stablecoin
Global Dollar USDG
Global Dollar (USDG) is a MAS-regulated USD-pegged stablecoin issued by Paxos Digital Singapore Pte. Ltd., deployed as a standard ERC-20/SPL token on Ethereum, Solana, Ink, and X Layer, with a LayerZero OFT-bridged variant (USDG0) extending to additional chains. As of the evaluation date, USDG has approximately $2.6B in total supply across all chains. QRI Evaluation Result: Score 0/100 — Stage 0 (Unassessed / No Evidence). USDG has no quantum readiness whatsoever. There is no public cryptographic inventory, no quantum threat model, no PQC or hybrid-signature support, no quantum migration roadmap, and no quantum-specific incident-response planning. Every critical cryptographic surface — user spend authorization (inherited from host-chain ECDSA/Ed25519), admin key operations (mint/burn/pause/freeze/upgrade via ECDSA multisigs and an EOA), and the LayerZero OFT bridge (classical DVN/relayer signatures) — remains entirely classical and quantum-vulnerable. The token inherits the quantum risk profile of its host chains (Ethereum, Solana, Ink, X Layer) under the Token Inheritance rule (Section 7.2). Token-specific quantum-critical vulnerabilities include: (1) the DEFAULT_ADMIN 7-owner multisig and operational 3-of-7 multisig, both of which have executed on-chain transactions exposing their public keys to long-exposure quantum attack; (2) the SupplyControl admin EOA (0x3Af3...) which can add supply controllers with $500M–$1B mint capacities and has an exposed public key; and (3) the LayerZero OFT bridge whose DVN signer set relies entirely on classical cryptography. Existing audits (Zellic, Trail of Bits, Halborn) cover classical smart-contract security only. No quantum-scoped audit exists. A $1M bug bounty program was launched on Cantina in March 2026. Confidence in the evaluation is High because the complete absence of quantum protection is verifiable from multiple primary sources (source code, documentation, mainnet deployment, explorer data, independent risk assessments).
Not AssessedNo Quantum ProtectionToken InheritanceBridge DependentCentralized IssuerStablecoin
Category breakdown
QRI Factors
Algorithm & Implementation Assurance
0 / 20
Migration Mechanism, Governance & Ecosystem Coordination
0 / 15
Migration Status & Value-at-Risk
0 / 25
Production Cryptographic Protection
0 / 35
Security Assessment & Evidence Preparedness
0 / 5
Critical Quantum Blockers
- No public cryptographic inventory or quantum threat model exists for USDG (Readiness & Risk Cap: 10).
- All spend authorization is classical ECDSA/Ed25519 only, inherited from host chains (Ethereum, Solana, Ink, X Layer). No PQC or hybrid path exists for any user transaction.
- Paxos admin keys (DEFAULT_ADMIN 7-owner multisig, operational 3-of-7 multisig, SupplyControl EOA) use classical ECDSA with on-chain public-key exposure. Compromise would enable unbacked minting, burning, pausing, freezing, contract upgrades, and role changes.
- LayerZero OFT bridge (USDG0) relies on classical cryptography for DVN signer sets and relayer authentication. A quantum compromise could enable unbacked minting of bridged USDG0 or draining of locked USDG across chains.
- No quantum migration roadmap, no PQC testnet, no hybrid-signature support, and no incident-response plan for quantum cryptographic break exists.
Key Risks
- QUANTUM-CRITICAL: All user spend authorization is classical ECDSA/Ed25519 via host chains. A quantum attacker can derive private keys from exposed public keys and steal any USDG held in addresses that have sent transactions (long-exposure attack window).
- QUANTUM-CRITICAL: The DEFAULT_ADMIN 7-owner multisig (0x137Dcd97872dE27a4d3bf36A4643c5e18FA40713) has executed 43+ on-chain transactions. Its constituent signer public keys are exposed. Quantum compromise would grant full control over contract upgrades, role management, and facet changes.
- QUANTUM-CRITICAL: The operational 3-of-7 multisig (0x0644Bd0248d5F89e4F6E845a91D15c23591e5D33) controls PAUSE_ROLE, ASSET_PROTECTION_ROLE, and SUPPLY_CONTROLLER_MANAGER_ROLE. Its signer public keys are exposed. Quantum compromise would enable pausing all transfers, freezing/wiping any address, and managing supply controllers.
- QUANTUM-CRITICAL: The SupplyControl admin is a single EOA (0x3Af3e85f4f97De7AD0f000B724Fb77fE5ffc024B) with DEFAULT_ADMIN_ROLE and SUPPLY_CONTROLLER_MANAGER_ROLE on the SupplyControl contract. Its public key is exposed on-chain. Quantum compromise would allow an attacker to add malicious supply controllers and mint unbacked USDG at scale (current controller capacities: $500M and $1B).
