Share on XShare on LinkedInShare on Telegram
Hack Analysis

Humanity Protocol $36M Admin Key Compromise Exploit (Explained)

Seven Gnosis Safe keys on one compromised laptop let a DPRK-linked attacker seize ProxyAdmin control and mint billions of H tokens from nothing on BSC.

Author
QuillAudits Team
June 17, 2026
Humanity Protocol $36M Admin Key Compromise Exploit (Explained)
Share on XShare on LinkedInShare on Telegram

On June 8 and 9, Humanity Protocol lost over $36M across Ethereum and BNB Smart Chain. Not because their contracts had bugs. The code worked exactly as written. What failed was the infrastructure around it, private keys for seven high-privilege wallets were all sitting on one developer's machine, and a DPRK linked attacker got in through a single phishing email. With those keys, they crossed the Gnosis Safe signing threshold, seized ProxyAdmin control on both chains, drained the ETH bridge lockbox, and minted over 122 billion H tokens from nothing across twelve transactions on BSC.

Protocol Background

H is Humanity Protocol's native multichain token. The two chains work differently by design. On Ethereum, users deposit H into a Hyperlane bridge contract which locks the tokens and relays a mint message to BSC. On BSC, H is a synthetic HypERC20 that can be minted directly when the bridge relay confirms a deposit. The BSC token has no independently locked collateral, its supply is backed entirely by the bridge's accounting.

Both the Hyperlane bridge contract on ETH and the H token proxy on BSC sit behind a shared ProxyAdmin address (0xd73Cd1117646625FFE23a55860035aC62fa8720D) deployed at the same address on each chain. That ProxyAdmin was owned by a Gnosis Safe multisig, 3-of-6 on ETH, 3-of-5 on BSC. The previous legitimate implementation for both proxy contracts was 0xfe1a06260b3b68f49862ae5d617686d78f454dea.

The Safe multisigs were the single point of administrative authority over both contracts. Whoever controlled them controlled the entire token infrastructure on both chains.

Hack Analysis

The attacker's first move was the simplest. An admin hot wallet (0x0fd9c51999ae46a0e1b21a235e0a529bbcc4612a), holding keys stolen from director Chong Yee Wai's compromised machine, was drained directly. No contract interaction, no Safe ceremony, just a stolen key and a transfer of the wallet's entire balance, 6,045,060 H, to the aggregation wallet 0x9e995952.

1.png

The ETH bridge at 0x44F161aE29361E332dEA039DFA2F404E0bC5B5Cc is an upgradeable proxy. Its upgrade authority, the ProxyAdmin, was controlled by the ETH Safe (0x576412843C...), which required 3-of-6 signatures to execute any transaction.

Director Chong Yee Wai held three of the six ETH Safe signer keys himself, enough to cross the threshold alone. All three were stolen from the same compromised machine used to take his other keys.

Using the three stolen ETH Safe signer keys, the attacker assembled an offline-signed execTransaction, pre-loading all three stolen signatures. The transaction appears fully signed in a single block, and it transferred ProxyAdmin ownership from the ETH Safe to the attacker's wallet 0xD1ea823D

2.png

With ProxyAdmin control in hand, the attacker called upgradeAndCall on the bridge proxy, replacing the legitimate Hyperlane implementation with a minimal malicious contract exposing a single drain function (selector 0x4b64e492). One call swept the entire lockbox, 141,182,632 H, to 0xD1ea823D.

3.png4.png

The BSC H token at 0x44F161aE29361E332dEA039DFA2F404E0bC5B5Cc (same address, different chain) is a synthetic HypERC20. Its ProxyAdmin (0xd73Cd1117646625FFE23a55860035aC62fa8720D) was controlled by the BSC Safe (0x2F41C9Bc3Ffb0D60358533e7d3D8B39B37C4D2D9), requiring 3-of-5 signatures.

Chong Yee Wai held three of the five BSC Safe signer keys himself, the same playbook as the ETH side. All three were stolen from the same compromised machine used to take his ETH Safe and admin EOA keys.

Using the three stolen BSC Safe signer keys, the attacker assembled an offline-signed  execTransaction transferring BSC ProxyAdmin ownership to attacker wallet 0x6Aa22CB8.

5.png

The attacker deployed a malicious ERC-20 implementation (0xd18cdc9f07733ca207e9977879c51e22e9b57fcb) with an unrestricted mint() function and upgraded the BSC H token proxy to it. With an unrestricted mint() now callable by the attacker, they printed H tokens across twelve separate transactions over several hours.

Total minted on BSC: over 122 billion H tokens, created from nothing against a pre-attack supply of approximately 141 million. The attacker distributed tranches across five downstream wallets and liquidated across PancakeSwap over several hours, progressively crashing the open-market price.

Since the attacker retains ownership of the BSC ProxyAdmin, further minting remains possible at any time.

6.png7.png8.png

Root Cause

This was not a smart contract vulnerability. The bridge, the token, and the Safe contracts all functioned exactly as designed. Every action the attacker took was authorized under the protocol's own security model.

The root cause is private key compromise through inadequate operational security.

During the Humanity Protocol mainnet launch in June 2025, seven high-privilege private keys were inadvertently backed up to a single compromised machine belonging to director Chong Yee Wai: the admin hot wallet key, three of the six ETH Safe owner keys, and three of the five BSC Safe owner keys.

