On June 26, 2025, speculation began circulating within the DeFi community about a potential exploit targeting ResupplyFi, a decentralized stablecoin protocol integrated with Curve and Frax. At the time of writing, ResupplyFi has not released an official statement, and no confirmations have been made regarding a hack or exploit.
Still, the lack of communication has raised concerns—especially as users monitor on-chain activity and ResupplyFi’s silence across X and its governance forum.
What is ResupplyFi?
ResupplyFi allows users to mint reUSD by supplying crvUSD or frxUSD to Curve Lend or Fraxlend. It combines traditional DeFi lending mechanics with a native insurance pool designed to mitigate unforeseen protocol risks.
What Should You Do?
Here’s what we recommend until more details are confirmed:
1. Avoid new interactions with ResupplyFi smart contracts
Do not deposit, borrow, or interact with reUSD vaults until the team issues a formal update.
2. Withdraw funds if feasible
If you currently have funds deposited and are able to safely withdraw (gas-efficiently), you may consider exiting your positions as a precaution.
3. Monitor ResupplyFi’s official channels
Keep a close watch on:
4. Watch for impersonators
Scammers often capitalize on uncertainty. Do not trust messages or announcements unless they come directly from ResupplyFi’s official channels.
5. Stay informed via on-chain monitoring
Use DeFi analytics tools (like DeBank, Etherscan, and DefiLlama) to track your positions and any irregular movements in ResupplyFi contracts.
Impact & Remediation Timeline
Updated as of 26 June 2025, 12:29 PM SGT
Updated as of 26 June 2025, 11:05 AM SGT
As of now, there is no verified evidence that ResupplyFi has been exploited. However, several factors have triggered concern:
- Unusual on-chain activity involving reUSD vaults
- No official statement from ResupplyFi
- Ongoing speculation in Discord and DeFi forums
Until more information becomes available, it is prudent to act with caution.
How FailSafe Can Help?
Security Hotline (only urgent requests)
Stay Safe and Updated
This post will be updated as new information becomes available. If you are a protocol interested in ensuring 24/7 security coverage with active threat detection and mitigation, reach out to FailSafe.
Sources
Related Articles
SWARM Finds Mythos Zero-Day Vulnerabilities
Anthropic recently proved that AI is superior to humans at vulnerability discovery. We explore the economics of their $20,000 Mythos scaffold, and how FailSafe ...
FailSafe Supports NEAR AI in Securing IronClaw Agents
FailSafe SWARM partnered with NEAR AI to uncover and patch a critical safety layer bypass and memory poisoning vulnerabilities in their Rust-based IronClaw fram...
FailSafe Secures NVIDIA's NemoClaw Agents
A proactive security assessment of NVIDIA NemoClaw (alpha) uncovered multiple vulnerabilities, including a path traversal exploit that escaped the agent sandbox...
Ready to secure your project?
Get in touch with our security experts for a comprehensive audit.
Contact Us