Stablecoin Crash: How A $100K Attack Devalued Resolv USR

A stablecoin linked to the crypto project Resolv Labs, Resolv USR (USR), has lost its peg to the US dollar after an attacker exploited the token’s contract. 

Summary

  • Resolv USR lost its peg after an attacker minted millions of unbacked tokens.
  • The hacker quickly converted the minted tokens into stablecoins and Ether.
  • Resolv Labs has paused operations and is investigating the exploit, with a recovery plan underway.

Meanwhile, the attacker was able to mint millions of tokens without backing, leading to a sharp devaluation of the token. Resolv Labs has paused the protocol to prevent further damage and is working on a recovery plan.

Resolv Labs confirmed the exploit on Sunday, explaining that an attacker had minted 50 million USR tokens using $100,000 worth of the stablecoin USDC. Crypto security company PeckShield later reported that the attacker also managed to mint an additional 30 million USR tokens. The vulnerability in USR’s contract allowed the attacker to create unbacked tokens, contributing to the token’s depeg from the US dollar.

According to D2 Finance, the minting function in the contract was compromised. The company suspects that either the oracle was manipulated, the off-chain signer was compromised, or the amount validation process was flawed, enabling the minting of excess tokens.

After the exploit, the attacker moved the newly minted USR tokens to various crypto protocols, swapping them for stablecoins like USDC and USDt, and then converting them into Ether (ETH). This aggressive exit strategy caused USR’s value to plummet. The token fell as low as 50 cents, and liquidity issues and slippage worsened across protocols. On Curve Finance, the token briefly crashed to 2.5 cents.

At the time of writing, USR was trading around 87 cents, still approximately 13% below its intended $1 peg. The token had a rapid price recovery on Curve Finance, climbing to 84.5 cents after hitting its low point at 2:38 am UTC.

Resolv Labs has paused all protocol functions to prevent further malicious activity. The team is actively investigating the exploit and working on a recovery plan. 

The exploit comes at a time when crypto-related hacks have decreased, with $49 million lost in February compared to $385 million in January. However, the attack highlights the continued risks and vulnerabilities within the crypto space, especially in decentralized finance protocols.

RECENT NEWS

From Cypherpunk To Citadel

How Crypto Moved from the Wild West to the Mainstream Financial SystemA long-form analysis of Bitcoin's journey from fri... Read more

Tether Plots Global Expansion

Stablecoin leader seeks to transform itself from crypto plumbing provider into a broad “freedom tech” conglomerateTe... Read more

World Liberty Seeks Federal Trust Charter

World Liberty Financial, the crypto venture backed by the Trump family, has applied for a US national bank trust charter... Read more

Crypto Firms Push Into US Banking

America’s cryptocurrency companies are scrambling to secure a foothold in the country’s traditional banking system, ... Read more

Ether Surges 16% Amid Speculation Of US ETF Approval

New York, USA – Ether, the second-largest cryptocurrency by market capitalization, experienced a significant surge of ... Read more

BlackRock And The Institutional Embrace Of Bitcoin

BlackRock’s strategic shift towards becoming the world’s largest Bitcoin fund marks a pivotal moment in the financia... Read more

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy.