"Is X safe?" is the most-searched question for every DeFi protocol. The honest answer is rarely yes-or-no. Different protocols carry different risks, and the right question is which risks each protocol has addressed. Ayni Gold is a DeFi protocol that turns gold mining output into on-chain yield, with stakers receiving PAXG rewards quarterly from mining production at the Minerales San Hilario concession in Peru. The model touches both DeFi smart contracts and real-world mining operations, which means the verification problem is wider than for vault-backed gold tokens or pure on-chain protocols. Verifying a Mining Concession Is Different from Verifying a Vault PAXG and XAUT verify static gold. Reserves don't change much, and periodic attestations confirm vault contents. The verification problem is about checking whether a number matches. Ayni Gold verifies dynamic mining production. Smart contracts manage staking and rewards. Custody handles distributions. The mining concession produces gold over time, with operational variables affecting output. Each part of the chain needs its own verification because each part can fail independently. That structural difference shapes everything that follows. Inside the Audit Results for Ayni Gold's Smart Contracts Ayni Gold's smart contracts have been audited by two of the industry's most established firms, with results published openly. Auditor Date Result CertiK October 2025 Security score of 70.81 (top 25% of audited projects, vs industry average of 65) PeckShield October 2025 Logic and protocol audit found no critical vulnerabilities Two independent audits matter because different methodologies catch different classes of bugs. CertiK and PeckShield have audited overlapping sets of major DeFi protocols over the past several years, and their methodologies are complementary, not redundant. The audited contracts handle the protocol's automated flow. Staking is managed by a smart contract. Quarterly PAXG distributions execute automatically based on the published reward formula. The 15% success fee burn runs on a schedule set in code. None of these depend on manual intervention, which removes a class of risks tied to human error or operator manipulation. Audits certify that no known vulnerabilities matched the auditor's test suite at the audit date. They do not guarantee that the contracts are exploit-free against future techniques. This is true of every audited protocol. How Ayni Gold Handles Custody Without Holding User Tokens The most common mistake in evaluating DeFi safety is assuming custody works the same way across all protocols. Ayni operates a non-custodial architecture, which means user tokens live on the blockchain instead of inside a central Ayni database. Ayni's CTO has stated publicly in a YouTube video that the protocol has no admin function for accessing, moving, or withdrawing user tokens. The technical setup backs that claim. User tokens remain in user wallets, while the protocol’s smart contracts handle staking and reward distribution. Custody breaks down across three layers: In-app smart wallet (TurnKey): For users who create wallets through the Ayni app, TurnKey infrastructure handles secure key management. Transactions can only be signed and authorized by the user via email OTP confirmation. External wallets: Users can connect to MetaMask, Trust Wallet, or other self-custody options. In this setup, users manage their own seed phrases entirely outside the Ayni ecosystem. Ayni recommends enabling Two-Factor Authentication for additional security. Reward custody (PAXG via Paxos): PAXG itself is a vault-backed token issued by Paxos Trust Company, an NYDFS-regulated entity. The physical gold backing PAXG is held in LBMA-certified vaults in London, is bankruptcy-remote, and undergoes regular independent audits to verify the serial numbers of the physical bars. The combined design means Ayni Gold is not a custodial intermediary at any point in the user flow. From Peruvian Mining License to On-Chain Production Data The mining side of the protocol involves the most layered verification, because physical extraction at a real-world site introduces variables that on-chain verification alone cannot cover. Legal and Regulatory Backing The mining operation is run by a registered Peruvian company, not an informal arrangement. Minerales SH San Hilario S.C.R.L. holds an 8 km² mining concession (No. 070011405 ) registered with INGEMMET, Peru's geological and mining authority. The token issuance and smart contract administration are handled by a separate legal entity, AYNI TOKEN INC., registered as an International Business Company under the British Virgin Islands' virtual asset laws. This jurisdictional separation is deliberate. It isolates physical mining liabilities (Peruvian jurisdiction) from token issuance and smart contract administration (BVI jurisdiction). Geological and Production Verification Kangari Consulting, an independent geological assessment firm, conducted a 2025 scoping study at the concession. The study estimated a conceptual exploration target of 9 to 10.7 tonnes of gold. Scoping studies estimate recoverable potential, not certified production, but they establish the geological baseline for the operation. Ayni Gold publishes additional verification on top of the licensing and geological work. GPS coordinates, timestamped photos, and video updates from the mining site are made available openly. Extraction rates, operational costs, and net gold value are published on-chain alongside the protocol's other metrics. Future plans include adding third-party production audits to verify on-chain production data continuously. Other Safety Mechanisms Worth Knowing About On top of the three core verification layers, several structural safeguards reduce risk in ways that don't fit neatly under "audits" or "custody." 