of failure. Strategic gold reserves ensure that scheduled maintenance or unexpected downtime does not interrupt stakeholder payments.
-
Capital Deployment Discipline: The capital generated is deployed exclusively in productive activities such as capacity expansion or secondary market stabilization. The protocol does not explicitly engage in treasury speculation or unsecured lending. Token supply It was pegged at 806,451,613 AYNI with no post-launch mintage.
-
Environmental, Social and Governance (ESG) Framework: Extraction uses chemical-free alluvial methods based on gravity and water flow, without the need for chemicals or blasting. Water runoff is managed effectively and mined areas are restored over time. Environmental, social and governance (ESG) commitments are tracked via the smart contract.
-
KYC Verification: Ayni app requires KYC verification at user level. Know Your Customer (KYC) status is visible in the user’s dashboard, providing a baseline against bad actors entering the platform.
What these checks don’t cover
Honest framing is more important in safety articles than in marketing copy. There are still many risks that no verification package can completely remove:
-
Exploiting Future Smart Contracts: Audits confirm that there are no known security vulnerabilities at the audit date. New attack techniques could emerge.
-
Operational interruptions: Equipment redundancy reduces, but does not eliminate, the chance of mining downtime.
-
Gold Price Risk: PAXG Dividends Track Gold. If gold prices fall, the value of the reward declines with it, although the economics of the project remain stable thanks to the 150% reserve.
-
Counterparty Risk to Paxos: PAXG itself is dependent on Paxos Trust Company maintaining its oversight structure and regulatory standing.
-
Regulatory Risk: Changes to the Peruvian Mining Law, the British Virgin Islands Virtual Assets Law, or international RWA regulations could impact the protocol.
These limits apply to any DeFi protocol that touches real-world activity. These are not weaknesses specific to Eni, but understanding them is essential for any allocation decision.
How to use this information
For investors evaluating Ayni Gold or any production-related DeFi protocol, the key questions are:
-
Are smart contracts audited by independent firms with strong performance records?
-
Where does the primary revenue source come from, and is it verified by independent third parties?
-
Who takes charge of generating revenue and distributing it to owners?
-
What organizational layer covers the core activity in the real world?
Ayni Gold answers each of these questions with verified third-party verification. This is not a guarantee of safety. It is a structural basis for risk assessment, with documentation available for the public to review.
Bottom line
The validation package behind Ayni Gold defines the structural basis for evaluating the gold-backed DeFi return in production-linked protocols. None of these layers eliminates risk. Together, they create a documented baseline that allows investors to honestly evaluate the risks against the potential of a position.
Instructions
Is Ayni Gold audited?
Yes. CertiK and PeckShield audited smart contracts in October 2025. CertiK’s audit gave it a security score of 70.81, placing Ayni in the top 25% of projects audited (above the industry average of 65). A logic and protocol review conducted by PeckShield found no critical security vulnerabilities.
Where are PAXG rewards stored?
PAXG is a vault-backed token issued by Paxos Trust Company, a NYDFS-regulated entity. The physical backing of PAXG gold is housed in LBMA approved vaults in London, with regular independent audits of the bar serial numbers. Ayni Gold distributes PAXG to shareholders but does not hold it. Gold Backing is owned by Paxos and its custodian partners.
Is a mining concession legitimate?
Yes. The concession is operated by Minerales SH San Hilario SCRL (Peruvian tax ID 20606465255), with an 8 km² mining concession registered number 070011405 with INGEMMET, the official geological and mining body of Peru. A 2025 scoping study by Kangari Consulting estimated there was between 9 and 10.7 tonnes of recoverable gold at the site.
What happens if gold prices collapse?
Ayni’s mining operations yield approximately $1,842 per ounce of gold. With gold currently trading above $4,600, the project carries an operational safety reserve of over 150%. Even during sharp declines in prices, the economics of mining remain profitable. PAXG distributions track the price of gold, so the reward value decreases with gold, but the protocol itself remains operationally stable.
Can Ayni Gold access user codes?
No, Ayni Gold operates a non-custodial structure. User tokens reside on the blockchain, not in Ayni’s central database. Smart wallets created through the app use TurnKey infrastructure with OTP signing via email, and third-party wallets like MetaMask and Trust Wallet keep users in complete control over their initial statements.
Disclaimer: This article is provided for informational purposes only. It is not provided or intended to be used as legal, tax, investment, financial or other advice.
