Original Title: DeFi Has Seen Resolv's $25M USR Exploit Many Times Before

Original Author: Camila Russo, The Defiant

Original Translation: DeepFlow Tech

On a quiet Sunday morning, someone turned $100,000 into $25 million in about 17 minutes.

The target was the yield-bearing stablecoin protocol Resolv. Before Resolv paused the contract, its USD-pegged stablecoin USR had plummeted to a few cents. As of the time of writing, USR remains severely off-peg, trading around $0.25, with a drop of over 70% this week.

The impact wave goes far beyond Resolv itself. Fluid/Instadapp absorbed over $10 million in bad debt in a single day, experiencing over $300 million in net outflows on the same day, marking its largest daily outflow in history. 15 Morpho vaults were affected. Euler, Venus, Lista DAO, and Inverse Finance all successively paused USR-related markets.

The mechanism that led to the spread of losses from this vulnerability—pricing the off-peg stablecoin at $1 in the lending market—is not a novelty. Over the past 14 months, this situation has occurred at least four times.

How the Exploit Worked

The minting of USR follows a two-step off-chain process: Users deposit USDC through the `requestSwap` function, and a privileged off-chain signing key `SERVICE_ROLE` finalizes the issuance of the USR amount through `completeSwap`.

The contract has a minimum output restriction but no upper limit. Whatever the key holder signs, the contract executes.

The attacker gained access to this key through Resolv's AWS Key Management Service. They submitted two USDC deposits totaling around $100,000 to $200,000 and then utilized the stolen key to mint 80 million USR as a reward. On-chain data shows two transactions of 50 million USR and 30 million USR, both minted within minutes.

「The Resolv USR vulnerability is not a bug - it's a feature working as intended. That's the problem.」 On-chain analyst Vadim (@zacodil) stated.

The SERVICE_ROLE is a regular external account address, not a multisig. The admin key has multisig protection, but the minting key does not.

「Resolv went through 18 audits,」 Vadim said, 「and one of the findings was directly named 'missing cap.'」

The attacker methodically exited: first converting minted USR to wstUSR (a wrapped staking version) to soften the market impact, then swapping it for ETH through Curve, Uniswap, and KyberSwap. The attacker's wallet holds around 11,400 ETH (about $24 million). The system's ETH and BTC collateral pools remain intact amid the stablecoin crash.

How the Contagion Spread

The Resolv vulnerability is actually the overlap of two events. The first being the minting bug and the second the failure of the cascade lending market.

When USR and wstUSR collapsed, every lending market that accepted them as collateral faced the same issue: their oracle still priced wstUSR near $1.

Risk analysis firm Chaos Labs founder Omer Goldberg documented this mechanism. His key finding was: 「The oracle is hardcoded, so it was never repriced. wstUSR was marked at $1.13, while its secondary market trading price was around $0.63.」

Traders bought wstUSR at a low price on the open market, then used the oracle's $1.13 price on Morpho or Fluid to collateralize it and borrowed USDC before exiting.

At Fluid, the team raised short-term loans to cover 100% of the default and pledged to compensate every user in full. At Morpho, co-founder Paul Frambot stated approximately 15 treasuries hold significant exposure, all part of a high-risk, long-tail collateral strategy.

Renowned curator Gauntlet has stated, "Several high-yield vaults have limited exposure."

However, D2 Finance directly refuted this claim, releasing on-chain data showing that Gauntlet's flagship "USDC Core Vault" allocated $4.95 million to the wstUSR/USDC market. Goldberg then stated that Gauntlet's vault holds 98% of the lending-side liquidity in that market.

Responding in writing to The Defiant, Frambot stated, "We've been researching how to present various risks more comprehensively. However, we don't believe the core issue here is a lack of labeling."

Frambot added, "Morpho is oracle agnostic, meaning it allows curators to choose any oracle they deem most suitable for a specific market. Morpho is an open, permissionless infrastructure designed to outsource risk management to curators."

"It is difficult to enforce an objectively 'correct' threshold in all scenarios," Frambot said. "Imposing constraints at the protocol level also carries the risk of hindering the implementation of legitimate strategies."

While the underlying protocol leaves risk management to the curator, some industry insiders believe that curators have not fulfilled their duties.

"I believe there is a flaw in the curator industry's design, as there is no genuine curation taking place," Marc Zeller stated on X.

As of the time of writing, Resolv, Gauntlet, and Fluid have not responded to The Defiant's request for comment.

A Recurring Pattern of Failure

This is not a new type of attack. In January 2025, Usual Protocol's USD0++ was hard-coded to $1 by curator MEV Capital in the Morpho Vault.

Usual then suddenly adjusted the redemption floor to $0.87 without any warning, leaving lenders locked in the MEV Capital Vault, which saw its utilization surge to 100%.

In November 2025, Stream Finance's xUSD collapsed, as the curator had routed USDC deposits into a leverage loop backed by that synthetic stablecoin. When its oracle refused to update, assets worth an estimated $2.85 billion to $7 billion on Morpho, Euler, and Silo faced risk.

In October and November 2025, Moonwell experienced two consecutive oracle failures, resulting in over $5 million in defaults.

What Does This Mean for the Curator Model

Morpho's architecture outsources all risk decisions to a third-party "curator," who builds the vault, selects collateral, sets loan-to-value ratios, and chooses oracles. This theoretical framework posits that professional entities possess deeper expertise, competition leads to better risk management, and the protocol is responsible for rule execution.

However, curators rely on generated yields to earn fees, creating an incentive for higher-risk, higher-yield collateral (such as yield-bearing stablecoins). The issue arises when these stablecoins lose their peg, with depositors bearing the brunt of the loss instead of the curator.

In the Resolv incident, some curators' automated bots continued to deposit funds into the affected vault hours after the exploit, exacerbating the loss.

The reason for using hard-coded oracles for yield-bearing stablecoins is to prevent unnecessary liquidations triggered by short-term fluctuations. However, this protection is only effective when the stablecoin remains stable.

Chainalysis, a blockchain analysis firm, stated in a post-mortem analysis that real-time on-chain monitoring capabilities are essential.

"The on-chain smart contract execution worked perfectly fine. The issue clearly stemmed from broader system design and off-chain infrastructure." The analysis firm stated.

Original Article Link

Welcome to join the official BlockBeats community:

Telegram Subscription Group: https://t.me/theblockbeats

Telegram Discussion Group: https://t.me/BlockBeats_App

Official Twitter Account: https://twitter.com/BlockBeatsAsia