How a single laptop wrecked the multisig of t-66 and cost $36 million

An elementary operational security (OpSec) failure has exposed t-42Protocol, the decentralized identity unicorn backed by titans like Pantera Capital and Jump Crypto. Despite having a structure that was theoretically supposed to protect the funds, the centralization of credentials in one team facilitated a devastating attack.

๐Ÿ” The Origin

The project used multisig wallets to secure the bridges connecting its tokens across different chains. Although these wallets require multiple independent signatures to authorize transactions, all private keys were accidentally stored on a single employee's laptop during the initial setup.

By compromising that computer, the hacker gained direct access to the minimum approval threshold without needing to breach other team members.

๐Ÿ’ธ The Attack Execution: Two networks plundered

The attacker exploited the same centralized storage vulnerability in two of the major networks of the ecosystem.

At #Ethereum : He managed to get 3 of the 6 admin keys. Took control of the project's contract, transferred ownership to his own wallet, replaced the bridge code with a malicious version, and drained 141 million tokens #H in a single transaction.

At #BNBChain : He seized 3 of the 5 available keys. Manipulated the code to activate an unlimited minting function, creating 200 million H tokens out of thin air directly into his address.

The total haul: The value of the compromised assets exceeds $36 million.

๐Ÿ“‰ Market Impact and Collateral Suspicions

After the attack, the asset suffered a catastrophic crash from $0.67 to a low of $0.05 (a drop of over 90%).

Famous on-chain detective ZachXBT clarified that the hack is not linked to other market irregularities but raised red flags about the token's behavior weeks before the incident. The price of $H had suspiciously inflated from $0.20 to $0.70 in just 14 days, right before a major token unlock.

๐Ÿ›ก๏ธ Humanity Protocol's Response

The project's founder, Terence Kwok, admitted to a backup error on the compromised device. As immediate containment measures, the team has suspended deposits and withdrawals on the affected bridges, removed the team's page from their official website, and is coordinating efforts with centralized exchanges and law enforcement to track and freeze the stolen funds.