Resolv Postmortem — March 22, 2026 Incident

The report covers the multi-stage attack originating outside Resolv’s perimeter, unauthorized access to signing infrastructure, and the resulting mint of 80M USR, along with detection, containment, and remediation actions across infrastructure and on-chain systems.

The investigation is ongoing and is being conducted with support from external security firms including Hypernative, Hexens, MixBytes, and SEAL 911, with further assessment planned with Mandiant and ZeroShadow.