Resolv USR Minting Heist Breaks Peg After Key Leak

Resolv’s overcollateralized stablecoin USR broke its peg on Mar 22 after a key-management breach enabled attackers to mint unbacked USR. The latest reporting says Chainalysis links the incident to compromised AWS KMS access, where a privileged signing key allowed unauthorized minting using protocol permissions. Attackers executed two main mint transactions, creating about 80M USR in total using relatively small USDC deposits (~$100k–$200k) to inflate swap outputs. They then routed USR into wrapped staked USR (wstUSR), swapped into other stablecoins, and moved into ETH across DEX pools and bridges to obscure the trail. Resolv confirmed the breach, paused contracts quickly, and burned roughly 9M USR held by the attacker. However, about $0.5M in redemptions was processed before the pause. It says at least 71M illicitly minted USR remains in circulating supply and has begun USR redemption for pre-incident holders, starting with allowlisted users, while tracing tokens with partners and analytics. Market impact for traders: USR sell pressure spiked immediately, with the token falling to around $0.14 (down >57% in 24 hours at press time) before a partial recovery. Expect USR and related DeFi routes to stay volatile until redemption terms, supply burn progress, and illicit supply isolation become clearer.