Humanity Loses $31 Million, a Private Key Causes Token Price to Plunge 90%

Foresight NewsPublicado a 2026-06-09Actualizado a 2026-06-09

Resumen

On June 9th, the digital identity project Humanity Protocol suffered a major security breach resulting in over $31 million stolen from hundreds of wallets holding its H token. The attack was caused by the compromise of a private key belonging to a foundation member, leading the team to advise users against interacting with its bridge or liquidity pools. Following the incident, the price of the H token plummeted by over 90%, from around $0.70 to a low of $0.052, wiping out a significant portion of its market capitalization. The attacker allegedly minted 100 million new H tokens and began selling them for BNB. Humanity Protocol, founded in 2024, aimed to verify human users through palm-print biometrics and zero-knowledge proofs on Polygon CDK. Despite raising $50 million across two funding rounds and achieving a unicorn valuation, the project faced prior controversies. Shortly after its June 2025 token launch, reports emerged that only about 1 million of its 9 million registered IDs had completed biometric verification, suggesting 88% might be bots. Furthermore, allegations surfaced that the project might be a rebranded "shell" of a Chinese access control company, raising concerns about data privacy and authenticity. The project's founder, Terence Kwok, has a controversial business history. His previous venture, Tink Labs, burned through $170 million in funding before collapsing in 2020. The breach highlights the persistent critical risk of private key management in crypto....

Author: ChandlerZ, Foresight News

On June 9, according to on-chain analyst Specter's monitoring, wallets that have interacted with the digital identity project Humanity are under sustained attack. Hundreds of addresses holding H tokens have been compromised so far, with total losses exceeding $31 million. Approximately $9 million has been swapped for ETH, with another $9.9 million still held in the form of H tokens.

Humanity founder Terence Kwok subsequently confirmed the security incident, involving the leakage of a private key belonging to a foundation member. As a precaution, he advised users to temporarily refrain from interacting with the Humanity cross-chain bridge or any liquidity pools until further safety confirmation. The team is working with security experts and exchange partners to handle the situation and will continue to update the community on the progress.

The price of the H token plummeted from around 0.7 USDT to a low of 0.052 USDT, a drop of over 90% within 24 hours. At the time of writing, H is trading at 0.1368301 USDT, with its market capitalization falling from around $2 billion to approximately $35.7 million.

As of 11:00 AM on June 9, the attacker is suspected of minting 100 million new Humanity Protocol H tokens and is currently selling them off for BNB.

A Project That Never Truly 'Proved Humanity'

Humanity Protocol was founded in 2024, positioning itself as a decentralized digital identity network. Its core selling point was using palm print biometrics and zero-knowledge proofs to verify whether a user is a real human. Built on Polygon CDK (zkEVM), the project claimed to solve issues like Sybil attacks, fake accounts, and AI-generated identities without exposing personal information.

This narrative attracted significant capital attention in 2024. Humanity Protocol completed two rounds of funding totaling $50 million. A $30 million seed round at a $1 billion valuation included investors like Kingsway Capital, Animoca Brands, Blockchain.com, and Shima Capital. In January 2025, another $20 million round led by Pantera Capital and Jump Crypto raised the valuation to $1.1 billion.

The Humanity Foundation also assembled numerous well-known figures, led by Animoca Brands Chairman Yat Siu. Co-founders included Mario Nawfal, founder of the international blockchain consulting firm, and Yeewai Chong, a senior investment expert from Morgan Stanley and Ortus Capital.

On June 25, 2025, the H token launched via a Fairdrop mechanism, touted as the first-ever token distribution in Web3 history exclusively to verified humans. However, two days after launch, DL News reported leaked conversations from the founder. In the dialogue, Kwok admitted that out of the 9 million Human IDs created on the network, only about 1 million had completed biometric verification, implying that up to 88% of users might be bots.

