Commissioned, Curated and Published by Russ. Researched and written with AI.
On March 22, 2026, an attacker deposited somewhere between $100K and $200K in USDC into the Resolv protocol and walked away with approximately $25 million in ETH. The difference was made up by printing 80 million unbacked stablecoin tokens - each supposedly worth one dollar - and dumping them before anyone could stop it.
The smart contracts worked exactly as designed. The security failure was elsewhere.
The Architecture That Made It Possible
Resolv’s USR stablecoin used a two-step off-chain minting model. Users deposit USDC via a requestSwap call. An off-chain service holding a privileged SERVICE_ROLE key then calls completeSwap, specifying how much USR to mint in return. The contract enforces a minimum output to protect users from bad rates, but there is no on-chain maximum. No ratio check between collateral deposited and tokens minted. No price oracle. No cap.
The design puts all trust in the off-chain signing service. If the key is honest, the system works. If the key is compromised, the contract will mint whatever number the attacker signs off on - and it will do so correctly, with valid signatures, with no on-chain mechanism to stop it.
According to Chainalysis, who published a technical breakdown of the incident, this is exactly what happened. The attacker gained access to Resolv’s AWS Key Management Service environment - the system storing the SERVICE_ROLE private key. From that point, the protocol’s own minting infrastructure was working against it.
What the Attacker Actually Did
Two transactions tell the story. The attacker called completeSwap with authorized amounts of 50 million USR and 30 million USR respectively - each backed by a fraction of the collateral that would normally be required. Both transactions are verifiable on-chain. Both had valid signatures from the compromised key.
After minting 80 million USR from a $100K-$200K deposit, the attacker converted the USR into wstUSR - a staked derivative - before rotating through DEX pools and bridges into ETH. Converting to wstUSR first was deliberate: it’s a less liquid but more fungible position, slowing the market impact long enough to execute the exits. By the time Resolv Labs suspended operations, the attacker’s wallet held approximately 11,400 ETH (roughly $24 million at the time) plus around 20 million wstUSR.
According to Chainalysis, the attacker was still attempting to mint more when Resolv pulled the plug.
The entire attack unfolded in minutes.
The Cascade
USR’s peg collapsed immediately. The flood of unbacked tokens into DEX liquidity pools pushed the price down as low as $0.20 - an 80% drop. It partially recovered to around $0.56 in the hours following the attack.
The damage didn’t stop at Resolv. Both USR and wstUSR had been accepted as collateral in lending protocols, including Morpho. At depressed market prices, opportunistic traders bought USR and deposited it into lending vaults where it was still valued at $1 - then borrowed USDC against that inflated collateral. Stablecoin reserves drained from vaults whose collateral had already collapsed in value.
Paul Frambot, co-founder of Morpho, noted that of approximately 500 Morpho vaults with deposits over $10,000, roughly 15 had significant exposure to the affected markets. Vault curators including Gauntlet, Re7 Labs, kpk, and 9summits all had positions tied to USR. Some automated systems continued providing liquidity into the collapse, compounding the losses.
The Infrastructure Security Question
This wasn’t a smart contract bug. It wasn’t a reentrancy attack or an integer overflow. There were no vulnerabilities in Solidity code. Resolv had undergone 18 security audits, according to their documentation.
The attack surface was AWS KMS.
How exactly the attacker gained access to the KMS environment hasn’t been disclosed publicly. The mechanism matters - whether it was compromised credentials, an IAM misconfiguration, a supply chain issue, or something else - but the outcome is the same regardless: whoever controls the signing key controls the minting process. Completely, with no on-chain backstop.
This is a design pattern that’s become common across DeFi protocols: use off-chain infrastructure to handle things the blockchain doesn’t do efficiently (pricing, rate limits, approval logic), then bridge that logic back on-chain via privileged key signatures. The pattern is pragmatic and often reasonable. But it means the security model of the protocol extends into your cloud infrastructure - and cloud infrastructure security is a very different problem from smart contract auditing.
Auditing Solidity code will not find a misconfigured IAM policy. A formal verification of the contract logic will not catch a leaked AWS access key. The 18 audits were not wrong; they just weren’t auditing the actual attack surface.
What Should Have Existed
The contract’s failure to enforce any on-chain ratio between collateral and minted tokens is the clearest architectural gap. A $100K deposit authorizing 50 million tokens is not a subtle anomaly - it’s orders of magnitude outside any legitimate operating range. A hard on-chain cap, or even a ratio check against deposited collateral, would have made this attack impossible regardless of key compromise.
Chainalysis points to the gap between what the on-chain monitoring could have caught and when the actual response happened. A rule flagging any completeSwap where minted USR was disproportionate to deposited USDC - with an automated circuit breaker - would have stopped the first transaction before the attacker could move to the second.
The protocol also kept trying to mint more after the first two transactions. That suggests the attacker retained key access for longer than necessary - a key rotation or immediate revocation policy triggered by anomalous activity would have reduced the window.
The Pattern Going Forward
DeFi protocols are not standalone blockchain deployments. They are cloud services that happen to use a blockchain as their settlement layer. The AWS account that manages signing keys, the CI/CD pipeline that deploys contracts, the admin wallets funded by exchange accounts - all of these are part of the security boundary of the protocol, and none of them show up in a Solidity audit.
The Resolv hack is a useful example because the technical detail is unusually clear. An off-chain key with unconstrained minting authority, stored in a cloud environment that was compromised, with no on-chain check to catch the resulting anomaly. Each of those three things had to be true simultaneously for the attack to work. Any one of them fixed and the attacker walks away with nothing.
Q1 2026 DeFi losses have now reached approximately $137M across 15 incidents, according to Cryptopolitan. The mechanisms vary. The underlying pattern - critical system controls delegated to infrastructure that doesn’t receive commensurate security attention - is consistent.
The next protocol in this position probably also thinks its audits cover it.