The Cryptocurrency Post The CryptocurrencyPost
AboutContact
Security

Humanity Protocol Confirms Private Key Compromise; $30M Drained

Photorealistic close-up of a secured digital vault, keyhole, shattered private-key icon, and cascading wallets with H tokens.

Humanity Protocol confirmed on Tuesday that a security breach involving compromised private keys led to the theft of approximately $30 million in digital assets. The incident, centered on keys held by a member of the Humanity Foundation, resulted in the drainage of over 280 wallets and unauthorized token minting on the BNB Chain (formerly Binance Smart Chain).

Following the breach, the protocol’s native $H token experienced an 80-90% price collapse, falling from approximately $0.73 to a low of $0.05 within a single trading session. Founder Terence Kwok publicly confirmed the nature of the attack, attributing the failure to internal key management rather than a vulnerability in the protocol’s smart contract logic.

Mechanical Breakdown of the Breach

According to security monitoring reports and on-chain data, the attackers utilized the compromised keys to gain proxy admin control over the $H token contract. This administrative access allowed the exploiters to bypass standard protocol restrictions and execute two primary actions:

  • Multi-Wallet Drainage: Attackers accessed and emptied more than 280 separate wallets holding $H tokens. On-chain investigators, including PeckShield, observed the stolen assets being converted and moved. Approximately 16,500 ETH (worth ~$27.5 million) and 2,700 BNB (worth ~$1.6 million) were transferred to fresh addresses to obscure the trail.
  • Unauthorized Minting: After seizing control of the proxy admin rights on the BNB Chain, the attacker minted additional tokens. While reports on the exact minting volume vary, security analysts observed at least 100 million $H tokens were created and sent to an attacker-controlled wallet, further diluting the token supply during the market sell-off.

Operational Response and Status

In an official statement on X, Humanity Protocol urged users to cease all interactions with the project’s bridge and liquidity pools. “We’re aware of a security incident involving the compromise of private keys belonging to a member of the Humanity Foundation,” the team stated, noting that they are currently working with security firms and centralized exchange partners to track the funds.

The breach occurs at a critical juncture for the project, which is positioned as a competitor to identity-verification networks like Worldcoin. The team has not yet released a definitive recovery plan, but they have clarified that the protocol’s core smart contracts were not the source of the vulnerability.

At the time of reporting, the $H token remains significantly down from its pre-exploit valuation. The protocol remains in a state of suspended operation regarding its bridging and liquidity infrastructure as investigations continue into the scope of the administrative compromise.