Resolv Labs' USR Stablecoin Exploited: Attacker Mints $80M With Just $200K - Blockonomi
by Brenda Mary · BlockonomiTLDR:
Table of Contents
- Resolv Labs’ USR minting contract was exploited, allowing 50M USR to be minted with only 100K USDC in a 500x flaw.
- USR dropped 74.2% to $0.257 before partially recovering to $0.85, leaving liquidity providers with heavy losses.
- PeckShield confirmed $80M worth of USR was minted, with over $4.55M already converted into approximately 9,100 ETH.
- Resolv Labs had not issued any official response as the DeFi community called for stronger minting contract audits.
Resolv Labs’ USR stablecoin faced a suspected exploit on Sunday around 2:21 AM UTC. An attacker reportedly minted 50 million USR using only about 100,000 USDC.
This caused USR to lose 74.2% of its value, dropping to $0.257. The token later recovered to approximately $0.85. Blockchain security firm PeckShield confirmed that roughly $80 million worth of USR was minted during the attack. Resolv Labs had not responded publicly as of the time of reporting.
Attacker Exploits Minting Contract to Drain Liquidity
The attack was carried out through the USR Counter contract. The attacker executed two swaps to mint approximately 80 million USR tokens.
This was done using only around $200,000 in total funding. Experts suspect a flaw in the minting logic or a compromised signer was responsible.
After minting the tokens, the attacker then dumped them across decentralized exchanges. KyberSwap and Velora were among the platforms used for the selloff.
Through those sales, the attacker collected over $17 million in USDC and USDT. Those proceeds were then swapped into approximately 9,100 ETH.
Crypto analyst @ai_9684xtpa flagged the incident on social media shortly after. The post noted that 100,000 USDC produced 50 million USR, a 500-times discrepancy.
The Resolv team had yet to respond at the time. That ratio pointed to a serious breakdown in the protocol’s minting mechanism.
Liquidity providers suffered heavy losses from the sudden price collapse. Warnings were also issued for related vaults connected to the protocol.
USR is a yield-bearing stablecoin backed by crypto money markets. Before the incident, the protocol held over $500 million in total value locked.
Market Response and Community Reaction
USR’s price fell sharply following the exploit. From its near-$1.00 peg, the token dropped to $0.257 within a short time. It then recovered to trade between $0.85 and $0.86. However, the recovery remained partial and did not restore the full peg.
PeckShield reported that about $80 million worth of USR had been minted through the attack. The attacker had also converted funds into roughly $4.55 million worth of ETH by early reports.
Blockchain trackers continued monitoring the associated wallet activity throughout. The pace of fund conversion pointed to a coordinated and deliberate effort.
As of the time of writing, Resolv Labs had not issued any official statement. Users were watching closely for potential refunds or an emergency protocol response.
The DeFi community raised questions about the minting contract’s audit history. Past incidents of a similar nature have triggered protocol shutdowns and governance votes.
USR’s exploit adds to a growing list of stablecoin-related security failures across DeFi. Protocols carrying large total value locked have repeatedly drawn targeting from bad actors.
The community continued calling for stronger safeguards around minting contracts. Real-time monitoring and thorough audits remain critical priorities for user protection.