Humanity Protocol lost $30 million after an attacker compromised a private key, sending its native H token down 85% in a matter of hours. The security breach, disclosed late Tuesday, has revived questions about how the project handles its cryptographic keys.
How the exploit happened
Investigators say the attacker gained access to a private key that controlled a wallet holding a significant portion of the project's funds. From there, they drained $30 million worth of crypto in a series of transactions. The team has not revealed which blockchain or custody setup was involved, but confirmed the key was not a multi-signature wallet.
The token's collapse
H token holders watched the price crater from roughly $1.20 to under $0.18 within the same trading session. Trading volume spiked as panic selling took hold. The token has since stabilized around $0.20, but market confidence remains fragile.
Key management questions resurface
The exploit is the latest in a string of incidents where a single private key compromise led to multimillion-dollar losses. Critics point out that Humanity Protocol had not publicly disclosed its key management practices before the hack. The project's documentation says keys were kept in a cold storage setup, but investigators are examining whether operational security gaps existed.
No arrests have been made, and the stolen funds have not been recovered. The project has said it is working with security firms to trace the movement of the crypto.
What happens next is unclear. The team has not announced a timeline for a post-mortem report or any compensation plan for token holders. Regulators in at least two jurisdictions have opened preliminary inquiries, but no formal action has been taken.