Furthermore, according to revelations from X platform users SCoin (@ LianFang _) and AB Kuai . Dong (@_FOR AB ), Humanity Protocol (H) might be a "repackaged domestic project," with APP code material libraries still containing images from Shenzhen access control manufacturer Zhangteng Information, raising doubts about its authenticity. Netizens claimed much of its social media hype was self-generated by project-side accounts, with actual user participation questionable.

AB Kuai.Dong stated that those who previously completed verification with Humanity should be cautious. Zhangteng Information is allegedly backed by a Shanghai-based outsourcing company specializing in full identity recognition outsourcing. Additionally, whistleblower SCoin claimed the project collected large amounts of users' palm print data, raising privacy and security concerns.

This was fatal for a project whose core value proposition was "proving humanity." The H token fell over 61% within two days of launch, from around $0.05 to a low of $0.018.

The Founder's Previous Unicorn Burned Through $170 Million

Terence Kwok's personal resume added a footnote of risk to the project. In 2012, 20-year-old Terence Kwok dropped out of the University of Chicago and, inspired by a $900 roaming bill received during a trip, founded Tink Labs. The company provided free smartphones (branded Handy) to hotel rooms for guests to use abroad, replacing expensive roaming fees. This concept once captivated the capital market. Tink Labs raised $170 million successively from Foxconn, SoftBank, Innovation Works, and the founder of Meitu, reaching a valuation of $1.5 billion and becoming Hong Kong's first unicorn. At its peak, Handy devices covered 600,000 hotel rooms across 82 countries.

However, Kwok's aggressive expansion strategy soon met reality. Global roaming fees continued to decline, hotels were unwilling to pay for Handy devices, and the company began losing money from 2017. According to the Financial Times, SoftBank cut off funding for a key project after discovering that Tink Labs might have diverted funds from its Japanese joint venture to other loss-making markets. In July 2019, over 100 employees from its European, Middle Eastern, and African offices did not receive their salaries. Laid-off employees smeared cake on the walls and floors as they left the Oxford office. On August 1, Tink Labs officially shut down, entering bankruptcy proceedings in January 2020. A former HR director told the FT that Kwok only cared about "making money," and the entire $170 million investment evaporated.

Six years later, Kwok returned to the market with Humanity Protocol, once again securing a unicorn valuation from Pantera Capital and Jump Crypto.

Private Key Management: An Old Problem, a New Cost

Based on current information, this attack does not involve smart contract vulnerabilities or protocol-level security flaws. The attacker obtained a private key belonging to a foundation member, representing a failure in the most traditional security management.

The security landscape for the crypto industry in 2026 was already severe. According to CCN statistics, losses from DeFi hacks in the first four months of 2026 exceeded $1 billion, with most stolen funds still unrecovered. The $286 million attack on Drift Protocol on April 1 was the largest single incident of the year. Attackers are increasingly targeting validators, RPC nodes, and governance systems, not just smart contract vulnerabilities. However, private key leaks remain one of the most devastating attack types because they bypass all on-chain security mechanisms, directly granting control of assets.

For a project already burdened with the controversy of 88% bot users and a token down over 90% from its peak, a $31 million private key leak could be the final blow to trust. As of the time of writing, Kwok stated in his declaration that the team is working with security experts and exchange partners to handle the situation but did not mention any user compensation plan or explain why the foundation member's private key lacked basic protections like multi-signature or hardware isolation.

Preguntas relacionadas

QWhat was the total estimated loss in the Humanity Protocol security incident, and what were the main assets stolen?

AThe total estimated loss exceeded $31 million. Approximately $9 million was converted to ETH, and about $9.9 million remained in the form of H tokens.

QAccording to the article, what was the specific cause of the Humanity Protocol security breach?

AThe security breach was caused by the private key of a foundation member being compromised.

QWhat was a major controversy regarding Humanity Protocol's user verification process that was reported before the hack?