- QUANTUM-CRITICAL: The LayerZero OFT bridge (USDG0) depends on classical-cryptography DVN signer sets and relayer authentication. A quantum attacker who compromises the DVN verification layer could forge cross-chain messages to mint unbacked USDG0 on destination chains or drain locked USDG from the bridge.
- No quantum risk assessment, cryptographic inventory, or threat model has been published. Paxos has not publicly acknowledged quantum risk for USDG.
- No PQC migration roadmap, testnet, prototype, or research proposal exists. The project has taken zero steps toward quantum readiness.
- The EIP-2612 (permit) and EIP-3009 (transferWithAuthorization) functions use EIP-712 ECDSA signatures for gasless delegation. These signatures are quantum-vulnerable and could be forged by a quantum attacker to authorize transfers from any address whose ECDSA public key is known.
Assurance Notes
- Six independent smart-contract audits exist (Zellic ×3, Trail of Bits, Halborn ×2) covering classical implementation correctness, ERC-20 logic, cross-chain integration, rewards system, and EIP-712 signature validation. None covers quantum-critical scope, PQC algorithms, or quantum threat modeling. These audits provide assurance for classical security only.
- Paxos uses multisig contracts (7-owner quorum-based for DEFAULT_ADMIN, 3-of-7 for operational roles) and proprietary offline HSM/MPC infrastructure for admin key custody. This provides classical operational security but does not change the quantum-vulnerable ECDSA foundation.
- USDG is MAS-regulated (Monetary Authority of Singapore) and claims MiCA compliance. Regulatory oversight provides off-chain accountability but does not alter the on-chain quantum-cryptographic risk profile.
- Paxos launched a $1M bug bounty program on Cantina (March 2026) covering USDG, PYUSD, PAXG smart contracts and Web2 infrastructure. This improves classical security posture but does not address quantum vulnerabilities.
- The SupplyControl admin is a single EOA (0x3Af3e85f4f97De7AD0f000B724Fb77fE5ffc024B) with power to add supply controllers. Its public key is exposed on-chain through executed transactions, creating a long-exposure quantum-vulnerable surface.
- USDG contract is upgradeable via UUPS proxy with a 3-hour TimelockController. A quantum attacker who compromises the DEFAULT_ADMIN multisig could upgrade the contract or change facets.
Non-Scoring Caveats
- Existing audits (Zellic, Trail of Bits, Halborn) are scope-mismatched for quantum evaluation. They verify classical implementation correctness but do not review PQC algorithms, hybrid constructions, or quantum threat models. This is recorded as an assurance-only caveat per Section 7.4 (Note-Only Caveat Rule).
- Paxos's offline HSM/MPC infrastructure for admin key custody provides classical operational security but does not protect against a cryptographically-capable quantum adversary that can derive ECDSA private keys from exposed on-chain public keys.
- The 3-hour TimelockController delay for contract upgrades would provide limited reaction time in a quantum emergency. This is an operational caveat, not score-reducing.
- USDG reserve assets are held entirely off-chain with monthly attestations (KPMG). No on-chain Proof of Reserves exists. This is outside QRI scope but relevant for overall risk assessment.
- No formal performance benchmarks or resource-impact analysis for PQC migration exist, but this is moot given the absence of any PQC implementation.
- The SupplyControl admin EOA and the operational 3-of-7 multisig both have publicly visible on-chain transaction history. Their ECDSA public keys are therefore in the long-exposure (at-rest) attack window per Section 7.3.
- CVE-2026-9999 in LayerZero OFT v2.4.1 and earlier (disclosed April 2026) demonstrates payload-integrity vulnerabilities that could be exploited by a quantum-capable adversary with compromised relayer keys. This is a classical vulnerability that quantum advances would exacerbate.
Evidence record
Claims and Caveats
Security Assessment & Evidence Preparedness
Public cryptographic inventory and quantum threat model (weight 3)
Claim: No public cryptographic inventory of quantum-vulnerable mechanisms or quantum threat model exists for USDG.
Coverage basis: Absence verified across all primary sources (GitHub repo, whitepaper, Paxos docs, globaldollar.com, Etherscan).
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Quantum blocker: No public cryptographic inventory exists (Readiness & Risk Cap: 10)
Assurance: Evidence of absence is strong: all primary documentation, source code, and the whitepaper were reviewed. No quantum-related content was found.
USDG has not published a cryptographic inventory, quantum threat model, or any acknowledgment of quantum risk. This triggers the 'No public cryptographic inventory' Readiness & Risk Cap.
