Resolv Stablecoin USR Crashes After $80M Unauthorized Mint, $25M Extracted in Exploit

Protocol Pauses Operations as 9M Tokens Burned and Redemptions Begin Amid Collateral Integrity Claims

TL;DR

• Resolv exploit enabled about $80M unbacked USR mint, leading to $25M extraction
• USR collapsed to $0.025 within 17 minutes, later trading near $0.19
• Protocol paused, burned 9M tokens, confirmed ~$0.5M redemption losses

We’ve launched the all-new COIN360 Perp DEX, built for traders who move fast!

Trade 130+ assets with up to 100× leverage, enjoy instant order placement and low-slippage swaps, and earn USDC passive yield while climbing the leaderboard. Your trades deserve more than speed — they deserve mastery.

Resolv’s USR stablecoin suffered a sharp breakdown on March 23 after a compromised private key enabled unauthorized minting of about $80 million in uncollateralized tokens, triggering a rapid market reaction that pushed the crypto price far below its intended peg. The attacker extracted approximately $25 million after swapping the minted assets across multiple pools into other stablecoins and Ether, according to reported transaction flows. The incident unfolded as circulating supply had stood near 102 million USR prior to the exploit, before an additional 71 million tokens entered the system without backing.

The exploit sequence began with a deposit of 100,000 USDC into the protocol’s USR Counter contract, which returned an anomalous 50 million USR, followed by another mint of 30 million tokens in a subsequent transaction. The surge in supply immediately disrupted liquidity conditions across trading venues, causing USR to drop to $0.025 on Curve Finance within 17 minutes of the first irregular mint. Based on COIN360 crypto price index data, the token later rebounded briefly to around $0.75.

Resolv confirmed that “a malicious actor gained unauthorized access to Resolv infrastructure through compromised private key,” while maintaining that its collateral pool “remains fully intact” and that “no underlying assets” were compromised. The protocol halted operations shortly after detecting the exploit and burned around 9 million USR associated with the attacker’s activity. Internal accounting indicated that approximately $0.5 million had been lost through redemption requests processed before the pause was implemented.

The attacker converted the unbacked USR into the staked variant wstUSR before routing the funds through liquidity pools and consolidating proceeds into ETH. Wallet tracking showed holdings of 11,409 ETH valued at about $23.7 million at prevailing crypto price levels during the aftermath. The rapid conversion and exit intensified selling pressure, amplifying the dislocation between USR’s circulating supply and available collateral across markets tracked by the broader coin market cap landscape.

Resolv stated it holds approximately $141 million in assets and has begun preparing redemption processes for pre-incident USR holders, starting with allowlisted participants. The protocol said it is working with partners, analytics firms, and law enforcement to track the movement of funds and contain the impact of the exploit. The issue was described as isolated to issuance mechanics rather than a direct breach of collateral reserves, with remediation focused on restoring redemption pathways.

Security assessments linked the breach to a privileged SERVICE_ROLE account reportedly controlled by a single externally owned address rather than a multisignature setup. Investigations noted the absence of safeguards such as strict oracle validation, minting caps, and transaction-level checks, allowing abnormal issuance to proceed without automated interruption. The failure occurred despite documentation indicating 14 audit engagements across five firms and the presence of a $500,000 bug bounty program.

Cyvers CEO Deddy Lavid said, “Audits alone are not enough. If you’re not monitoring minting and supply in real time, you’re blind when it matters most.” External platforms reacted by clarifying exposure levels, with Lido stating funds in Lido Earn were secure, Aave’s founder confirming no direct USR exposure, and Morpho indicating limited impact confined to specific vaults. The RESOLV governance token declined 8.5% over 24 hours as secondary effects spread across integrated DeFi systems.

This article has been refined and enhanced by ChatGPT.