AA leaked conversation revealed that out of 9 million created Human IDs, only about 1 million had completed biometric verification, suggesting around 88% of users might be bots.

QWhat previous venture of Humanity Protocol's founder, Terence Kwok, failed after burning through $170 million in funding?

ATerence Kwok's previous venture was Tink Labs (branded Handy), which provided free smartphones to hotel rooms and failed after reportedly burning through $170 million in funding.

QHow did the article characterize the nature of the attack on Humanity Protocol in relation to common DeFi security failures?

AThe article characterized the attack not as a smart contract vulnerability, but as a traditional security management failure involving private key compromise, bypassing all on-chain security mechanisms.

Lecturas Relacionadas

Over $31 Million Stolen from Humanity, Is the Team Behind It Paving the Way for a New Project?

The article reports a major security incident involving Humanity Protocol (H), resulting in over $31 million stolen. The team attributes the hack to a private key leak from a Humanity Foundation member, leading to a rapid sale of H tokens and a 90% price drop. However, prominent on-chain investigator ZachXBT suggests the event might be an "exit scam" orchestrated by the team, rather than an external hack. This suspicion is fueled by the team's controversial history, including past management failures, legal issues, and previous scandals like outsourced technology and problematic airdrops. Further investigation reveals that the core team behind Humanity is already involved with a new project called "Everything," which recently secured funding. This has led to community speculation that the alleged hack is a deliberate scheme to abandon the H project while shifting focus and resources to their new venture, leaving investors to bear the losses. The article questions whether this is a genuine security failure or a premeditated "rug pull" strategy.

Odaily星球日报Hace 36 min(s)

Over $31 Million Stolen from Humanity, Is the Team Behind It Paving the Way for a New Project?

Odaily星球日报Hace 36 min(s)

SoftBank's Son, Bankrupted by Good Stories, Awaits His Next Alibaba

Masayoshi Son is back. After years defined by Vision Fund's massive losses and costly missteps like WeWork—which shattered market confidence and led to billions in write-downs—Son has found redemption through AI. His early, high-conviction bets are paying off handsomely. Arm, acquired for $32 billion in 2016 and once a heavily leveraged burden, has become a gold mine amid the AI compute boom, delivering roughly a 10x return for SoftBank after its 2023 IPO. More crucially, SoftBank has made an enormous, concentrated bet on OpenAI, committing over $64 billion for a roughly 13% stake. This investment is already showing massive paper gains, contributing significantly to SoftBank's soaring valuation and propelling Son back to the top as Asia's richest person. The narrative has shifted from the "fool" who fell for grandiose stories to the visionary who endured a brutal downturn and is now being rewarded for his early faith in artificial intelligence.

marsbitHace 1 hora(s)

SoftBank's Son, Bankrupted by Good Stories, Awaits His Next Alibaba

marsbitHace 1 hora(s)

WeChat Agent Issues a 'Heroic Summons,' Half of the Internet Responds

WeChat AI Agent is on the horizon. The WeChat Open Platform has issued a guide for developers, offering them ways to integrate into the WeChat AI ecosystem. This will enable mini-programs to be discovered and invoked by the AI. Meituan has already announced its integration, allowing users to access services like food delivery through WeChat AI. Other platforms like Ctrip and Tongcheng have followed suit. Furthermore, WeChat is collaborating with major smartphone manufacturers to enable their native AI assistants to perform actions within WeChat, such as initiating calls or sending messages, through a controlled protocol called Agent-to-Agent (A2A). Reports indicate the WeChat AI Agent will be accessible by swiping right on the main interface. It aims to understand user intent within the rich context of chats, groups, and past interactions, then automatically call upon relevant mini-programs to complete tasks like ordering coffee or booking restaurants. This positions it as a potential "super app" with direct access to WeChat's vast ecosystem of services, social connections, and payment systems. Technically, this is a complex endeavor. It requires advanced natural language understanding, a "world model" to predict interactions within mini-programs (UI-Oceanus), multi-model orchestration for cost efficiency, and careful coordination with millions of third-party service providers. Tencent's development follows a "Co-Design" approach, where product teams and the Hunyuan model team collaborate closely, allowing capabilities honed in other AI products (like Yuanbao for chat, ima for search, WorkBuddy for office tasks) to be transferred to the WeChat Agent. Tencent is strategically opting for the A2A protocol over GUI-based automation (which it has blocked in the past), maintaining control over its ecosystem. To manage the immense scale and cost of serving 1.4 billion monthly active users, Tencent is deepening its ties with DeepSeek, known for its cost-effective training, to secure a low-cost inference backbone. The ultimate goal is to solve practical, everyday problems for users within the WeChat ecosystem, moving beyond technical benchmarks to deliver real utility, which Tencent sees as the key to winning in the long-term AI game.

