coin-img-ETHETH+4.69%coin-img-BTCBTC+3.76%coin-img-SOLSOL+4.89%coin-img-BPBP+105.50%coin-img-AGQAGQ-51.71%coin-img-LUCKLUCK-31.32%coin-img-AITOAITO-49.73%coin-img-XRPXRP+2.37%coin-img-ETHETH+4.69%coin-img-BTCBTC+3.76%coin-img-SOLSOL+4.89%coin-img-BPBP+105.50%coin-img-AGQAGQ-51.71%coin-img-LUCKLUCK-31.32%coin-img-AITOAITO-49.73%coin-img-XRPXRP+2.37%coin-img-ETHETH+4.69%coin-img-BTCBTC+3.76%coin-img-SOLSOL+4.89%coin-img-BPBP+105.50%coin-img-AGQAGQ-51.71%coin-img-LUCKLUCK-31.32%coin-img-AITOAITO-49.73%coin-img-XRPXRP+2.37%coin-img-ETHETH+4.69%coin-img-BTCBTC+3.76%coin-img-SOLSOL+4.89%coin-img-BPBP+105.50%coin-img-AGQAGQ-51.71%coin-img-LUCKLUCK-31.32%coin-img-AITOAITO-49.73%coin-img-XRPXRP+2.37%

DeFi's hardcoded-oracle failure strikes again: fourth repeat in 14 months

A familiar DeFi blowup has surfaced again—and it's now at least the fourth instance in 14 months where a lending market continued valuing a depegged stablecoin at $1 because the oracle was effectively hardcoded. The latest incident centers on yield-bearing stablecoin protocol Resolv. An attacker reportedly turned roughly $100,000 into about $25 million in around 17 minutes. Before Resolv suspended its contract, its dollar-pegged stablecoin USR had already cratered to just a few cents. As of publication, USR remains deeply depegged near $0.25, down more than 70% on the week. Contagion spread quickly across DeFi lending venues that accepted USR or its wrapped staked form wstUSR as collateral. Fluid/Instadapp took in over $10 million of bad debt in a single day and saw net outflows above $300 million—its largest one-day outflow on record. Fifteen Morpho vaults were impacted. Euler, Venus, Lista DAO, and Inverse Finance later paused USR-related markets. How the exploit worked Resolv's USR minting flow relies on a two-step off-chain process. Users deposit USDC via the `requestSwap` function. A privileged signing key with `SERVICE_ROLE` then finalizes minting through `completeSwap`. The contract enforces a minimum output but no maximum cap, meaning whatever amount is signed by the key holder is executed on-chain. According to on-chain analyst Vadim (@zacodil), the attacker gained access to the signing key via Resolv's AWS Key Management Service, deposited USDC totaling roughly $100,000 to $200,000, and used the compromised key to authorize 80 million USR. On-chain records show two mints—50 million USR and 30 million USR—within minutes. "The Resolv USR vulnerability is not a bug—it's a feature working as designed. That's the problem," Vadim said. He added that `SERVICE_ROLE` was a standard externally owned address rather than a multisig. While the admin key is multisig-protected, the minting key is not. Vadim said Resolv has undergone 18 audits, including one that flagged a finding titled "Missing Upper Bound." After minting, the attacker reportedly reduced market impact by converting USR into wstUSR, then swapped into ETH through Curve, Uniswap, and KyberSwap. The attacker wallet holds about 11,400 ETH (around $24 million). Resolv's ETH and BTC collateral pools remained intact as the stablecoin depegged. Why losses spread The broader damage came from two failures aligning: the minting compromise and a breakdown in cross-margin lending risk controls. As USR and wstUSR collapsed, lending markets that accepted them as collateral still treated wstUSR as near-par because their oracles did not reprice. Chaos Labs founder Omer Goldberg described the core mechanism: "The oracle is hardcoded and therefore never repriced. wstUSR is marked at $1.13, while trading at approximately $0.63 on the secondary market." Traders could buy wstUSR cheaply, post it as collateral on venues such as Morpho or Fluid at the inflated oracle value, borrow USDC, and exit. Fluid said it secured a short-term loan to cover 100% of bad debts and committed to reimbursing users. At Morpho, co-founder Paul Frambot said roughly 15 vaults had meaningful exposure, largely tied to higher-risk, long-tail collateral strategies. Curator accountability has also come under scrutiny. Gauntlet said exposure across several high-yield vaults was limited. D2 Finance disputed that, publishing on-chain data indicating Gauntlet's flagship "USDC Core Vault" allocated $4.95 million to a wstETH/USDC market. Goldberg later said Gauntlet's vault represents 98% of lender liquidity in that market. Frambot told The Defiant that Morpho has been exploring better ways to present risk, but he does not see the main issue as labeling. He emphasized Morpho is "oracle-agnostic" and allows curators to select the oracle they deem appropriate. "It's difficult to enforce objectively 'correct' safeguards in all scenarios," he said, warning that protocol-level constraints can also block legitimate strategies. Critics argue the curator model itself is structurally misaligned. Marc Zeller wrote on X that there is effectively no real curation happening. As of publication, Resolv, Gauntlet, and Fluid had not responded to The Defiant's requests for comment. A pattern repeating across DeFi This failure mode is not new. The same "priced at $1 despite depeg" dynamic has surfaced repeatedly: • January 2025: Usual Protocol's USD0++ was hardcoded to $1 by curator MEV Capital in a Morpho vault. Usual then lowered the redemption floor to $0.87 without warning, trapping lenders as utilization jumped to 100%. • November 2025: Stream Finance's xUSD collapsed after a curator routed USDC deposits into leveraged loops backed by the synthetic stablecoin. With the oracle failing to update, an estimated $285 million to $700 million across Morpho, Euler, and Silo was put at risk. • October–November 2025: Moonwell suffered two consecutive oracle failures, producing more than $5 million in bad debt. What it says about the curator model Morpho's design pushes key risk decisions to third-party "curators," who build vaults, choose collateral, set loan-to-value parameters, and select oracles. The idea is that specialist firms compete on expertise while the base protocol enforces the rule set. The economic incentives, critics say, point the other way. Curators earn fees on yield generation, encouraging acceptance of higher-risk, higher-yield collateral such as yield-bearing stablecoins. When those assets depeg, depositors absorb the losses, not curators. In the Resolv event, some curators' bots reportedly continued allocating funds into affected vaults for hours after the incident began, worsening losses. Hardcoded-oracle setups are often justified as a way to prevent short-term volatility from triggering liquidations. That protection only works if the stablecoin stays stable. Chainalysis, in a post-incident review, argued for real-time on-chain detection and monitoring. "The onchain smart contract is operating perfectly. The issue clearly lies in the broader system design and offchain infrastructure," the firm said.
المختارة
USDC
USDC+0.01%
ETH
ETH+4.60%
إخلاء المسؤولية: المحتوى المذكور أعلاه هو رأي الكاتب فقط، ولا يمثل موقف BingX. ولا يجب اعتباره نصيحة استثمارية من BingX. للمزيد من التفاصيل، يُرجى مراجعة الشروط والأحكام.