Resolv Labs Exploit Shatters USR Peg After $25M Extraction
A major security breach has struck Resolv Labs, sending shockwaves across the crypto market after its stablecoin USR dramatically lost its peg.
The incident, which is still unfolding, highlights a deeper issue within DeFi architecture, one that even repeated audits failed to catch.
According to early disclosures shared by the team on X (formerly Twitter) (Resolv Labs update:
Resolv has experienced an exploit that allowed the attackers to mint 50mn of unbacked USR.
The team has currently paused all the protocol functions to prevent further malicious actions and is actively working on recovery.
— Resolv Labs (@ResolvLabs) March 22, 2026
the protocol has now been fully paused as developers assess the damage and work toward containment.
Exploit Begins With Minimal Capital InjectionOn-chain data reveals that the attacker initiated the exploit with just about $200,000 in USDC. With this relatively small capital, they managed to mint approximately 80 million USR tokens, tokens that were not properly backed by collateral.
This abnormal minting activity immediately pointed to a critical flaw in the protocol’s minting logic. Analysts, including insights shared here, identified the `requestSwap` and `completeSwap` functions as the most likely entry points for the exploit.
A significant exploit has hit the @ResolvLabs
Their stablecoin USR has lost its peg after an attacker minted tens of millions of unbacked tokens
Onchain data shows the attacker deposited roughly $200,000 USDC and was able to issue approximately 80 million USR
Quick facts