Resolv Labs confirmed Sunday that no user assets were lost following an exploit targeting the issuance mechanics of its USR stablecoin. The attacker minted tens of millions of unbacked USR tokens, crashing the price to $0.14-86% below its $1 peg-before rebounding to $0.42.
Resolv paused protocol functions while assessing the breach. The team stated the underlying collateral pool “remains fully intact” and the issue is “isolated to USR issuance mechanics.” On-chain data shows the attacker converted most illicit USR into roughly 11,400 ETH (about $24 million), with additional tokens still being dumped.
Major DeFi protocols moved swiftly to limit fallout. Lido confirmed user funds in Lido Earn are safe. Morpho noted only select vaults had exposure, and Aave reported no direct USR risk, adding Resolv is repaying its debt. Other platforms-including Euler, Venus, Lista, and Fluid-paused markets or isolated affected vaults.
Cyvers’ Michael Pearl characterized the risk as “concentrated with localized spillover, rather than widespread contagion.” Ledger CTO Charles Guillemet added the event’s scale falls far short of Terra Luna’s collapse.
Security experts pointed to a likely private key compromise-an operational failure-not a flaw in audited code. Pearl emphasized the need for real-time AI monitoring of mint/burn flows and reserve validation to prevent future exploits.