Humanity Protocol disclosed a security incident on June 9 after the project said an employee's laptop had been compromised, resulting in the theft of multiple administrative keys that control its Ethereum and BNB Chain bridge infrastructure. The project urged users not to interact with its bridge or liquidity pools while investigators assess the scope of the breach.
The announcement came after blockchain investigator Specter reported that wallets connected to Humanity Protocol were being drained and estimated losses had exceeded $30 million. The incident also drew criticism from on-chain investigator ZachXBT, who questioned the project's market-making activities before later stating that evidence pointed to a genuine private key compromise.
Humanity Protocol Says Compromised Keys Enabled Bridge Takeover
12 hours after the incident became public, Humanity Protocol released additional details about the attack and estimated total losses at more than $36 million across Ethereum and BNB Chain.
According to the project, the breach began after an employee's laptop was compromised and the attacker obtained three of six Gnosis Safe owner keys controlling the Hyperlane bridge ProxyAdmin on Ethereum. Using those keys, the attacker transferred ProxyAdmin ownership to a wallet under their control, upgraded the bridge contract to a malicious implementation, and transferred approximately 141.2 million $H tokens in a single transaction.
The project also claimed that three of five Safe owner keys controlling the BNB Chain bridge were compromised. According to Humanity Protocol, the attacker used the same method to seize control of the bridge administration contract before deploying a malicious implementation containing an unlimited mint function.
Humanity Protocol stated that the attacker subsequently minted 200,000,005 $H tokens in two transactions and transferred the tokens to their own wallet.
The project said deposits and withdrawals on the affected bridges have been halted while investigations continue. Humanity Protocol added that it is working with exchanges, security partners, and law enforcement authorities in an effort to recover stolen funds and limit further damage.
Specter First Reported the Wallet Drains
In an initial post published several hours before Humanity Protocol acknowledged the incident, Specter stated that more than 17 wallets holding $H tokens had been drained, with estimated losses exceeding $5 million. He published several addresses that he identified as theft wallets and suggested the affected accounts may have shared a common exposure connected to Humanity Protocol, although the exact attack vector was unknown at the time.
Over the following hours, Specter continued to post updates as additional wallets were reportedly compromised. He later claimed that total losses exceeded $20 million, with approximately $9 million in stolen $H tokens swapped for ETH, while another $9.9 million remained unsold.
The continued selling pressure led to a sharp decline in the price of Humanity Protocol's native token. The token had fallen by approximately 87% as the attacker continued liquidating stolen assets.
The investigator later reported that the number of affected wallets had grown from the initial 17 addresses into the hundreds. He subsequently estimated that total losses had surpassed $30 million.
In a further update, Specter reported that 100 million $H tokens had been minted and were being sold for BNB. Several hours later, Humanity Protocol disclosed that the attacker had allegedly minted 200,000,005 $H tokens on BNB Chain after gaining control of administrative bridge contracts.
As the situation developed, Specter continued to publish addresses he identified as connected to the theft.
ZachXBT Questions Humanity Protocol Before Revising His Assessment
The incident also drew attention from blockchain investigator ZachXBT, who initially responded skeptically to Humanity Protocol's explanation of the events.
In his reply, ZachXBT criticized the project's recent token activity and suggested the community should not immediately accept the team's narrative. He accused Humanity Protocol of artificially supporting the price of the $H token and called on the project to disclose its active market-making agreements and relationships with a Hong Kong-based entity.
However, several hours later, ZachXBT published a follow-up reply after conducting additional analysis of the fund movements. He said that the alleged market-making and OTC activity appeared to be independent of the private key compromise and that the two events were not connected.
ZachXBT later reiterated this position when responding to a user who suggested the reported compromise could be an excuse for token dumping. He stated that, while he initially suspected such a scenario given the project’s market-making activity and recent OTC deals, evidence shared with him indicated a genuine security breach.
In the same update, ZachXBT remarked that it would be ironic if the team had spent weeks pumping the token price only to suffer a major security incident shortly before the upcoming token unlock later this month, a comment that appeared to reference earlier concerns he had made about the project's market activity.
What Is Humanity Protocol?
Humanity Protocol is a blockchain-based digital identity project founded by Terence Kwok. The project aims to allow users to prove they are unique human beings without relying on traditional government-issued identification or exposing sensitive personal information on-chain.
Unlike projects that use iris scans or facial recognition, Humanity Protocol focuses on palm-based biometric verification. The protocol promotes this approach as a privacy-focused alternative for establishing a "Proof of Humanity" that can be used across decentralized applications, social platforms, and blockchain ecosystems.
The project attracted significant attention during its development and raised funding from several investors, including venture capital firms active in the cryptocurrency sector. Humanity Protocol positioned itself as a solution to growing concerns around Sybil attacks, bot activity, fake accounts, and the increasing difficulty of distinguishing humans from AI-generated identities online.
Following a lengthy testnet campaign and community growth efforts, Humanity Protocol launched its native $H token in 2026. The token is designed to support the protocol's ecosystem and identity infrastructure. However, the project has also faced criticism from some members of the crypto community regarding its token economics, market activity, and valuation following the token launch.
The latest security incident comes just weeks after the launch of the $H token and shortly before a scheduled token unlock event, placing additional scrutiny on the project as investigators continue to analyze the attack and track stolen funds.
