A significant cyberattack has sent ripples through the cryptocurrency sector, particularly affecting the decentralized finance (DeFi) landscape. The fallout has been especially harsh for Resolv Labs as its USR stablecoin experienced a severe malfunction, losing its peg to the US dollar. This incident brings to light critical issues in DeFi systems, suggesting that they continue to be vulnerable even after multiple security audits.
What Triggered the Collapse?
The chain of events leading to the USR crisis began with a well-coordinated attack. Blockchain analytics indicate that Resolv Labs’ USR, a relatively new stablecoin project, became the target of a sophisticated exploit. The attacker deposited approximately $200,000 in USDC, which enabled the creation of an excessive number of USR tokens — about 80 million — by circumventing standard collateral requirements.
The breach was facilitated by vulnerabilities in the “requestSwap” and “completeSwap” functions, which were manipulated to exploit loopholes for personal advantage.
Resolv Labs disclosed that all activities were halted immediately following the attack, with efforts focused on system repairs.
How Did the Attack Escalate?
Instead of flooding the market with USR tokens, the perpetrator took a strategic route by converting them into a derivative version known as “wstUSR.” This derivative functioned uniquely within existing liquidity pools, which allowed the attacker to gradually destabilize available market liquidity.
These converted tokens were swapped for other stablecoins and Ethereum, leaving the attacker with 11,400 Ethereum and 20 million wstUSR. As a result, the market witnessed a dramatic plunge in USR’s value—falling by 80%, destabilizing the system, and undermining user trust.
Why Were Audits Ineffective?
Despite undergoing 18 audits prior to the breach, Resolv Labs’ system harbored undetected vulnerabilities. Notably, a key flaw in the fee calculation function was highlighted in a December 2024 audit. Missing control limits were also reported, yet the central functions involved in the attack were deemed secure. Auditors often overlook systemic vulnerabilities in privileged admin functions.
Specialists point out that audits typically focus on code rather than the risks central permissions might pose, thereby allowing sophisticated attacks to occur.
The assault leaves Resolv Labs in a challenging situation. While reserves appear unscathed, USR’s drastically reduced market value has shaken user confidence and created an environment of uncertainty. Observers are keenly watching how Resolv Labs will address these hurdles to regain stability and trust moving forward.