Two compounding factors made the impact catastrophic:

1. No timelock on either ProxyAdmin. Once the attacker crossed each Safe's signing threshold, there was zero delay between the governance action and execution. No cooldown period, no monitoring window, no circuit breaker. A 24-hour timelock would have given the team time to detect the AdminChanged event and respond before a single token moved.

2. Key concentration defeating both multisigs. Three of the six ETH Safe owners and three of the five BSC Safe owners were all held by the same person, on the same machine. A multisig only protects against compromise if its signers are genuinely independent: different people, different machines, different attack surfaces. Here, the threshold required to act on either chain was effectively just one person's laptop.

How QuillAudits OpSec Review Could Have Prevented This

This attack class, key compromise enabling upgrade authority seizure, is preventable through operational security controls that exist today. A QuillAudits security review covering infrastructure and key management would have flagged the following:

Private Key Storage on Development Machines Production signing keys must never reside on general-purpose devices. Hardware security modules (HSMs) or dedicated air-gapped signing hardware are the baseline requirement for any key controlling an upgradeable contract's ProxyAdmin. Keys stored in software wallets on internet-connected machines are a single phishing email away from full compromise.

No Timelock on ProxyAdmin A timelock of 24–72 hours on any ProxyAdmin transferOwnership or upgrade action is a standard control for production DeFi deployments. It converts what was an instant, irreversible upgrade into a window where monitoring systems can detect anomalous governance activity and the team can respond. QuillAudits recommends timelocked ProxyAdmins as a default for all upgradeable contracts managing significant TVL.

Shared Key Infrastructure Across Chains The ETH and BSC Safe multisigs used overlapping signing infrastructure; all seven compromised keys came from the same machine. A cross-chain deployment should treat each chain's signing set as independent, sourced from different hardware wallets or institutions. Compromise of one machine should not simultaneously defeat the governance security on two chains.

No On-Chain Monitoring / AlertSystem The AdminChanged event emitted during the ProxyAdmin transfer is observable on-chain in real time. Automated monitoring alerts on this event type, combined with a timelock, would have triggered incident response before the upgrade and drain could execute. QuillAudits' infrastructure security reviews include monitoring coverage checklists for exactly this event class.

Safe Signer Key Rotation Policy Original Safe signing keys from June 2025 were never rotated or audited despite nearly a year of mainnet operation. A key lifecycle policy covering periodic rotation, post-incident review of original keys, and hardware attestation requirements for new signers would have reduced the attack surface materially before the compromise was ever executed.

Post-Attack Mitigation

On June 9, Humanity Protocol confirms its full post-mortem on the incident and a recovery plan for affected holders is underway

On June 12, Humanity Protocol publishes independent investigation findings, confirming the attacker used tooling and tradecraft characteristic of DPRK-linked actors, and that the Ethereum H token has been frozen by a clean multisig the attacker never controlled, while the BSC deployment remains under attacker control.

On June 16, Humanity Protocol announces its recovery plan, the old H token is sunsetted across Ethereum, BSC, and Humanity Mainnet, and a new audited ERC-20 H token is deployed on Ethereum for a 1:1 airdrop to pre-snapshot holders, alongside a compensation fund and claims portal for complex edge cases.

On June 17, Humanity Protocol details how the new H airdrop will be handled for holders who had H on Binance Alpha, Bybit, Bitget, KuCoin, MEXC, or Gate at the time of the snapshot.

Funds Flow After Attack

On both chains, the H moved from the attacker's primary wallet through a series of intermediary accounts before being swapped through on-chain DEXs, Uniswap on Ethereum and PancakeSwap on BSC, progressively crashing the open-market price and harming liquidity providers and remaining holders.

9.png10.png

Relevant Addresses and Transactions

Attacker Wallets (ETH)

Attacker Wallets (BSC)

H Token Contract (ETH and BSC, same address)

ProxyAdmin (ETH and BSC, same address)

Gnosis Safe owning ProxyAdmin

Compromised ETH Safe Owner Keys

Compromised BSC Safe Owner Keys

Previous Legitimate Implementation (ETH and BSC, same address)

Malicious Implementations (attacker deployed)

EOA Drain Transaction

ETH ProxyAdmin Transfer and Bridge Drain

ETH H Token Freeze

BSC ProxyAdmin Transfer

BSC Mint Transactions

Conclusion

The contracts were fine. The keys were not. Seven production signing keys stored on one internet connected machine gave an attacker everything they needed to own two chains simultaneously. No timelock meant no response window. Upgrade authority is root access. It needs hardware storage, mandatory timelocks, and active monitoring. Humanity Protocol is now rebuilding from a clean snapshot. The right controls were not expensive or exotic. They just were not there.

Contents

Tell Us About Your Project
Subscribe to Newsletter
hashing bits image
Loading...
cta-bg

WE SECURE EVERYTHING YOU BUILD.

From day-zero risk mapping to exchange-ready audits — QuillAudits helps projects grow with confidence. Smart contracts, dApps, infrastructure, compliance — secured end-to-end.

QuillAudits Logo
ISO 27001
DeFi Security AllianceplumeUniswap FoundationAethiropt-collectivePolygon SPNBNB Chain Kickstart
Privacy Policy
Address

All Rights Reserved. © 2026. QuillAudits - LLC