An extensive security breach severely impacted the USR stablecoin ecosystem on Sunday, as a significant flaw in its minting contract allowed the unauthorized generation of tens of millions of tokens from a negligible financial base. This incident, affecting the protocol managed by Resolv Labs, occurred in the early hours and has intensified discussions around security protocols in decentralized finance (DeFi) projects.
What Instigated the Enormous Token Minting?
Resolv Labs, known for its focus on stablecoin and DeFi structures, developed the USR token to function as an interest-generating stablecoin, generally underpinned by assets in crypto lending markets. Prior to the breach, the protocol had gained acclaim for its rapid expansion, having secured over $500 million in total value locked.
The breach reportedly occurred around 2:21 AM UTC. Those examining blockchain security explained how a suspect utilized roughly 100,000 USDC within the USR Counter contract to create 50 million USR tokens. Records indicate that a total of around 80 million USR tokens were created with an investment of about $200,000, suggesting a minting rate exceeding 500 times its expected value. The anomaly might involve a flaw in the contract’s logic or manipulation involving a cryptographic key.
How Did the Market React to the Breach?
Following the issue of a large volume of tokens, the USR value plummeted 74.2% to $0.257, before marginal recovery to approximately $0.85, yet failing to reach its pegged dollar value. This led to significant losses for many investors and liquidity providers tied to the protocol.
During the chaos, the perpetrator promptly unloaded USR tokens on decentralized exchanges such as KyberSwap and Velora, converting them into more than $17 million in USDC and USDT, and eventually exchanging these for around 9,100 ETH, approximately valued at $4.55 million. Blockchain surveillance tools monitored these transactions live, emphasizing a methodically planned liquidation of exploited tokens.
The issue was promptly identified by social media crypto enthusiast @ai_9684xtpa. Notable security company PeckShield corroborated the statistics, confirming the minting of around $80 million in USR, with significant transfers to ETH already realized.
This makes another stablecoin incident, as the USR price briefly fell to $0.257—a 74.2% drop—then moved back up to $0.8606. The Resolv team had yet to address the situation publicly at this point.
Alerts were disseminated among the users of Resolv Lab’s vaults, warning of the fast movement of funds between wallets that further hindered the ability of both the Resolv team and the users to respond effectively to the situation.
• $80 million in USR tokens were unauthorizedly minted, using merely $200,000 in resources.
• Consequently causing a substantial dip in USR’s market value, leading to a 74.2% drop.
• Swift token liquidation facilitated acquiring over $17 million in more stable coins and conversion into $4.55 million worth of ETH.
By this point, Resolv Labs had not issued an official statement on the exploit. There are increasing calls from the DeFi community for comprehensive real-time auditing of minting contracts, underscoring the necessity for heightened security prior to significant liquidity operations in the sector.
