Uneasy Money: How the Resolv Hack Shows an Audit Doesn't Mean 'Secure'

The podcast explores the recent Resolv hack, where a compromised AWS key led to the minting of $80 million in unbacked USR, causing a significant market crash and bad debt across DeFi lending protocols. The discussion highlights the hack's root cause: a single, unsecured key with unlimited minting permissions, and questions the architectural choices that prioritized convenience over security. The panelists critique the over-reliance on smart contract audits that often overlook basic operational security and threat modeling, emphasizing the need for robust risk management and monitoring. Omer Goldberg, CEO of Chaos Labs, joins the panel and points out the importance of implementing security measures, such as multi-factor authentication and velocity controls, even within Web2 environments like AWS. The conversation further examines the contagion effects of the hack, particularly within lending protocols like Morpho, Fluid, and Venus, and emphasizes the need for better counterparty risk assessment and credit line management.