150% safety buffer on the gold price: Mining operations break even at approximately $1,842 per ounce, with operational costs around $5.92 per cubic meter of extraction. With gold trading above $4,600 , the project carries a buffer of more than 150%, which means mining economics remain profitable even during severe price drops. Operational redundancy: Critical equipment at the site is duplicated to eliminate single points of failure. Strategic reserve gold stocks ensure that scheduled maintenance or unexpected downtime does not interrupt staker payouts. Capital deployment discipline: Generated capital deploys exclusively to productive activities like capacity expansion or secondary market stabilization. The protocol explicitly does not engage in treasury speculation or unsecured lending. Token supply is fixed at 806,451,613 AYNI with no post-launch minting. ESG framework: Extraction uses chemical-free, alluvial methods that rely on gravity and water flow, with no chemicals or blasting involved. Water runoff is actively managed and mined areas are restored over time. ESG obligations are tracked via smart contract. KYC verification: The Ayni app requires Know Your Customer verification at the user level. KYC status is visible in the user dashboard, providing a baseline against bad actors entering the platform. What These Verifications Don't Cover Honest framing matters more in safety articles than in marketing copy. Several risks remain that no verification stack can fully eliminate: Future smart contract exploits: Audits certify no known vulnerabilities at audit date. New attack techniques can emerge. Operational interruptions: Equipment redundancy reduces but does not eliminate the chance of mining downtime. Gold price risk: PAXG distributions track gold. If gold prices fall, reward value falls with them, even though the project's economics remain stable thanks to the 150% buffer. Counterparty risk on Paxos: PAXG itself depends on Paxos Trust Company maintaining its custodial structure and regulatory standing. Regulatory risk: Changes to Peruvian mining law, BVI virtual asset law, or international RWA regulations could affect the protocol. These limits apply to any DeFi protocol touching real-world activity. They are not Ayni-specific weaknesses, but understanding them is essential for any allocation decision. How to Use This Information For investors evaluating Ayni Gold or any production-linked DeFi protocol, the key questions are: Are smart contracts audited by independent firms with strong track records? Where does the underlying revenue source come from, and is it verified by independent third parties? Who handles custody between revenue generation and distribution to holders? What regulatory layer covers the underlying real-world activity? Ayni Gold answers each of these with documented third-party verification. That is not a guarantee of safety. It is a structural foundation for evaluating risk, with the documentation publicly available for anyone to review. The Bottom Line The verification stack behind Ayni Gold maps the structural foundation for evaluating gold backed DeFi yield in production-linked protocols. None of these layers eliminates risk. Together, they create the documented baseline that lets investors weigh risk honestly against the position's potential. FAQ Is Ayni Gold audited? Yes. CertiK and PeckShield both audited the smart contracts in October 2025. CertiK's audit awarded a security score of 70.81, placing Ayni in the top 25% of audited projects (above the industry average of 65). PeckShield's logic and protocol audit found no critical vulnerabilities. Where are PAXG rewards stored? PAXG is a vault-backed token issued by Paxos Trust Company, an NYDFS-regulated entity. The physical gold backing PAXG sits in LBMA-certified vaults in London, with regular independent audits of the bar serial numbers. Ayni Gold distributes PAXG to stakers but does not custody it. The gold backing is held by Paxos and its custodial partners. Is the mining concession legitimate? Yes. The concession is operated by Minerales SH San Hilario S.C.R.L. (Peruvian Tax ID 20606465255), with an 8 km² mining concession registered as No. 070011405 with INGEMMET, Peru's official geological and mining authority. A 2025 scoping study by Kangari Consulting estimated 9 to 10.7 tonnes of conceptual recoverable gold at the site. What happens if gold prices crash? Ayni's mining operations break even at approximately $1,842 per ounce of gold. With gold currently trading above $4,600, the project carries an operational safety buffer of more than 150%. Even during severe price drops, the mining economics remain profitable. PAXG distributions track the gold price, so reward value declines with gold, but the protocol itself remains operationally stable. Does Ayni Gold have access to user tokens? No. Ayni Gold operates a non-custodial architecture. User tokens live on the blockchain, not in a central Ayni database. Smart wallets created through the app use TurnKey infrastructure with email OTP signing, and external wallets like MetaMask and Trust Wallet keep users in full control of their seed phrases. Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