Security Assessment & Evidence Preparedness
Public evidence record supporting the assessment (weight 2)
Claim: No quantum-specific evidence record exists because no quantum assessment has been performed.
Coverage basis: No quantum assessment → no evidence record to evaluate.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: The absence of a quantum evidence record is directly verifiable from the absence of any quantum assessment.
USDG has strong classical evidence (verified source code, multiple audits, mainnet deployment), but none addresses quantum readiness.
Production Cryptographic Protection
Spend authorization / transaction signatures are PQC or hybrid-PQC on mainnet (weight 9)
Claim: All USDG spend authorization uses classical ECDSA (Ethereum/Ink/X Layer) or Ed25519 (Solana) inherited from host chains. No PQC or hybrid signatures exist.
Coverage basis: USDG is a standard ERC-20/SPL token. All transfer(), transferFrom(), approve(), and EIP-2612/EIP-3009 functions execute within the host chain's ECDSA/Ed25519 transaction authentication context.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: All spend authorization is classical ECDSA/Ed25519 only. No PQC or hybrid path exists.
Assurance: Verified from on-chain contract code and bytecode. The ERC-20 interface has no custom cryptographic functions; all authorization is at the host-chain transaction level. EIP-2612 permit and EIP-3009 transferWithAuthorization use EIP-712 ECDSA signatures (v, r, s parameters), which are quantum-vulnerable.
Token Inheritance rule (Section 7.2) applies: USDG inherits host-chain quantum risk. The token itself adds no custom cryptographic layer.
Production Cryptographic Protection
Account, address, public-key exposure, and key-derivation design prevents long-exposure quantum-vulnerable ownership paths or supports PQ/hybrid controls (weight 7)
Claim: All USDG user addresses use classical Ethereum (keccak256-of-ECDSA-public-key) or Solana (Ed25519) address derivation. No PQ address formats or key-derivation controls exist.
Coverage basis: Standard Ethereum EOAs and Solana accounts. USDG is held in standard addresses with no custom address scheme.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: All addresses use classical derivation. Any address that has sent a transaction has an exposed public key in the long-exposure attack window.
Assurance: Standard Ethereum/Solana address schemes. All transacted addresses have exposed ECDSA/Ed25519 public keys vulnerable to Shor's algorithm.
This is inherited from host chains. USDG adds no custom address layer.
Production Cryptographic Protection
Consensus-critical authentication is PQC or hybrid-PQC where applicable (weight 6)
Claim: USDG is a token. It has no consensus mechanism, validator set, block production, or finality signatures of its own.
Coverage basis: N/A by architecture.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Architectural N/A. Token has no consensus layer.
Production Cryptographic Protection
State-integrity and data-availability mechanisms are quantum-safe where applicable (weight 6)
Claim: USDG supply integrity depends on admin-controlled mint/burn functions secured by classical ECDSA multisigs and an EOA. No quantum-safe supply-binding mechanism exists.
Coverage basis: The SupplyControl contract governs minting and burning. SupplyControllers are authorized by the SUPPLY_CONTROLLER_MANAGER_ROLE (3-of-7 ECDSA multisig) and the SupplyControl admin EOA.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Supply integrity (mint/burn) controlled by classical ECDSA multisig and EOA. Quantum compromise enables unbacked minting.
Assurance: Verified from on-chain contract code and the Yearn risk assessment (March 2026). The SupplyControl admin EOA (0x3Af3...) has executed transactions, exposing its public key. SupplyControllers SC1 and SC2 have mint capacities of $500M and $1B respectively.
This is the most token-specific quantum vulnerability. Unlike user spend authorization (inherited from host chains), supply integrity is controlled by Paxos's own admin keys.
Production Cryptographic Protection
Privacy and proof layers are quantum-safe where applicable (weight 3)
Claim: USDG has no privacy layer, shielded transactions, ZK proofs, note encryption, viewing keys, or stealth addresses.
Coverage basis: N/A by architecture.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Architectural N/A. Standard transparent token with no privacy features.
Production Cryptographic Protection
P2P transport, node identity, and peer authentication are PQC, hybrid-PQC, or satisfied by design (weight 2)
Claim: USDG is a token. It has no independent P2P network, node identity, or peer authentication layer.
Coverage basis: N/A by architecture.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Architectural N/A.
Production Cryptographic Protection
Critical wallet, custody, HSM, signer, and hardware-wallet workflows support the production PQ/hybrid path or are protected by native satisfied-by-design controls (weight 2)
Claim: Paxos admin keys use classical ECDSA multisigs and an EOA. While Paxos employs offline HSM/MPC infrastructure for operational security, all on-chain authorization signatures remain ECDSA-based with exposed public keys.
