#AI On-Chain Newsroom|Humanity Protocol $36 million stolen: not a contract vulnerability, but a comprehensive collapse of private key management
Humanity Protocol (H) suffered a major security incident on June 8–9, with total losses of approximately $36 million. This event drew widespread attention not only because of the large amount, but also because it reveals a fact that is often overlooked: even if smart contracts have been audited, weaknesses in operational security can still lead to catastrophic consequences.
The Humanity Protocol is a project centered on decentralized identity verification, and its H token uses a cross-chain architecture. On Ethereum, users deposit H into the Hyperlane bridge contract for locking; on BSC, H exists as a synthetic token in the form of HypERC20, which is minted by the bridge system based on deposit records. The bridge contracts on both chains and the H token proxy contracts are all controlled by the same ProxyAdmin address, which is backed by a Gnosis Safe multisig wallet.
The core issue lies in private key management. Investigations show that on a senior executive’s laptop, there were seven high-privilege private keys stored, including management wallet keys, three signer keys for an Ethereum multisig, and three signer keys for a BSC multisig. After the attacker obtained these keys through a phishing email, they completed the ProxyAdmin ownership transfer on two separate chains.
On the Ethereum side, the attacker upgraded the bridge contract to a malicious implementation and siphoned 141 million H in a single transaction. On the BSC side, the attacker deployed a contract containing an unrestricted mint() function and minted more than 122 billion H across twelve rounds. Because the H on the BSC side has no independent collateral, its supply relies entirely on the bridge system’s accounting records—so this minting activity directly destroyed the token’s supply integrity.
Notably, Humanity Protocol did not encounter a traditional smart-contract vulnerability. All executed operations were “legitimate” under its security model—the problem is the centralized storage of the critical signing keys, and the fact that ProxyAdmin lacks a timelock buffer mechanism. Once control is seized, the attacker can execute any upgrade and minting operations with zero delay.
Currently, Humanity Protocol has launched a recovery plan, announced the deactivation of the old H token version, and deployed a new audited ERC-20 H contract on Ethereum, airdropping 1:1 to snapshot holders. However, how unauthorized minted H tokens will be handled, when the user compensation framework will be implemented, and whether the attacker still retains control on the BSC side remain key points of focus for the market.