On March 22, 2026, Resolv Labs' USR stablecoin crashed to $0.025 after an attacker used a compromised minting key to create 80 million unbacked tokens. They deposited $200,000 in USDC and minted 80 million USR — then swapped everything for ETH and extracted roughly $25 million before anyone shut it down.
This wasn't a smart contract bug. The contracts worked exactly as designed. The flaw was that a single off-chain key controlled minting authority with no on-chain limits, no multisig, and no pause function. Eighteen audits missed it.
How minting worked
USR had a two-step minting process. Step one: a user deposits USDC on-chain via requestSwap. Step two: an off-chain service controlled by a privileged key (SERVICE_ROLE) calls completeSwap, specifying how many USR tokens to mint. The contract checked that the deposit met a minimum threshold but didn't verify whether the mint amount had any relationship to the deposit. That validation was entirely off-chain.
With the key compromised, the attacker deposited 100,000 USDC and minted 50 million USR. From the smart contract's perspective, this looked identical to a legitimate transaction. It had no way to tell the difference.
What followed
The attacker converted USR to wstUSR, then systematically swapped it for stablecoins and ETH across decentralized exchanges. USR's price on its most liquid Curve pool collapsed to $0.025 within 17 minutes. Lending protocols that priced USR at $1 — Euler, Venus, Lista, Fluid — faced cascading exposure and paused markets.
The main attacker wallet holds approximately 11,409 ETH (~$23.7 million). All addresses and flows are publicly visible on-chain.
The forensic challenge
On-chain, the picture is clear: deposit-to-mint ratios of 100K USDC to 50M USR, repeated across multiple transactions, with immediate conversion and extraction. No ambiguity there.
The hard part is everything off-chain. How was the AWS key management service compromised? Was there insider involvement? The minting key exists outside the blockchain's visible record, so determining root cause requires infrastructure logs and access records that aren't on any public ledger.
The real lesson
Smart contract audits are necessary. But this case shows they're not sufficient. The vulnerability wasn't in the code — it was in the trust model surrounding one off-chain key. If you're assessing DeFi protocol risk, look at key management, access controls, and governance structures. That's where the real exposure often sits.
Resolv has burned 9 million illicitly minted USR and confirmed $141 million in collateral, but holds $95 million in assets against $173 million in liabilities. The protocol is functionally insolvent.