Resolv’s USR stablecoin experienced a sharp breakdown after an attacker minted around $80 million worth of unbacked tokens. The price quickly fell from its $1 target to as low as $0.25, with even deeper drops in certain liquidity pools.
The incident caused immediate disruption across the protocol and led to heavy losses for holders, as the excess supply flooded the market within a short period.
Read also: The Collapse of LUNA and TerraUSD (UST) – How Did It Happen?
How the Exploit Happened
According to blockchain security firms, the attacker used roughly $100,000 to trigger a flaw in the minting process. Through two transactions, they were able to generate approximately 80 million USR without sufficient backing.
Analysts pointed to weaknesses in the protocol’s design, including insufficient validation checks and reliance on a single externally controlled wallet for a key administrative role. The smart contracts had previously been audited, but the vulnerability remained undetected.
Read also: How to recognize a crypto presale scam? Full guide
Liquidity Pressure
After minting the tokens, the attacker sold large amounts of USR into decentralized exchange pools. This led to severe price slippage and allowed the attacker to extract an estimated $24–25 million in Ethereum.
The depeg occurred during a period of declining confidence in the project. USR’s market capitalization had already dropped from around $400 million in early February to approximately $100 million prior to the attack.
Read also: From a Zip File to Catastrophe: Radiant’s $50M Hack Explained
Protocol Response
Resolv Labs paused all protocol operations shortly after identifying the exploit. The team stated that the underlying collateral pool remains intact and that no backing assets were directly stolen.
At the same time, users were left holding a depegged asset, and several DeFi platforms moved to limit exposure by suspending or disabling USR-related activity.
The exact cause of the exploit is still under review. Early assessments suggest several possible factors, including a compromised signing key, flawed oracle inputs, or missing minting limits. Security researchers emphasized that the incident originated from the token issuance mechanism rather than the collateral itself.
