On a quiet Sunday morning, someone turned $100,000 into $25 million in about 17 minutes.
The target was the yield-bearing stablecoin protocol Resolv. Before Resolv paused its contracts, its dollar-pegged stablecoin, USR, had fallen to a few cents. As of this writing, USR remains severely depegged, trading at around $0.25, down more than 70% this week.
The shockwaves extended far beyond Resolv itself. Fluid/Instadapp absorbed over $10 million in bad debt in a single day, experiencing a net outflow of over $300 million on the same day, a record single-day outflow in its history. 15 Morpho vaults were affected. Euler, Venus, Lista DAO, and Inverse Finance all subsequently suspended USR-related markets.
The mechanism that allowed this vulnerability's losses to spread—pricing a depegged stablecoin at $1 in lending markets—is not new. This has happened at least four times in the past 14 months.
How the Vulnerability Worked
USR minting followed a two-step off-chain process: Users deposited USDC via the `requestSwap` function, and a privileged off-chain signing key, `SERVICE_ROLE`, would then finalize the amount of USR to be issued via `completeSwap`.
The contract had a minimum output limit but no maximum limit. The contract executed whatever the key holder signed.
The attacker gained access to this key through Resolv's AWS Key Management Service. They submitted two USDC deposits totaling approximately $100,000 to $200,000, then used the stolen key to authorize the minting of 80 million USR in return. On-chain data shows two transactions of 50 million USR and 30 million USR, both completed within minutes.
"The Resolv USR exploit wasn't a bug—it was a feature operating as designed. That's the problem," said on-chain analyst Vadim (@zacodil).
The SERVICE_ROLE was a regular external owned address (EOA), not a multi-signature wallet. The admin key had multi-sig protection, but the minting key did not.
"Resolv underwent 18 audits," Vadim said, "One of the findings was literally named 'Missing Cap'."
The attacker exited: They first converted the minted USR to wstUSR (a staked wrapped version) to slow the market impact, then swapped it for ETH via Curve, Uniswap, and KyberSwap. The attacker's wallet holds approximately 11,400 ETH (around $24 million). The underlying ETH and BTC collateral pools supporting the entire system remained intact as the stablecoin collapsed.
How the Contagion Spread
The Resolv exploit was effectively two events stacked on top of each other. The first was the minting exploit, the second was the failure of connected lending markets.
When USR and wstUSR crashed, every lending market that accepted them as collateral faced the same problem: their oracles were still pricing wstUSR at close to $1.
Omer Goldberg, founder of risk analysis firm Chaos Labs, documented this mechanism. His key finding: "The oracle was hardcoded, so it never repriced. wstUSR was marked at $1.13, while trading on secondary markets for around $0.63."
Traders bought wstUSR cheaply on the open market, then used it as collateral on Morpho or Fluid at the oracle price of $1.13, borrowing USDC against it and walking away.
At Fluid, the team secured short-term loans to cover 100% of the bad debt and promised to make every user whole. At Morpho, co-founder Paul Frambot stated that about 15 vaults had significant exposure, all in high-risk, long-tail collateral strategies.
Prominent curator Gauntlet stated that "a few high-yield vaults had limited exposure."
But D2 Finance directly countered this, publishing on-chain data showing Gauntlet's flagship "USDC Core Vault" had allocated $4.95 million to the wstUSR/USDC market. Goldberg later stated that Gauntlet vaults constituted 98% of the lender liquidity in that market.
Frambot said in a written response to The Defiant: "We are constantly working on how to present various risks more comprehensively. However, we don't believe the core issue here is a lack of labeling."
Frambot added: "Morpho is oracle-agnostic, meaning it allows curators to choose any oracle they deem most suitable for a specific market. Morpho is open, permissionless infrastructure designed to outsource risk management to curators."
"It's difficult to enforce objectively 'correct' guardrails in all scenarios," Frambot said, "Imposing constraints at the protocol level also risks hindering legitimate strategies."
While the underlying protocol leaves risk management to curators, some in the industry believe the curators are not fulfilling their duty.
"I believe the curator industry is flawed by design because there is no real curation happening," Marc Zeller said on X.
At the time of publication, Resolv, Gauntlet, and Fluid had not responded to The Defiant's requests for comment.
A Recurring Failure Pattern
This is not a new type of attack. In January 2025, Usual Protocol's USD0++ was hardcoded at $1 by curator MEV Capital in a Morpho vault.
Usual then abruptly adjusted its redemption floor price to $0.87 without warning, locking lenders into the MEV Capital vault, whose utilization rate soared to 100%.
In November 2025, Stream Finance's xUSD collapsed after curators had routed USDC deposits into leverage loops backed by the synthetic stablecoin. When its oracle refused to update, an estimated $285 million to $700 million in assets were at risk on Morpho, Euler, and Silo.
Moonwell suffered two consecutive oracle failures in October and November 2025, resulting in over $5 million in bad debt combined.
What This Means for the Curator Model
Morpho's architecture outsources all risk decisions to third-party "curators," who build vaults, select collateral, set loan-to-value ratios, and choose oracles. The theory is that professional firms have deeper expertise, and competition leads to better risk management, with the protocol enforcing the rules.
But curators earn fees based on the yield generated, creating an incentive to accept higher-risk, higher-yielding collateral (like yield-bearing stablecoins). The problem is that when these stablecoins depeg, the losses are borne by the depositors, not the curators.
In the Resolv incident, some curators' automated bots continued pumping funds into the affected vaults for hours after the exploit, deepening the losses.
The reason for using hardcoded oracles for yield-bearing stablecoins is to prevent unnecessary liquidations triggered by short-term volatility. But this protection only works if the stablecoin remains stable.
On-chain analytics firm Chainalysis stated in a post-mortem that real-time on-chain detection capabilities are needed.
"The on-chain smart contracts were functioning perfectly. The issue clearly lay with the broader system design and off-chain infrastructure," the analytics firm said.
