A stablecoin is supposed to be worth a dollar. Resolv’s USR is worth 27 cents and the math to fix it doesn’t work.
Resolv Labs confirmed over the weekend that a malicious actor gained unauthorized access to protocol infrastructure through a compromised private key and minted approximately $80 million in uncollateralized USR. The team paused smart contracts and burned roughly 9 million of the illicitly minted tokens, but the damage was already done.
Unlike smart contract bugs that can be patched, key compromises are infrastructure failures that no amount of code auditing can prevent.
This notice is issued on behalf of Resolv Digital Assets Ltd. in relation to the Resolv protocol.
Earlier today, a malicious actor gained unauthorized access to Resolv infrastructure through compromised private key, resulting in the minting of approximately $80M of…
— Resolv Labs (@ResolvLabs) March 22, 2026
Current USR supply consists of 102 million pre-incident tokens plus approximately 71 million illicitly minted tokens that are still circulating. The protocol holds roughly $95 million in assets as of Monday morning, down from $141 million cited in Resolv’s initial statement as redemptions drain what’s left.
Against total liabilities of approximately $173 million in outstanding USR, that’s a collateralization ratio of roughly 55%.
If pre-incident USR holders redeem first, which is what Resolv is facilitating through an allowlist process targeting March 23, the $95 million in assets gets absorbed by the 102 million in legitimate USR. That’s roughly 93 cents on the dollar for those who get through the door.
USR is trading at $0.27 on CoinGecko, down 72% over the past week and 61% in the past 24 hours alone. The 24-hour range stretched from $0.14 to $0.82, reflecting chaotic trading as the market tried to price in the exploit’s severity. Daily volume hit $8.4 million against a market cap of just $54 million, meaning a significant chunk of the remaining supply changed hands in a single day.
DeFiLlama data shows Resolv’s TVL peaked near $684 million in February 2025 before declining through the year to around $95 million pre-exploit. The protocol had raised $10 million in funding and was generating roughly $5.28 million in annualized fees. That revenue stream is now effectively dead.
Ledger CTO Charles Guillemet said in an X post that the exploit “will create bad debt on some lending markets, particularly in specific pools,” flagging that some Morpho pools using USR as collateral had already been exited.
Resolv Labs was exploited. $50M worth of USR was minted without collateral.
It lost its peg and is now trading around ~$0.5, with lows below $0.2.
This will create bad debt on some lending markets, particularly in specific pools.
Some Morpho pools using USR as collateral have… https://t.co/uo69WEd9IE— Charles Guillemet (@P3b7_) March 22, 2026
Resolv said the underlying collateral was not directly compromised and that the attack came through “unauthorized third-party actions, including a targeted infrastructure compromise and cyberattack.” The team said it was working with law enforcement and onchain analytics firms and would “pursue all available avenues to recover assets.”
The protocol strongly advised against trading USR or related Resolv tokens while recovery measures are being implemented, adding that “actions of users during post-exploit period may affect the recovery,” a line that suggests trading could complicate any future claims process.
