Live Wire
13:15ZMYLORDBEBOUAE and Iran held talks for first time since war beganThe UAE representatives wanted to reach an agreement on…13:15ZNOELREPORTUkrainian drone units report activity along 2-km stretch of T0508 highway between Pokrovsk and Hryshyne13:15ZHROMADSKEUBy the end of the year, the Ministry of Defense will release from the army those who have spent the most time…13:14ZALALAMFAImages of Lebanon's Hezbollah drone attacks on a Israeli military vehicle in "Tir Harfa" town 🆔 Telegram | B…13:14ZTSNUAThe policeman handcuffed the man and left him after a meeting with the TCC: what's up with the cop nowRead mo…13:14ZTSNUAThe famous singer, against the background of rumors of a crisis in his marriage, shared footage with his wife…13:14ZTSNUAThe highest salary of an infantryman in the world: Zelensky revealed the details of the large-scale transform…13:14ZTSNUAKyiv was covered by bad weather: the streets are under water, the city falls asleep with hail (photo, video)…13:15ZMYLORDBEBOUAE and Iran held talks for first time since war beganThe UAE representatives wanted to reach an agreement on…13:15ZNOELREPORTUkrainian drone units report activity along 2-km stretch of T0508 highway between Pokrovsk and Hryshyne13:15ZHROMADSKEUBy the end of the year, the Ministry of Defense will release from the army those who have spent the most time…13:14ZALALAMFAImages of Lebanon's Hezbollah drone attacks on a Israeli military vehicle in "Tir Harfa" town 🆔 Telegram | B…13:14ZTSNUAThe policeman handcuffed the man and left him after a meeting with the TCC: what's up with the cop nowRead mo…13:14ZTSNUAThe famous singer, against the background of rumors of a crisis in his marriage, shared footage with his wife…13:14ZTSNUAThe highest salary of an infantryman in the world: Zelensky revealed the details of the large-scale transform…13:14ZTSNUAKyiv was covered by bad weather: the streets are under water, the city falls asleep with hail (photo, video)…
Markets
S&P 500739.81 0.28%Nasdaq25,810 2.54%Nasdaq 10029,446 3.29%Dow512.13 0.54%Nikkei92.11 0.08%China 5035.26 1.00%Europe88.13 1.49%DAX42.27 0.00%BTC$63,396 0.78%ETH$1,665 0.94%BNB$605.81 0.99%XRP$1.13 1.83%SOL$66.73 2.25%TRX$0.3124 2.65%HYPE$60.37 6.96%DOGE$0.0869 2.48%LEO$9.52 0.42%RAIN$0.0131 0.31%QQQ$716.65 0.07%VOO$680.14 0.28%VTI$365.3 0.27%IWM$291.33 0.32%ARKK$75.55 0.12%HYG$79.87 0.09%Gold$385.22 0.28%Silver$60.25 0.93%WTI Crude$127.09 1.35%Brent$48.68 0.92%Nat Gas$11.2 0.36%Copper$38.88 0.15%EUR/USD1.1537 0.00%GBP/USD1.3364 0.00%USD/JPY160.54 0.00%USD/CNY6.7774 0.00%S&P 500739.81 0.28%Nasdaq25,810 2.54%Nasdaq 10029,446 3.29%Dow512.13 0.54%Nikkei92.11 0.08%China 5035.26 1.00%Europe88.13 1.49%DAX42.27 0.00%BTC$63,396 0.78%ETH$1,665 0.94%BNB$605.81 0.99%XRP$1.13 1.83%SOL$66.73 2.25%TRX$0.3124 2.65%HYPE$60.37 6.96%DOGE$0.0869 2.48%LEO$9.52 0.42%RAIN$0.0131 0.31%QQQ$716.65 0.07%VOO$680.14 0.28%VTI$365.3 0.27%IWM$291.33 0.32%ARKK$75.55 0.12%HYG$79.87 0.09%Gold$385.22 0.28%Silver$60.25 0.93%WTI Crude$127.09 1.35%Brent$48.68 0.92%Nat Gas$11.2 0.36%Copper$38.88 0.15%EUR/USD1.1537 0.00%GBP/USD1.3364 0.00%USD/JPY160.54 0.00%USD/CNY6.7774 0.00%
CLOSEDNYSEopens in 11m 27s
themonexus.
Vol. I · No. 163
Friday, 12 June 2026
13:18 UTC
  • UTC13:18
  • EDT09:18
  • GMT14:18
  • CET15:18
  • JST22:18
  • HKT21:18
← back to Saturday edition◉ LIVE ON THE WIREfollow this thread in real time
Letters

Humanity Protocol loses tens of millions as private-key compromise wipes out nearly all of the H token's value

Attackers drained roughly $30–36 million from a multisig wallet after a foundation laptop was compromised, sending the project's native token down as much as 90% in hours.
By Monexus Staff Writermarkets4-minute read9 Jun 2026☆ Save↗ Share⎙ Print
Attackers drained roughly $30–36 million from a multisig wallet after a foundation laptop was compromised, sending the project's native token down as much as 90% in hours.
Attackers drained roughly $30–36 million from a multisig wallet after a foundation laptop was compromised, sending the project's native token down as much as 90% in hours. / DECRYPT · via Monexus Wire

By 09 June 2026, the digital identity project Humanity Protocol was contending with the worst day of its short public life. Its native H token shed as much as 90% of its value within hours, after attackers compromised private keys belonging to a member of the Humanity Foundation and drained a multisig wallet of tens of millions of dollars' worth of the project's own token. Wire reporting placed the take somewhere between $30 million and $36 million, with the gap reflecting how fast the stolen H was being dumped into ether on-chain.

