On June 26, 2025, speculation began circulating within the DeFi community about a potential exploit targeting ResupplyFi, a decentralized stablecoin protocol integrated with Curve and Frax. At the time of writing, ResupplyFi has not released an official statement, and no confirmations have been made regarding a hack or exploit.
Still, the lack of communication has raised concerns—especially as users monitor on-chain activity and ResupplyFi’s silence across X and its governance forum.
What is ResupplyFi?
ResupplyFi allows users to mint reUSD by supplying crvUSD or frxUSD to Curve Lend or Fraxlend. It combines traditional DeFi lending mechanics with a native insurance pool designed to mitigate unforeseen protocol risks.
What Should You Do?
Here’s what we recommend until more details are confirmed:
1. Avoid new interactions with ResupplyFi smart contracts
Do not deposit, borrow, or interact with reUSD vaults until the team issues a formal update.
2. Withdraw funds if feasible
If you currently have funds deposited and are able to safely withdraw (gas-efficiently), you may consider exiting your positions as a precaution.
3. Monitor ResupplyFi’s official channels
Keep a close watch on:
4. Watch for impersonators
Scammers often capitalize on uncertainty. Do not trust messages or announcements unless they come directly from ResupplyFi’s official channels.
5. Stay informed via on-chain monitoring
Use DeFi analytics tools (like DeBank, Etherscan, and DefiLlama) to track your positions and any irregular movements in ResupplyFi contracts.
Impact & Remediation Timeline
Updated as of 26 June 2025, 12:29 PM SGT
Updated as of 26 June 2025, 11:05 AM SGT
As of now, there is no verified evidence that ResupplyFi has been exploited. However, several factors have triggered concern:
- Unusual on-chain activity involving reUSD vaults
- No official statement from ResupplyFi
- Ongoing speculation in Discord and DeFi forums
Until more information becomes available, it is prudent to act with caution.
How FailSafe Can Help?
Security Hotline (only urgent requests)
Stay Safe and Updated
This post will be updated as new information becomes available. If you are a protocol interested in ensuring 24/7 security coverage with active threat detection and mitigation, reach out to FailSafe.
Sources
Related Articles
Achieving Unmatched Code Vulnerability Detection with SWARM
FailSafe’s code-agnostic agentic security testing platform, SWARM, achieves 69.2% vulnerability detection recall on the EVMbench smart contract security benchma...
FailSafe AI Secures Base's BTC Lending Protocol, Bitmor
FailSafe's agentic AI surfaced valuable security findings in Bitmor's Bitcoin lending protocol on Base ahead of launch, the kind of vulnerabilities traditional ...
How FailSafe's Agentic AI Secured Megapot v2 Ahead of Launch
FailSafe's SWARM completed a full assessment across Megapot v2 contracts, identifying four vulnerabilities including an LP pool cap bypass that could have expos...
Ready to secure your project?
Get in touch with our security experts for a comprehensive audit.
Contact Us