Crypto Security & Integrity

Resolv USR Stablecoin Depegs After 80M Token Mint Exploit

Marcel Fuhrmann
/ 5 min read
Digital illustration of a cracked US dollar coin beside a warning symbol and cascading red downward arrows on a dark background

Resolv USR Stablecoin Depegs After Exploit – Attacker Mints 80 Million Tokens and Extracts Millions

Key Takeaways

  • An attacker exploited Resolv Labs’ USR stablecoin contract to mint a total of 80 million unbacked tokens.
  • Resolv Labs paused all protocol functions following the incident.
  • The attacker reportedly converted large portions of USR into USDC, USDT, and Ether.
  • USR briefly fell to as low as 2.5 cents on Curve and was trading around 87 cents at the time of reporting.
  • The estimated amount extracted from the exploit is approximately $25 million.

Exploit Allows Minting of 80 Million Unbacked USR Tokens

Resolv Labs’ USR stablecoin lost its US dollar peg after an attacker exploited a vulnerability in the token’s contract and minted tens of millions of tokens without backing.

According to a statement published by Resolv Labs on X, the attacker initially minted 50 million USR. The company said the exploit allowed the creation of unbacked tokens and confirmed that all protocol functions were paused to prevent further malicious activity. The team stated it is actively working on recovery efforts.

On-chain observations shared by the X account “yieldsandmore” indicated that the attacker was able to mint the initial 50 million USR by depositing $100,000 worth of USD Coin (USDC). Crypto security firm PeckShield reported that an additional 30 million USR tokens were minted, bringing the total to 80 million.

Crypto fund D2 Finance stated that the minting function on USR’s contract appeared to be flawed. It cited possible causes including a compromised off-chain signer, a manipulated oracle, or missing validation between request and completion. No definitive technical explanation has been confirmed in the available information.

Rapid Cash-Out Strategy Across DeFi Protocols

Following the minting of the tokens, the attacker moved quickly to convert USR into other digital assets. D2 Finance reported that the 50 million USR initially minted were transferred across multiple crypto protocols and swapped for USDC and USDt (USDT). The funds were then aggressively converted into Ether (ETH).

D2 Finance described the sequence as a typical decentralized finance exploit cash-out pattern. On-chain data showed multiple transactions executed in quick succession. The firm also noted that several failed transactions were visible, indicating urgency during the liquidation process.

Amid the rapid selling pressure, liquidity conditions deteriorated. Slippage increased across protocols where USR was traded. D2 Finance estimated that approximately $25 million was extracted by the attacker before the market stabilized.

USR Loses Peg and Experiences Flash Crash on Curve

The exploit had an immediate impact on USR’s price stability. The token is designed to maintain a 1:1 peg with the US dollar. However, heavy selling pressure following the exploit led to a sharp depeg.

According to data referenced from DEX Screener, USR fell to as low as 2.5 cents in the USR USDC pool on Curve Finance. This pool represents USR’s most liquid trading venue, with a reported 24-hour volume of $3.6 million. The flash crash occurred at 2:38 am UTC, just 17 minutes after the attacker minted the initial 50 million tokens.

The Curve pool later recovered partially, with USR trading at approximately 84.5 cents. CoinGecko data showed the token trading around 87 cents at the time of reporting, representing a roughly 13 percent deviation from its intended peg.

D2 Finance also reported that some trades were executed at around 50 cents as liquidity fragmented and slippage worsened. These price dislocations reflect the impact of sudden, large-scale token supply increases in decentralized markets.

Protocol Response and Market Context

Resolv Labs stated that it paused all protocol functions after detecting the exploit. The pause is intended to prevent additional unauthorized minting and limit further damage. The company did not provide additional operational details in the available statement.

The incident occurred during a period in which crypto-related hacks had declined compared to the previous month. According to figures cited in the report, $49 million was lost to crypto exploits in February, down from $385 million in January. The report also noted that attackers have increasingly shifted toward phishing scams rather than direct protocol exploits.

This case stands out because it directly affected a stablecoin’s core function. Stablecoins are designed to maintain price stability, and contract-level vulnerabilities can undermine that mechanism by altering supply without corresponding backing.

Implications for Stablecoin Users and DeFi Participants

For users interacting with decentralized finance protocols, the incident highlights how smart contract vulnerabilities can impact token value and liquidity within minutes. The rapid depeg and flash crash on Curve demonstrate how automated market maker pools respond to sudden imbalances between supply and demand.

Users who provide liquidity or hold stablecoins in decentralized pools may face immediate price exposure during exploit-driven sell-offs. In this case, USR’s deviation from its peg ranged from a brief collapse to a partial recovery within hours.

The attacker’s ability to move minted tokens across multiple protocols and convert them into widely used stablecoins and Ether shows how interconnected decentralized markets can facilitate rapid fund transfers.

Our Assessment

The available facts show that a contract-level vulnerability enabled the minting of 80 million unbacked USR tokens, leading to a sharp and immediate loss of the stablecoin’s dollar peg. Approximately $25 million was reportedly extracted before liquidity conditions stabilized. Resolv Labs has paused protocol functions while working on recovery. The incident demonstrates how exploits affecting token supply mechanisms can quickly impact price stability and liquidity across decentralized trading venues.

Related News

Server rack with yellow warning triangle, glitching monitor displaying alert icon, cracked padlock over a globe background.
Crypto

CoW Swap DAO Warns Users to Avoid Site After Domain Hijacking

The DAO behind CoW Swap has warned users not to visit its website following a domain hijacking and reported frontend exploit.

Marcel Fuhrmann
A digital shield with a lock icon overlays a blue background filled with cryptocurrency symbols and binary code.
Crypto

US Treasury Expands Cybersecurity Program to Crypto Firms

The US Treasury has expanded its cybersecurity threat intelligence program to include digital asset companies. The move follows rising losses from DeFi hacks and recent high profile exploits.

Marcel Fuhrmann
Bitcoin Depot ATM with a digital lock overlay and red warning symbols on a dark background.
Crypto

Bitcoin Depot ATM Operator Reports $3.6M BTC Stolen in Hack

A Bitcoin Depot ATM operator said $3.6 million in Bitcoin was stolen in a corporate hack. The incident was reported on April 8, 2026.

Marcel Fuhrmann