Hacks Feed/Humanity Protocol

Humanity Protocol

June 9, 2026·BNB Chain·Multisig key compromise, token-proxy takeover, and unlimited mint

$23.0M

total loss

StatusConfirmed

An attacker took control of the multisig that governs Humanity Protocol's H token on BNB Chain, rewrote the token's code, and minted 100 million new H for themselves, worth around 13 million dollars at the pre-attack price. Three of the project's operational signing keys had been compromised, which let the attacker seize the token's upgrade controls and mint without any limit. The same key access was used to drain roughly 10 million dollars of existing H from more than a hundred wallets, for a combined impact near 23 million dollars. The token contract was not broken by a coding bug. The keys that governed it were taken, and the minted and stolen H was then dispersed across wallets, swapped, and bridged out.

H token holders and market valuedrained(Supply jumped by about 71 percent from the 100 million mint, collapsing the token price.)

Wallets holding Hdrained(Roughly 10 million dollars of existing H drained from more than a hundred wallets using the same key access.)

The H token contract logicsafe(No coding bug in the token was exploited. The admin keys were taken and used to swap in attacker code.)

Humanity's identity and proof-of-humanity systemunknown(The incident targeted the H token and its admin keys. Impact on the identity protocol core was not assessed here.)

Recovery of minted and drained Hunknown(Proceeds dispersed across wallets, swapped, and bridged out. No recovery announced.)

What the score saw

Humanity Protocol is not one of the protocols we publish a live safety score for, so we had no prior reading on it. The weakness here is the kind our model weighs heavily wherever it applies: full upgrade authority over a live token concentrated in a multisig, with no contract-level cap on minting once that authority is held. A token is only as safe as the keys that can rewrite it, and here the operational signing keys were taken and used to swap in attacker code.

Exploit anatomy

Humanity's H token on BNB Chain is an upgradeable proxy whose upgrade authority sat with a three of six Gnosis Safe. Three of those signing keys were compromised and used to sign a single Safe transaction that handed ownership of the token's proxy admin to an attacker wallet (takeover tx). Seconds later the attacker deployed a malicious implementation and pointed the token at it, replacing the legitimate code (upgrade tx). The attacker then minted 100 million H to themselves (mint tx). The wallet was funded ahead of time from an upstream account that itself traced back to an exchange.

FUND FLOW

ROOT CAUSE / ENABLERS

FUND FLOWROOT CAUSE / ENABLERS

Stage 1 · TAKEOVER

Admin Gnosis Safe

three of six, owns the token proxy admin

0x2F41C9Bc...C4D2D9

signed the takeover with the threshold met

Attacker wallet

received proxy-admin ownership

0x6Aa22CB8...E753bB

exchange-funded via 0xAf2a4989...d3A0

Subverted signing authority

three operational keys taken: 0xB4Dc63...9341, 0x6097EE...38Ef, 0x114f26...a607

key compromise

Three of six is the only gate

the three stolen keys met the threshold; Safe owners, threshold, guard and singleton all intact

multisig takeover

No timelock on the upgrade authority

proxy-admin handover took effect instantly, no delay, no guardian, no emergency stop

Stage 2 · UPGRADE

Token proxy admin

ownership moved to the attacker

0xd73Cd111...a8720D

controls the token implementation

Malicious implementation

deployed three seconds after takeover

0xd18cdc9f...b57fcb

swapped in for the legitimate HypERC20 code

Upgrade authority equals full control

whoever owns the proxy admin can replace the token code at will; the contract logic itself was never exploited

Stage 3 · MINT

100 million H minted

minted to the attacker through the malicious code

0x44F161aE...C5B5Cc

supply up about 71 percent, ~$13M

No contract-level mint cap

the token had no fixed supply or mint guard, so a compromised admin could inflate without limit

missing control

Stage 4 · LAUNDERING

Dispersal and cash-out

minted H joined ~$10M drained from 100+ wallets

spread across wallets, swapped, bridged off BNB Chain

No realtime admin-change alerting

the proxy-admin handover and code swap went unflagged until funds were already moving

missing control

Untouched

Safe. The H token contract logic was not broken by a coding bug. The keys that governed it were taken and used to swap in attacker code.

Mechanism

Three of six operational signer keys were compromised. With them the attacker signed a Safe transaction that took ownership of the token proxy admin, deployed a malicious implementation and swapped it in, then called mint for 100 million H. No contract was broken.

Source

blackhart.io/hacks/humanity-protocol-multisig-key-compromise-mint

verified on-chainminted and drained H dispersed, swapped, and bridged off BNB Chain

Full forensic detail

Step-by-step reconstruction, root cause, counterfactuals, remediation, and disclosure timeline.

