- Around 17 wallets interacting with Humanity Protocol were drained for over $32 million in an ongoing exploit.
- Founder Terence Kwok confirmed a private key compromise of a Humanity Foundation member.
- The H token crashed up to 90%, trading near $0.13 after selling pressure from stolen and minted tokens.
- The project urged users to avoid bridges and liquidity pools while investigations continue.
Humanity Protocol, a decentralized identity project using palm-scan biometrics and zero-knowledge proofs, has become the latest victim of a major security incident centered on private key management.
On June 8, 2026, onchain analyst Specter first flagged the drainage of approximately 17 wallets tied to the project, with initial losses estimated in the millions before climbing above $32 million.
According to reports, attackers compromised private keys belonging to a member of the Humanity Foundation. The stolen assets were swapped primarily for Ethereum, with additional pressure from the minting of 100 million new H tokens on BNB Chain.
Terence Kwok, founder of Humanity Protocol, acknowledged the breach on X, stating the team is working with security experts and exchange partners. “We’re deeply sorry — protecting this community is our responsibility,” he wrote. The project advised users to steer clear of its bridge and liquidity pools during the ongoing response.
The exploit fits a broader 2026 pattern where key compromises, rather than smart contract vulnerabilities, have driven significant losses. Humanity Protocol positions itself as a privacy-focused alternative to projects like Worldcoin, enabling users to verify their humanity without revealing personal data through biometrics and zk-proofs.
Market reaction was swift and severe. The H token dropped from around $0.67–$0.78 to as low as $0.05, representing an intraday decline of nearly 90%, before partially recovering to trade near $0.13 amid heavy volume. Onchain observers noted the attacker converting holdings into ETH and BNB.
Prominent investigator ZachXBT expressed skepticism about the official narrative, suggesting it could involve market maker activity rather than a straightforward theft, citing concerns over the project’s background.
This incident underscores persistent challenges in crypto security, particularly around key custody and foundation-level access, even for projects emphasizing advanced privacy technologies. As the team continues its investigation, the event may prompt further scrutiny of biometric identity solutions and their operational safeguards.
Disclaimer: This article is for informational purposes only and does not constitute advice of any kind. Readers should conduct their own research before making any decisions.
