In a decentralized world, the most centralized thing will always be people.

Written by: Clow

Late at night on June 8, H token began its free fall.

Within 24 hours, the price plummeted from $0.73 to around $0.06, a decline of nearly 90%. Seventeen associated wallets were emptied one after another, resulting in over $31 million evaporating. The hacker wasn't satisfied and directly issued 100 million H on BSC, converting it into BNB and making off.

This is Humanity Protocol, a Web3 identity verification unicorn that raised over $50 million, is valued at $1.1 billion, and reportedly has amassed millions of registered users, featuring zero-knowledge proofs combined with palm print recognition, claiming to solve "the witch attack."

A project that proves "you are human" by scanning palm prints can verify the identities of millions, yet can't keep a single laptop belonging to its own employee secure.

What broke through it was not some intricate contract vulnerability, but the personal computer of a member of the foundation.

How could one computer bring down $1.1 billion?

One computer, $31 million

According to on-chain analyst Specter and monitoring by Pie Shield, the attack occurred between June 8 and 9. A hacker breached a personal computer belonging to a Humanity foundation member and made off with private keys that controlled multiple assets and minting permissions.

Founder Terence Kwok immediately acknowledged the private key leak and warned users to stop all interactions with cross-chain bridges and liquidity pools. But it was of no use; panic spread faster than the announcement.

Statistics from Pie Shield show that about $23.7 million of the stolen funds were quickly converted to Ethereum, with about $7.9 million remaining in H tokens. The hacker sold off the tokens while watching the remaining chips devalue.

More subtly, there was the timing. June 25 was set to be a significant unlocking day for the tokens, and with the volume of stolen funds being large, on-chain detective ZachXBT once suspected this was a "self-directed play" by the project or market makers.

His original wording was quite blunt: a token with no fundamentals was pumped for weeks, and now a "security incident" occurred, allowing active market makers the perfect opportunity to exit gracefully.

However, after tracing the hacker's money laundering path, he corrected his conclusion on June 9: unusual market making and OTC trading activities were independent of the private key leak on-chain. This was indeed a real hacker attack, caused by a breach in terminal operations.

Ironically, the warning signs had already appeared. In December 2024, Yu Xian, founder of Slow Fog, publicly pointed out that the Humanity test network automatically assigned wallet addresses and stored plaintext private keys directly in the browser's sessionStorage when users logged in with email.

A project engaged in "identity security" put plaintext private keys in the browser. Once this team's development machine was breached, it's hard to say it was an accident.

Pity Ranking: Signature Failure Isn't the First Time

Looking back, Humanity's $31 million ranks at the bottom of the historical bill of "signature failures." Over the past four years, almost every time there was a massive theft, the official architecture diagram showed a beautiful multi-signature setup.

In 2022, the Harmony Horizon cross-chain bridge was stolen by the Lazarus group for about $100 million. The signature threshold was only 2-of-5, and the hacker accessed the internal servers, needing just two keys.

That same year, Ronin fared worse, losing about $600 million. Although it nominally used a 5-of-9 verifier mechanism, effectively four nodes were controlled by Sky Mavis itself, with the fifth signature coming from a temporary authorization from Axie DAO that should have been revoked long ago.

This authorization was intended for emergency use. In November 2021, as Axie Infinity users surged and the network became congested, Sky Mavis requested Axie DAO to help sign transactions. Once the congestion passed, the authorization remained active on-chain, lingering for over a year.

Until Lazarus phished their way into Sky Mavis's internal network and picked it up.

In 2023, approximately $1.5 billion in assets locked by Multichain faced paralysis. It claimed to use 21-node MPC distributed custody, but all node servers were registered under the CEO's personal cloud service account. The CEO was taken by judicial authorities, hardware was confiscated, and the entire protocol went offline.

The most expensive lesson came in 2025 with Bybit, amounting to about $1.5 billion. The hacker didn't touch the private keys of the signers but penetrated Safe{Wallet}'s front-end infrastructure and altered the interface code.

Signers stared at completely normal addresses and amounts on the screen, pressing the confirmation key on their hardware wallets. What they were truly signing was a malicious calldata that swapped the multi-signature wallet logic contract for the hacker's contract.

Post-incident investigations revealed the hacker's core action was simply changing one parameter, turning the operation from 0 to 1, which transformed regular transfers into delegate calls. One parameter difference changed the owner of $1.5 billion.

Four cases, four ways to die, the same root cause.

Why Does Multi-Signature Always Degenerate into Single Signature?

The security assumption of multi-signature is: N keys are stored in N independent environments, and an attacker must compromise M of them to succeed, making the probability of success decrease exponentially with the threshold.

But this assumption has a premise: the keys must be independent of each other. In reality, project parties often manage multiple keys on the same computer, or deploy and store them using the same cloud servers and AWS credentials.

Once this shared device is breached, the hacker gets not just one key, but an entire string of them.

Mathematically multi-signature, operationally single signature.

Ronin and Harmony also compounded another compromise: to make cross-chain confirmations quicker and operations smoother, they lowered the threshold significantly, or opened temporary authorizations for convenience. Once the congestion was over, they forgot to close the authorization. Hackers didn’t need to breach the system; they just needed to find the backdoor that no one remembered in the procedures.

Multichain stripped away another layer of packaging. MPC claimed that private keys never appeared in full, sounding more advanced than traditional multi-signature. But all key shares ran on one person's cloud account, and the cryptographic decentralization could not conceal the physical absolute centralization.

The Bybit case also proved that even if keys are truly dispersed and cold wallets are truly used, signers relying on UI displays, without verifying original data character by character on hardware screens, can still lead multi-signature to degrade into a rubber stamp in the hacker's hands.

Thus, Humanity is not an isolated case; it is merely the latest link in this fragile chain. Code can be audited, algorithms can be proven, but the person holding the keys and their internet-connected computer cannot be audited.

What Are Your Assets Hanging On?

Whether H's price will rebound is unknown to anyone. But holders can at least use this incident to examine the lines behind their assets.

First, consider the physical distribution of the signers. If all multi-signature controllers of a project are from the same parent company, use the same office network, and generate keys via the same DevOps pipeline, then its security level is essentially no different from a single signature.

The lesson from Humanity is evident: with permissions concentrated in the foundation, the loss of one development machine can lead to both the treasury and minting rights being compromised.

Second, consider what layer the multi-signature is built on. Multi-signature contracts on EVM are flexible, allowing upgrades and complex calls, but they face inherent risks of contract tampering and front-end hijacking; Bitcoin's native script multi-signature is rigid, its rules fixed and unchangeable, but the attack surface is much smaller. Flexibility and security often walk in opposite directions.

Third, consider the historical discipline of the team. A team that stuffed plaintext private keys into browsers during the testnet phase is likely to repeat its habits even if it patched vulnerabilities on the mainnet. Security discipline is written on the face of the code from the very first line.

By the way, those temporary authorizations and whitelists issued for emergencies, if they lack time locks and automatic expiration mechanisms, will eventually become Ronin-style backdoors, quietly waiting for the next Lazarus.

Humanity proved one thing with $31 million: in a decentralized world, the most centralized thing will always be people.

Multi-signature cannot secure a compromised computer.