Humanity Protocol’s native asset, H token, slid nearly 88% on June 9 after reports surfaced that wallets connected to the protocol were drained. The drop followed a price move from roughly $0.78 to near $0.099, according to Crypto Potato.
What triggered the crash
The initial alarm came from on-chain investigator Specter, which Crypto Potato says reported that more than 17 wallets holding H tokens were drained. Separate reporting in the same piece claims attackers stole private keys tied to the project and pulled in more than $30 million from those wallets.
Humanity Protocol later confirmed a security incident. In a post on X, the team behind the blockchain identity network said private keys belonging to a member of the Humanity Foundation had been compromised, and it urged users not to interact with the bridge or any liquidity pools until further notice. The project also said it was working with “leading security experts” and exchange partners to assess scope and secure affected systems.
That warning matters because bridges and pools often concentrate risk. If keys or permissions sit behind those components, “don’t touch” can become the only practical mitigation while investigators map what was exposed.
How much was taken, and what the attacker did next
Crypto Potato cites blockchain analytics platform Lookonchain with a more specific incident timeline. Lookonchain claims the attacker kept minting H tokens after the exploit.
Lookonchain’s account includes two key mint events. First, it says the attacker created 100 million H tokens on BNB Smart Chain. Then it says it minted another 100 million H tokens.
Lookonchain also reports cash-out activity. It claims the attacker sold part of the minted supply, resulting in 18,510 ETH worth about $30.83 million and 1,548 BNB valued around $924,000. Even after those sales, Lookonchain says the attacker still holds about 111.36 million H tokens worth nearly $14 million at current prices.
Finally, Lookonchain asserts on-chain liquidity for the token is now nearly exhausted. That points to a second-order effect of the hack beyond theft. Even if balances remain intact for some holders, thin liquidity can amplify price moves and make exits harder for everyone.
Incident facts cited in the report
| Item | Detail (as reported) |
|---|---|
| Token price move | About $0.78 to near $0.099 on June 9 |
| Reported stolen amount | More than $30 million from drained wallets |
| Wallets drained | More than 17 wallets holding H tokens, per Specter |
| Key compromise | Private keys tied to Humanity Foundation member, per Humanity Protocol |
| Cash-out (analytics claim) | 18,510 ETH ( |
| Tokens minted (analytics claim) | 100M on BNB Smart Chain, then another 100M |
| Remaining holdings (analytics claim) | About 111.36M H tokens (~$14M at current prices) |
| Liquidity state | On-chain liquidity nearly exhausted, per Lookonchain |
The dispute: “confirmed incident” vs “possibly staged”
Crypto Potato also flags pushback from ZachXBT, an on-chain investigator who challenged Humanity Protocol’s public explanation. ZachXBT accused the team of aggressively promoting the token for weeks while providing “little underlying value.” He also asked the project to reveal any active market maker agreements involving a Hong Kong entity.
More sharply, ZachXBT claimed the breach appeared “possibly staged,” adding that “it’s a convenient way for the active MM to have exited.” Crypto Potato reports these allegations alongside the project’s confirmation.
At this point, the public record in Crypto Potato contains a confirmed security incident and a claimed private-key compromise from the project. It does not, in the provided text, include any proof resolving whether the event was opportunistic, abnormal, or coordinated. The gap between “stolen keys” and “staged” is exactly where security reporting gets messy fast. Readers should watch for follow-up technical findings rather than rhetorical back-and-forth.
What Humanity Protocol says to do now
Humanity Protocol’s immediate mitigation ask is clear. It told users not to interact with the bridge or any liquidity pools until further notice. The project said it is working with security experts and exchange partners to assess scope and secure affected systems.
The problem is that “scope” is the missing piece most investors and users want. Crypto Potato’s report does not provide which wallets were affected beyond the claim of drained wallets, nor does it list which components were compromised beyond the private keys linked to a foundation member.
For an identity network, the risk footprint can extend beyond trading. If keys governed operational controls, minting, or bridge routing, the technical blast radius could spread into how proofs and integrations are handled.
What happens next will likely be determined by whether Humanity Protocol can publish concrete incident details. Until then, the H token move reads as the market reacting to confirmed compromise risk, plus the uncertainty that typically follows it.