Coverage basis: DEFAULT_ADMIN: 7-owner quorum-based SimpleMultiSig. Operational roles: 3-of-7 SimpleMultiSig. SupplyControl admin: single EOA. All use standard Ethereum ECDSA.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Admin key workflow is entirely classical ECDSA. No PQ/HSM path exists. All admin addresses have exposed on-chain public keys.
Assurance: Paxos's offline HSM/MPC infrastructure provides classical operational security (multi-person approval, physical co-location requirements) but does not protect against a cryptographically-capable quantum adversary that can derive ECDSA private keys from exposed on-chain public keys.
All admin addresses (0x137D..., 0x0644..., 0x3Af3...) have on-chain transaction history with exposed public keys in the long-exposure attack window.
Migration Status & Value-at-Risk
Percentage of economically relevant value-at-risk protected from quantum key-recovery attacks (weight 20)
Claim: 0% of USDG value-at-risk is quantum-protected. All ~$2.6B in circulating supply across all chains is held in classical-ECDSA/Ed25519 addresses with no PQC migration path.
Coverage basis: No PQC protection exists for any USDG holder, admin key, or bridge path. Coverage: 0%.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: 0% value-at-risk coverage. All ~$2.6B is quantum-vulnerable with no migration path. Material long-exposure quantum-vulnerable value exists (Readiness & Risk Cap: 55).
Assurance: Total supply figure of ~$2.6B from CoinMarketCap (June 2026), growing from ~$1.67B (March 2026 per Yearn assessment). All value is held in standard classical addresses.
Coverage thresholds (Section 9.3.1): <25% = Score 1. However, 0% genuine coverage with no migration path warrants Implementation Score 0.00.
Migration Status & Value-at-Risk
Critical wallets migrated, protected, or inherently PQ-native (weight 3)
Claim: No critical wallets (treasuries, exchanges, custodians, bridges, Paxos admin keys) are quantum-protected. All use classical ECDSA/Ed25519.
Coverage basis: Paxos admin multisigs and EOA, LayerZero OFT bridge contracts, and all user-facing custody paths are classical-only.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No critical wallets are quantum-protected. Admin keys and bridge signers remain ECDSA-only.
Assurance: The Paxos admin multisigs, SupplyControl EOA, and LayerZero DVN signer set all rely on classical ECDSA.
Critical wallets include: (1) DEFAULT_ADMIN 7-owner multisig, (2) operational 3-of-7 multisig, (3) SupplyControl admin EOA, (4) LayerZero bridge DVN/relayer signers, (5) any exchange or custodian holding USDG.
Migration Status & Value-at-Risk
Legacy vulnerable pools/accounts/UTXOs/contracts identified, measurable, deprecated, migrated, frozen, or proven not to exist by design (weight 2)
Claim: No identification, measurement, deprecation, or migration of quantum-vulnerable accounts has been performed. All USDG accounts are quantum-vulnerable by default.
Coverage basis: No legacy identification or migration program exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: No evidence of any program to identify or address quantum-vulnerable accounts.
USDG has no 'legacy' vs 'current' distinction — all accounts are equally quantum-vulnerable.
Migration Mechanism, Governance & Ecosystem Coordination
Public migration or protection roadmap with sequencing, activation criteria, and dependencies (weight 3)
Claim: No quantum migration roadmap, protection roadmap, or sequencing plan exists for USDG.
Coverage basis: Absence verified across all primary sources.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: The absence of any roadmap is verified from all primary sources.
Paxos has not published any quantum migration plan.
Migration Mechanism, Governance & Ecosystem Coordination
Migration accessibility and defaults (weight 5)
Claim: No PQ/hybrid account creation, wallet tooling, transaction paths, custody paths, warnings, education, or migration prompts exist.
Coverage basis: No PQ infrastructure of any kind.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: Complete absence of any PQ migration tooling or user-facing features.
As a standard ERC-20/SPL token, USDG's migration accessibility is coupled to host-chain PQ support.
Migration Mechanism, Governance & Ecosystem Coordination
Migration enforcement and coordination (weight 4)
Claim: No enforcement mechanisms (deprecation, freeze, disabled legacy signing, restricted withdrawals, unsafe-path blocking, mandatory migration deadlines) exist for quantum migration.
Coverage basis: No enforcement infrastructure exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: No quantum migration enforcement mechanisms. The existing pause/freeze/wipe capabilities (controlled by ECDSA multisig) could theoretically be used in a quantum emergency, but the authorization path is itself quantum-vulnerable.