The episode is a textbook reminder of a point the crypto industry has been making, and ignoring, for the better part of a decade. Decentralised infrastructure is only as decentralised as the operational habits of the people who hold its keys. When a foundation laptop gets compromised during the careful choreography of a multisig setup, the chain of custody that supposedly underwrites the whole arrangement snaps at the keyboard.

What the project says happened

Humanity Protocol founder Terence Kwok told reporters on 9 June that some multisig keys may have been accidentally backed up to a compromised device during the wallet's initial configuration. The foundation's working theory, as relayed to Cointelegraph, is that an attacker gained access to that machine, recovered enough key material to sign transactions on behalf of the project's treasury, and began moving funds.

From there the mechanics were brutal and conventional. The attacker converted the stolen H into ether through on-chain swaps, accelerating the price collapse. Cointelegraph and CoinDesk both reported the token falling between 80% and 90% on the day, with CoinDesk framing the incident as a "$32 million private-key hack" and Cointelegraph initially putting the loss at "$30M" before updating the figure as on-chain forensics caught up with the dumping.

CryptoBriefing's Telegram wire, reposting the foundation's own statement, captured the post-mortem in its bluntest form: "developers," not smart-contract code, were the entry point.

The part the wire does not dwell on

Read past the headlines and a more uncomfortable story emerges. The exploit was not a clever abuse of a cryptographic primitive. There was no zero-day in an elliptic-curve library, no oracle manipulation, no flash-loan cascade. The vulnerability was operational: a human being, on a human being's laptop, performing a routine setup step, with the keys stored in a way that allowed a later intruder to recover them.

That distinction matters. The marketing language around decentralised identity projects leans heavily on phrases like "self-sovereign," "trust-minimised," and "user-owned." The implication is that the trust assumptions of a traditional financial stack — a custodian, a hardware security module, a compliance team — have been replaced by mathematics. In practice, every multisig is still bolted to a set of devices, and every device is still operated by people who sometimes back the wrong thing up to the wrong machine.

A common counter-narrative in the industry is that the problem is "just user error" and that decentralisation as a design philosophy is not on trial. The counter-counter is that a stack which only works when every operator behaves perfectly is not, in any meaningful operational sense, a stack. It is a discipline.

The structural pattern underneath

Private-key compromises are now the dominant category of large crypto loss. Smart-contract exploits still happen, but the bigger bills in 2024, 2025 and 2026 have increasingly been written by attackers who never touched a Solidity file. They phished a developer. They compromised a vendor. They waited for someone to back a seed phrase up to a cloud-synced folder. The result, in dollar terms, looks identical to a contract bug: a treasury emptied, a token chart vertical, a project scrambling to communicate.

For projects pitching decentralised identity — the category Humanity Protocol is part of, alongside peers building proof-of-personhood and credential systems — the reputational cost is sharper. The whole pitch is that the people running the system can be trusted less, because the system itself carries the trust. A foundation laptop compromise is the wrong poster for that message.

Stakes and what is still unknown

The immediate question is whether the foundation can recover any of the funds. On-chain tracing firms will almost certainly be engaged, but the conversion into ether and the use of privacy-mixing tools, if any, will determine whether anything is clawed back. The longer question is whether the project retains enough market capitalisation and community trust to keep operating. A near-90% drawdown in a single day does not destroy a project on its own; the next several weeks of liquidity, listings, and developer retention will.

A few things the available reporting does not yet settle: the exact final dollar figure (sources range from $30M to $36M depending on the snapshot), the identity of the compromised foundation member, whether the affected keys were isolated or whether other foundation wallets share the same operational exposure, and whether any law-enforcement action has been initiated. Treat the numbers and the sequence of events as the foundation's current account, subject to revision as on-chain forensics firm up.

For the wider sector, the lesson is the same one it has refused to learn since Mt. Gox. Key management is the product. Until operational security is treated with the same seriousness as protocol design, the headline will keep writing itself.

Desk note: Monexus has framed this as an operational-security failure inside a decentralised-identity project, drawing the structural line between key-handling hygiene and the trust claims that the category sells. Wire coverage concentrated on price action and dollar loss; we have leaned into the gap between the marketing language of self-sovereignty and the human-machine reality of multisig custody.

Wire provenance

This editorial synthesis draws on the following public wire/social posts:

  • https://t.me/CryptoBriefing
  • https://t.me/CryptoBriefing
© 2026 Monexus Media · reported from the wire