Humanity Protocol is pivoting toward enterprise AI after a $36 million exploit erased roughly 89% of its H token's value, founder Terence Kwok said.
Humanity Protocol is pivoting toward enterprise AI after a $36 million exploit erased roughly 89% of its H token's value, founder Terence Kwok said.

Humanity Protocol is pivoting toward enterprise AI after a $36 million exploit erased roughly 89% of its H token's value, founder Terence Kwok said.
"The shift was already underway before the incident, but the breach accelerated our timeline," Kwok said in a statement on July 2. "Enterprise AI represents a larger addressable market than proof-of-humanity alone."
The June 8 attack stemmed from a compromised developer laptop that stored seven private keys, including three of six Ethereum Safe signer keys and three of five BNB Smart Chain Safe signer keys, according to a security investigation by Quantstamp. The security firm linked the attack to North Korean threat actors, citing tooling and certificate-signing activity consistent with state-sponsored intrusions. The attacker drained 141 million H tokens from the project's Ethereum bridge and minted over 122 billion additional tokens on BSC before liquidating across Uniswap and PancakeSwap, crashing the token from roughly $0.63 to as low as $0.06.
The pivot raises questions about the project's original vision. Humanity Protocol launched in June 2025 using palm scans and zero-knowledge proofs to offer on-chain identity verification, a concept that attracted attention from venture investors but struggled to gain user traction. Kwok said the new direction will leverage the same biometric infrastructure for enterprise identity and authentication use cases, though he did not disclose specific customers or revenue projections. The H token was trading at $0.0637 as of July 2, down 74% over the past week, according to CoinGecko data.
The exploit was not a smart-contract vulnerability — every action the attacker took was authorized under the protocol's own security model, with the breach resulting entirely from compromised credentials stored on a single internet-connected machine. The absence of a timelock on either chain's ProxyAdmin meant the attacker faced zero delay between seizing control and draining funds. Humanity Protocol has since deployed a new audited ERC-20 token on Ethereum for a 1:1 airdrop to pre-snapshot holders, while the BSC deployment remains under attacker control.
This article is for informational purposes only and does not constitute investment advice.