Paxos has freeze/wipe and pause capabilities that could theoretically be used to halt transfers during a quantum emergency, but the authorization to invoke them relies on the same ECDSA keys that would be threatened.
Migration Mechanism, Governance & Ecosystem Coordination
Emergency disclosure, incident-response, or governance process for quantum-related vulnerabilities (weight 3)
Claim: No quantum-specific incident-response process, disclosure procedure, or governance mechanism exists.
Coverage basis: No quantum-specific emergency planning found in any source.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: The Yearn risk assessment (March 2026) notes 'No public incident response playbook.' Paxos's regulatory status (MAS supervision) provides some off-chain accountability but no quantum-specific process.
Per Section 7.4 (Note-Only Caveat Rule), the absence of a formal quantum-specific incident-response playbook does not by itself create a Readiness & Risk Cap.
Algorithm & Implementation Assurance
Uses NIST-standardized, standards-track, or broadly reviewed PQC/hybrid-PQC algorithms appropriate to the use case (weight 6)
Claim: USDG uses no PQC or hybrid-PQC algorithms. All cryptography is classical (ECDSA, Ed25519, Keccak-256).
Coverage basis: No PQC algorithms in the token contract or any associated infrastructure.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: No PQC or hybrid algorithms used anywhere in the USDG ecosystem.
Assurance: Verified from on-chain bytecode and source code. No import, reference, or use of any NIST PQC algorithm.
Algorithm & Implementation Assurance
Independent cryptographic and implementation audit exists for the quantum-critical scope (weight 6)
Claim: Six audits exist (Zellic ×3, Trail of Bits, Halborn ×2) but all cover classical smart-contract security only. No quantum-scoped audit exists.
Coverage basis: Audits cover ERC-20 logic, cross-chain integration, rewards system, and EIP-712 signature validation. Zero quantum coverage.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: assurance-only caveat · Score treatment: score-reducing
Assurance: Existing audits are from reputable firms and cover classical implementation correctness thoroughly. However, they are scope-mismatched for quantum evaluation. The Implementation Score is 0.00 because there is NO quantum-scoped audit to evaluate.
The audits provide strong classical assurance but zero quantum assurance.
Algorithm & Implementation Assurance
Open-source, reproducible implementation (weight 3)
Claim: The USDG smart contract is open-source (MIT License) and verified on Etherscan. However, there is no PQC implementation to be open-source.
Coverage basis: Classical implementation is open-source. No PQC implementation exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: The classical implementation is fully open-source and verified. This subfactor specifically concerns the quantum-critical implementation, which does not exist.
If/when Paxos implements PQC for admin keys or user transactions, the open-source nature of the existing codebase suggests the PQC implementation would likely also be open-source.
Algorithm & Implementation Assurance
Parameter agility and future upgrade path are documented (weight 2)
Claim: No parameter agility or PQC upgrade path is documented. The UUPS proxy pattern enables contract upgrades but no quantum-specific upgrade planning exists.
Coverage basis: No PQC upgrade documentation.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: The UUPS proxy pattern technically enables future upgrades, which could include PQC. However, no parameter agility specification, PQC upgrade path, algorithm migration plan, or cryptographic agility documentation exists.
The upgradeable proxy is a double-edged sword: it provides a technical path to deploy PQC in the future, but the upgrade mechanism is itself quantum-vulnerable.
Algorithm & Implementation Assurance
Stateful-signature safety, side-channel, fault-injection, state-management, hardware-wallet, HSM, or custody implementation risks considered (weight 2)
Claim: No stateful signatures (XMSS/LMS) are used, so stateful-signature safety is N/A. Classical HSM/MPC infrastructure addresses classical side-channel and custody risks only.
Coverage basis: N/A for stateful signatures. Classical HSM/MPC for classical ECDSA keys.
Implementation score: 0 · Evidence confidence: High
Issue classification: none · Score treatment: not applicable
Assurance: Stateful-signature safety is N/A because no stateful PQ signatures are deployed.
The Paxos HSM/MPC infrastructure for classical ECDSA keys is noted for context but does not affect this subfactor's scoring.
Algorithm & Implementation Assurance
Performance and resource-impact analysis exists where PQ signature/verification costs could affect safe deployment (weight 1)
Claim: No performance or resource-impact analysis for PQC deployment exists.
Coverage basis: No PQC deployment → no performance analysis.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: No PQC performance analysis exists.
As an ERC-20 token (not a consensus protocol), PQC signature verification costs would primarily affect gas costs for admin operations and EIP-2612/EIP-3009 permit/authorization paths.
Report metadata