At 2:21 AM UTC on March 22, an attacker deposited 100,000 USDC into Resolv's minting contract and received 50M USR in return. A second transaction produced another 30M. Within minutes, 80M unbacked stablecoins existed where none should have. The attacker dumped them across Curve, KyberSwap, and Velodrome, extracting roughly $25M in ETH before anyone could react.

USR crashed to $0.025 on Curve within 17 minutes. Q1 2026 DeFi losses now stand at $137M across 15 incidents, with Resolv joining Step Finance ($27.3M) and Truebit ($26.2M) at the top of the list.

The code worked exactly as written. That is the problem.

The Architecture of Overconfidence

Resolv's minting flow has two steps: requestSwap() creates a pending deposit, and completeSwap() finalizes the mint. The second function is gated by a SERVICE_ROLE, a privileged off-chain signer that authorizes how much USR gets created per deposit. In normal operation, one dollar in means one USR out.

But the contract had no on-chain guardrails enforcing that ratio. No maximum mint per transaction. No per-epoch caps. No sanity check comparing deposit size against output. The SERVICE_ROLE could pass any amount it wanted, and the contract would execute it.

Making matters worse, this role was controlled by a single externally owned account, not a multisig. The attacker compromised Resolv's AWS Key Management Service environment, gained access to the signing key, and used the protocol's own minting authority against it.

For a protocol managing hundreds of millions in TVL, the absence of basic on-chain safety rails is hard to explain. The admin role used a multisig. The role that could literally print money did not.

The Morpho Knock-On Effect

Approximately 15 Morpho vaults across curators Gauntlet, Re7 Labs, kpk, and 9summits had direct exposure to USR markets. Gauntlet's USDC Core vault on Ethereum alone had roughly $4.95M allocated to a wstUSR/USDC market, with total exposure across affected Gauntlet vaults exceeding $7.5M.

— (@)

The damage was amplified by a well-known design choice: Morpho curators had set hardcoded oracles for USR and wstUSR, pricing them at a constant value regardless of market conditions. The intent was to prevent short-term volatility from triggering unnecessary liquidations. But once USR collapsed to $0.40 on secondary markets, those same oracles created an open arbitrage: buy cheap USR on Curve, deposit it as collateral on Morpho at $1 face value, borrow USDC, walk away. The vaults were drained not by liquidation cascades but by rational actors exploiting a stale price.

This is not a novel failure mode. In January 2025, Usual Protocol's USD0++ was hardcoded at $1 in a Morpho vault by curator MEV Capital, and the same pattern played out. Morpho co-founder Paul Frambot has maintained that the protocol is oracle-agnostic by design, leaving oracle selection to curators. But when the same class of vulnerability keeps draining depositor funds, the distinction between protocol risk and curator risk starts to feel academic.

The RLP Grey Area

This is where it gets interesting. Resolv uses a dual-tranche structure: USR is the senior tranche, offering stable yield, while the Resolv Liquidity Pool (RLP) is the junior tranche, absorbing losses first in exchange for higher returns (historically 20-40% annualized). It is explicitly marketed as the protocol's insurance layer.

RLP's defined coverage scope includes counterparty credit events, funding rate changes, and other adverse events that result in collateral pool losses. The 110% collateralization circuit breaker automatically freezes RLP redemptions when the ratio drops, prioritizing USR holder protection.

— (@)

Here is the catch: the collateral pool itself was not drained. The $141M in backing assets remains intact. What the attacker did was flood the system with 80M unbacked USR, which hit DEX liquidity pools and destroyed USR's effective collateralization ratio from the outside. The collateral per legitimate USR token is unchanged. The collateral per total outstanding USR (including the 80M ghost tokens) is a different number entirely.

This creates a genuine grey area. RLP was designed to absorb losses from events like funding rate blowouts or counterparty defaults that erode the collateral pool. A key compromise that inflates the token supply without touching collateral is a categorically different type of event. Yet the practical outcome, a collateralization ratio below 110%, triggered the same circuit breaker and froze RLP redemptions, effectively conscripting RLP holders into loss absorption for a risk they arguably never signed up for.

The question is whether tranching products that define coverage around collateral pool losses can be stretched to cover supply-side attacks that leave the pool intact but impair the ratio through dilution. If the answer is yes, then RLP's coverage scope is far broader than its documentation suggests. If no, then socializing this loss through the junior tranche is a retroactive change to the terms.

Compensation Plan Still TBD

— (@)

Three days after the exploit, Resolv's compensation framework remains incomplete. The protocol has confirmed it will cover all USR positions that originated before the incident and enable redemptions for pre-incident holders via an allowlist. Roughly 9M of the attacker's USR have been burned. A 10% bounty ($2.45M) has been offered for the return of remaining funds.

But none of this addresses the core allocation question: who absorbs the $25M gap? Gauntlet says it is still negotiating with Resolv. Stream Finance's depositors are staring at another potential write-down. RLP holders are frozen out, unable to redeem, and potentially on the hook for losses that fall outside RLP's stated coverage.

What This Means for DeFi

The Resolv exploit is not a story about smart contract risk. Every line of Solidity did what it was told. It is a story about the growing gap between DeFi's on-chain security assumptions and the off-chain infrastructure that actually runs these protocols.

As protocols scale and rely more heavily on cloud services, privileged signers, and external key management, the attack surface expands far beyond the blockchain. An immutable contract is only as secure as the keys that control it.

The RLP question is equally important. Tranching products are proliferating across DeFi as a way to offer institutional-grade risk segmentation. But if the boundaries of what the junior tranche absorbs can be retroactively expanded based on outcome rather than cause, the risk premium those products offer may not be nearly enough.

Check out the newest flagship vault: yoSOL 😎👇

— (@)

Resolv feed ⬇️

— (@)

Let us know how we did 👇

Provide your feedback on today's issue of the Exponential Edge newsletter. (1 ⭐️ - not useful at all, 5 ⭐️ - extremely useful)