Exploit anatomy

Humanity's H token on BNB Chain is an upgradeable proxy. Whoever owns its proxy admin can replace the token's code at will. That proxy admin was owned by a three of six Gnosis Safe operated by the team.

Three of the six operational signing keys were compromised off-chain. These were the same three keys that had signed every prior legitimate Safe transaction, the active operational quorum, and three signatures is exactly the threshold the Safe requires.

Using the three keys, the attacker assembled and signed a Safe transaction transferring ownership of the token's proxy admin to their own wallet, then submitted it on chain. The Safe itself was untouched. Its signers, threshold, and code were all intact. The keys were simply used as designed.

tx:0xb5cb1f2e...f0194b

Three seconds later the attacker deployed a purpose-built malicious implementation, then used their new proxy-admin control to point the H token at it, replacing the legitimate token code.

tx:0x043e30e4...316770

The attacker called mint on the token, now running attacker code with no limit, and created 100 million new H for themselves, raising total supply by about 71 percent.

tx:0x5a8f82f1...e9c5fb

The same compromised key access was used to drain roughly 10 million dollars of existing H from more than a hundred wallets that the keys could reach.

The minted and drained H was dispersed across multiple wallets, swapped, and bridged off BNB Chain toward exchanges.

Root cause

The root cause is a compromise of the operational signing keys that controlled the H token's upgrade authority, not a flaw in the token or in the Gnosis Safe. Forensics on the takeover transaction confirm this precisely. The Safe's singleton, owner set, threshold, and guard were all unchanged before and after the takeover, ruling out the proxy-singleton swap, owner injection, module, and guard attack classes. The takeover ran as an ordinary Safe execTransaction with a plain call, not a delegatecall, carrying three live owner signatures. Recovering those three signatures against the computed Safe transaction hash yields three confirmed owners, exactly the three that signed every prior legitimate transaction. Comparison with the Safe transaction service shows the malicious transaction had no proposer and all three confirmations collapsed to the execution block time, which is the fingerprint of a transaction assembled and signed offline with keys already in hand and submitted directly, rather than proposed through the interface and confirmed by deceived signers. The conclusion is direct theft of the three active operational keys. With those keys the attacker held the multisig that owned the token proxy, swapped the token code for a malicious version, and minted without limit. A token contract with no upgrade timelock and no contract-level mint cap leaves nothing between a compromised admin and unlimited inflation.

Prevention analysis

Similar incidents

Ankr (2022)

A compromised deployer key was used to mint unlimited aBNBc tokens. Same shape: stolen admin authority over a token used to inflate supply without limit.

Bybit (2025)

A Gnosis Safe multisig was used to move funds after its signers were induced to authorize a malicious transaction. Same class: the multisig worked as designed while the signing layer was the point of failure.

PAID Network (2021)

A compromised key upgraded the token contract and minted new supply. Same shape: proxy upgrade authority turned into an unlimited mint.

Remediation

1.Treat the three compromised operational signer keys as permanently burned. Rotate them everywhere, on every chain, and remove them from every multisig and privileged role they have ever held.

2.The H token proxy on BNB Chain cannot be recovered. The attacker owns its proxy admin, so only their key can hand it back. Abandon the existing token rather than trying to reclaim it.

3.Snapshot holder balances at the block before the takeover and migrate to a new token contract with a fresh hardware-isolated signing setup, an upgrade timelock, and a contract-level mint cap so no future admin compromise can inflate supply.

4.Enumerate every other contract, treasury, vesting, staking, and cross-chain role that the compromised Safe or those three keys controlled, on every chain, and revoke or migrate it before the attacker can reuse the access.

5.Exchanges and bridges should treat H as compromised, halt deposits and trading, and blocklist the attacker wallet and its downstream addresses.

Timeline

2025-06 toThe admin Safe executes its only three legitimate transactions, signed by the same three operational keys. This is the normal signing baseline.

2026-06-09Ownership of the token's proxy admin is transferred to the attacker through the compromised Safe.

2026-06-09The attacker deploys a malicious token implementation.

2026-06-09The H token proxy is upgraded to the malicious implementation.

2026-06-09100 million H is minted to the attacker, raising supply by about 71 percent.

2026-06-09Existing H is drained from more than a hundred wallets using the same key access. Proceeds are dispersed, swapped, and bridged out.

2026-06-09Blockaid flags the incident. Blackhart verifies the address-level facts and the key-compromise mechanism on BNB Chain, including signature recovery on the takeover transaction, and publishes this report.

Sources

Blockaid on X, incident alert BscScan, H token BscScan, admin Safe BscScan, token proxy admin BscScan, attacker wallet BscScan, mint transaction

Continuous adversarial monitoring

Get your protocol scored across 12 dimensions, or request ongoing coverage.