Rongchai Wang
Jun 09, 2026 03:35
Humanity Protocol suffers $30M personal key compromise, crashing H token by 85%. Safety issues resurface over key administration practices.
The Humanity Protocol, a zkEVM-based id blockchain also known as the “Chinese language Worldcoin,” has been hit by a devastating exploit. A personal key compromise involving a member of the Humanity Basis allowed attackers to empty over $30 million price of H tokens, sending the token’s value crashing 85% inside hours. H is at present buying and selling at $0.12, down from $0.70 previous to the assault, in line with CoinGecko.
Founder and CEO Terence Kwok confirmed the breach on June 8, stating on social media that the workforce is working with safety consultants to deal with the state of affairs. He urged customers to keep away from interacting with the venture’s bridge or liquidity swimming pools till additional discover. Up to now, no extra specifics in regards to the breach or its decision timeline have been disclosed.
Onchain analyst Specter was among the many first to flag the assault, noting that wallets interacting with Humanity Protocol have been being systematically drained. Blockchain intelligence agency Arkham later reported that the attacker had funneled stolen funds by way of decentralized exchanges similar to Kyber Community and PancakeSwap. The overall losses are actually estimated at over $30 million.
Non-public Key Missteps Resurface
This isn’t the primary time Humanity Protocol has confronted scrutiny over personal key administration. In December 2025, the venture admitted to a safety flaw throughout its testnet part, the place plaintext personal keys have been saved in browser sessionStorage—a problem flagged by SlowMist founder Yu Xian. Whereas the workforce pledged to resolve the bug promptly, no official hyperlink between that testnet vulnerability and the present exploit has been established. Nevertheless, the incident highlights ongoing dangers tied to operational safety and personal key storage practices inside crypto tasks.
Non-public key compromises have grow to be an more and more widespread assault vector throughout the business. Simply two months in the past, the Drift Protocol suffered a $280 million exploit by way of compromised admin keys. In keeping with CertiK, personal key breaches have been the second-most expensive assault sort in Could 2026, with $13.7 million stolen.
H Token Market Affect
The fallout has been brutal for H token holders. After plummeting 85% to $0.08 shortly after the exploit, the token has recovered barely to $0.12 as of June 9. Market cap estimates place the venture’s worth at $122 million, although buying and selling volumes stay unclear amid the continuing disaster.
Traders will now be watching carefully for updates from Humanity Protocol relating to its remediation efforts. Safety audits, personal key administration reforms, and clear communication can be vital to restoring confidence. Nevertheless, the broader market could take longer to overlook this high-profile breach.
Because the crypto house continues to evolve, incidents like this function stark reminders of the necessity for sturdy operational safety practices—particularly for tasks dealing with delicate consumer knowledge and self-sovereign id options.
Picture supply: Shutterstock