marsbitHace 1 hora(s)

WeChat Agent Issues a 'Heroic Summons,' Half of the Internet Responds

marsbitHace 1 hora(s)

Strategy Erases Last Week’s Bitcoin Sale With 1,550 BTC Purchase

Strategy, a major Bitcoin treasury firm, has made a substantial purchase of 1,550 BTC for approximately $101 million. This acquisition completely offsets the company's sale of 32 BTC just one week prior, which had negatively impacted market sentiment. Following this buy, Strategy's total Bitcoin holdings have reached a new record of 845,256 BTC. The company's leadership, including Chairman Michael Saylor and CEO Phong Le, emphasized their ongoing strategy to accumulate Bitcoin over time. Concurrently, Strategy added $100 million to its USD reserve, bringing its total to $1 billion, to ensure dividend payments. The purchase was reportedly funded through sales of the company's stock. Meanwhile, U.S. Bitcoin spot ETFs experienced a fourth consecutive week of net outflows, totaling $1.72 billion last week. Bitcoin's price is currently around $63,400, reflecting a nearly 12% decline over the past seven days.

bitcoinistHace 1 hora(s)

Strategy Erases Last Week’s Bitcoin Sale With 1,550 BTC Purchase

bitcoinistHace 1 hora(s)

Humanity Loses $31 Million in Attack, Token Price Plummets 90% Due to a Single Private Key

On June 9th, the digital identity project Humanity Protocol suffered a major security breach resulting in over $31 million in losses. According to on-chain analyst Specter, hundreds of wallets holding the project's H token were drained. The attack was confirmed by founder Terence Kwok to be caused by the compromise of a foundation member's private key. As a precaution, users are advised to avoid interacting with Humanity's cross-chain bridge or liquidity pools. The incident caused the H token price to crash over 90%, from around $0.70 to a low of $0.052, wiping its market cap from $2 billion to approximately $35.7 million. The attacker allegedly minted 100 million new H tokens and is selling them for BNB. This breach adds to existing controversies surrounding Humanity Protocol. Founded in 2024, it aimed to verify human users via palm-print biometrics and zero-knowledge proofs. However, a leaked conversation in 2025 revealed that only about 1 million of its 9 million claimed Human IDs had completed biometric verification, suggesting 88% might be bots. Furthermore, the project has faced allegations of being a repackaged product from a Chinese access control vendor, raising privacy and authenticity concerns. Founder Terence Kwok's previous venture, Tink Labs, a hotel smartphone startup that raised $170 million, failed and entered bankruptcy in 2020 after burning through its funding. The current attack highlights the persistent critical issue of private key management in crypto. Unlike smart contract exploits, a private key compromise bypasses all on-chain security mechanisms. With no user compensation plan announced yet, this $31 million breach may be a final blow to the project's credibility, already weakened by previous controversies and a heavily depreciated token.

marsbitHace 1 hora(s)

Humanity Loses $31 Million in Attack, Token Price Plummets 90% Due to a Single Private Key

marsbitHace 1 hora(s)

Trading

Spot

Futuros