crvUSD's exploit trilogy: three shocks, no collapse

What makes crvUSD instructive is that none of the three events were attacks on crvUSD. The 2023 Vyper incident was a compiler bug in unrelated ETH-paired pools. The 2024 UwU Lend event was an oracle manipulation on a third-party lender that happened to use Curve spot prices. The 2025 Resupply event was a vault-accounting bug in a separate protocol that borrowed crvUSD as its base asset. In each case crvUSD was downstream of the failure, not the failure itself.

That distinction matters for how you read the deviations. A stablecoin breaking because its own backing failed is a mechanism failure. A stablecoin wobbling because a leveraged ecosystem around it unwound violently — and then snapping back — is the system doing roughly what it was designed to do. The deviations were real and worth pinning on the chart, but they were liquidity events working themselves out, not solvency events.

Conventional CDP designs liquidate in steps: once a position crosses its threshold, a keeper seizes and auctions the collateral, often dumping it into a falling market and amplifying the move. LLAMMA replaces that cliff with a ramp. As a borrower's collateral price declines through a band of prices, the AMM continuously sells it into crvUSD; if price recovers, it buys back. Liquidation becomes a gradual, reversible rebalancing rather than a single forced sale.

The practical effect under stress is that crvUSD is not subject to the same liquidation-cascade dynamics that have broken other CDP and lending systems. There is no auction that fails for lack of bidders, and no single block in which a large position is dumped at any price. Combined with conservative loan-to-value parameters on volatile collateral, the design buys time — and in a fast unwind, time is what lets arbitrage and reserves close the gap.

PegKeeper contracts do the rest. They hold pre-minted crvUSD that can be deposited into or withdrawn from Curve pools to lean against deviations in either direction, and the borrow rate adjusts dynamically to pull the peg back. The 2024 episode exposed their main limit: when a dislocation is sharp and one-sided, PegKeepers can be temporarily out of inventory to act, which is why the upward depeg persisted for tens of minutes rather than seconds.

In both 2023 and 2024 the trigger was the same: a very large, highly leveraged set of CRV-backed loans held by Curve's founder, spread across multiple lending venues. When CRV fell sharply, those positions were the dominant force moving crvUSD borrow demand and price — in 2024 they reportedly accounted for the bulk of borrowed crvUSD on LlamaLend.

This is a governance and concentration risk distinct from the stablecoin's collateral quality. A CDP system can have sound mechanics and conservative parameters and still be repeatedly stress-tested because one actor's positions are large enough to move the whole market. The mechanism passing the test does not retire the risk; it just means the risk has so far been survivable.

The 2025 Resupply event broke that pattern in one respect — the trigger was a third-party protocol's bug, not Egorov's book — but reinforced it in another: crvUSD's exposure came through a dependency that levered on top of it. The recurring lesson is to watch what is built around a stablecoin as closely as the stablecoin itself.

First, soft liquidation is a genuine resilience feature, not marketing. Removing the discrete-auction cliff demonstrably changed how crvUSD behaved under three separate cascades. Second, reserves that act in both directions matter, but they are only as good as their available inventory at the moment of stress. Third, a stablecoin's risk surface includes everything that borrows it or uses its price — UwU Lend and Resupply were both external, and both became crvUSD's problem.

The honest summary is that crvUSD has earned its survival record without erasing the concentration risk that produced two of the three tests. A practitioner should treat the recovery speed as evidence the mechanism works and treat the recurrence as evidence the surrounding ecosystem, not the contracts, is where the next shock most likely originates.