July 03, 2026 ChainGPT

After $36M exploit, Humanity Protocol pivots from proof-of-personhood to enterprise AI

After $36M exploit, Humanity Protocol pivots from proof-of-personhood to enterprise AI
Humanity Protocol is shifting gears toward enterprise artificial intelligence products after a devastating June exploit that accelerated an internal strategic overhaul the team had been weighing for months. Founder Terence Kwok told reporters the project had been “reconsidering its long-term direction” for six to nine months, and the roughly $36 million breach pushed those plans forward. Instead of foregrounding its blockchain proof-of-personhood identity platform, Humanity will increasingly focus on AI-focused enterprise services — while keeping digital identity as a core capability because AI systems will need stronger ways to verify people and credentials. What Humanity built — and what it’s taking forward - Humanity’s protocol previously powered a proof-of-personhood blockchain with credentials for employment, assets and credit scoring, and it worked with Mastercard on proof-of-assets use cases. - The platform has registered about 10 million users, with a couple million completing their credentials. - The team says it has already been testing products for AI companies and plans to roll out additional enterprise offerings. The hack and its fallout - In June attackers obtained critical private keys from a developer device infected with malware that contained backups of those keys, investigators concluded. The compromise allowed the attacker to sign legitimate-looking transactions and drain roughly 141 million H tokens from the project’s Ethereum bridge, then mint additional tokens on BNB Smart Chain. - On-chain analysts estimated immediate losses of more than $32 million, and the H token collapsed by about 89% as attackers sold across chains. Humanity’s post-incident analysis, conducted with security firm Quantstamp, attributed the breach to the compromised developer device rather than a smart-contract flaw, and said the attack bore characteristics linked to North Korea–associated threat actors. - Kwok said the chances of recovering the stolen funds are “pretty low,” and the team is prioritizing ecosystem recovery and rebuilding over chasing funds — a situation he likened to Bybit’s unsuccessful attempt last year to recover roughly $1.4 billion of stolen ether. Recovery steps under way - Humanity has issued a replacement token and distributed allocations to a range of addresses, including major exchanges. Discussions are ongoing around snapshot dates, suspended deposits and withdrawals, liquidity pools and custodian arrangements. Investigators are tracing every transaction that occurred after the breach before finalizing compensation claims. - The project has also contacted law enforcement across multiple jurisdictions, starting with Hong Kong and including U.S. authorities. Why the pivot matters Kwok framed the shift as both strategic and pragmatic: enterprises building or deploying AI systems will increasingly require robust identity verification and credentialing, a space Humanity already has experience in. The company is positioning its identity technology as a building block for enterprise AI workflows, while moving away from being perceived primarily as a consumer-facing blockchain identity token project. What to watch next Expect Humanity to outline enterprise product roadmaps and customer engagements in the coming months, and to continue cooperating with investigators and exchanges as recovery mechanics are finalized. The incident underscores persistent operational security risks for crypto projects — especially around developer devices and key management — and highlights how security failures can rapidly alter a protocol’s trajectory. Read more AI-generated news on: undefined/news