A stablecoin linked to the crypto undertaking Resolv Labs, Resolv USR (USR), has misplaced its peg to the US greenback after an attacker exploited the token’s contract.
Abstract
- Resolv USR misplaced its peg after an attacker minted thousands and thousands of unbacked tokens.
- The hacker shortly transformed the minted tokens into stablecoins and Ether.
- Resolv Labs has paused operations and is investigating the exploit, with a restoration plan underway.
In the meantime, the attacker was capable of mint thousands and thousands of tokens with out backing, resulting in a pointy devaluation of the token. Resolv Labs has paused the protocol to stop additional harm and is engaged on a restoration plan.
Resolv Labs confirmed the exploit on Sunday, explaining that an attacker had minted 50 million USR tokens utilizing $100,000 value of the stablecoin USDC. Crypto safety firm PeckShield later reported that the attacker additionally managed to mint a further 30 million USR tokens. The vulnerability in USR’s contract allowed the attacker to create unbacked tokens, contributing to the token’s depeg from the US greenback.
In line with D2 Finance, the minting perform within the contract was compromised. The corporate suspects that both the oracle was manipulated, the off-chain signer was compromised, or the quantity validation course of was flawed, enabling the minting of extra tokens.
After the exploit, the attacker moved the newly minted USR tokens to numerous crypto protocols, swapping them for stablecoins like USDC and USDt, after which changing them into Ether (ETH). This aggressive exit technique brought about USR’s worth to plummet. The token fell as little as 50 cents, and liquidity points and slippage worsened throughout protocols. On Curve Finance, the token briefly crashed to 2.5 cents.
On the time of writing, USR was buying and selling round 87 cents, nonetheless roughly 13% under its meant $1 peg. The token had a fast value restoration on Curve Finance, climbing to 84.5 cents after hitting its low level at 2:38 am UTC.
Resolv Labs has paused all protocol capabilities to stop additional malicious exercise. The staff is actively investigating the exploit and dealing on a restoration plan.
The exploit comes at a time when crypto-related hacks have decreased, with $49 million misplaced in February in comparison with $385 million in January. Nevertheless, the assault highlights the continued dangers and vulnerabilities throughout the crypto house, particularly in decentralized finance protocols.
