Resolv Labs disclosed a critical security breach in which attackers used a compromised private key to mint approximately $80 million in unbacked USR stablecoin tokens, causing the asset to lose its dollar peg. The protocol's contracts were quickly paused, and 9 million USR held by the attacker have since been burned, according to the company's statement on X (formerly Twitter).
The exploit has resulted in confirmed losses of approximately $500,000 to date, though the stablecoin's total supply has ballooned to 173 million tokens—comprising 102 million previously issued tokens and approximately 71 million illegally minted ones. Despite the incident, Resolv Labs confirmed that the protocol's underlying collateral reserves, currently totaling $141 million in assets, remain directly unaffected by the breach.
Resolv Labs announced plans to conduct a redemption process for USR tokens issued prior to the exploit, beginning with allowlisted users and targeting completion by March 23, 2026. The team has advised users to refrain from trading USR and related tokens pending further updates, with additional announcements regarding USR and the RLP governance token expected shortly.