Back to List
Blockchain Identity Project Humanity Reports $36 Million Loss Following Major Security Exploit
Industry NewsBlockchain SecurityDigital IdentityBiometrics

Blockchain Identity Project Humanity Reports $36 Million Loss Following Major Security Exploit

Humanity, a specialized blockchain project focused on decentralized identity, has reportedly lost $36 million in a significant security exploit. The project is known for its innovative use of palm biometrics and zero-knowledge proofs (ZKP) to facilitate secure and private user identity verification. This incident, occurring on June 9, 2026, highlights the persistent security challenges within the Web3 identity sector. Despite employing advanced cryptographic methods like zero-knowledge proofs to protect user data, the substantial financial loss underscores the vulnerabilities inherent in complex blockchain ecosystems. The exploit raises critical questions about the security of biometric-integrated platforms and the long-term stability of decentralized identity protocols as they attempt to scale and secure high-value assets alongside sensitive personal identifiers.

Tech in Asia
Share

Key Takeaways

  • Substantial Financial Impact: The Humanity project has suffered a confirmed loss of $36 million due to an exploit.
  • Biometric Identity Focus: The platform utilizes palm biometrics as its primary method for establishing user identity and proof of personhood.
  • Privacy-Centric Technology: Zero-knowledge proofs (ZKP) are integrated into the system to ensure identity verification without compromising user privacy.
  • Security Vulnerability: The incident emphasizes that even projects utilizing advanced cryptographic and biometric security are susceptible to significant financial breaches.

In-Depth Analysis

The Humanity Project and the $36 Million Breach

On June 9, 2026, the blockchain community was alerted to a major security breach involving Humanity, a project dedicated to solving the complexities of digital identity. According to reports from Tech in Asia, the project lost approximately $36 million in an exploit. Humanity has positioned itself as a leader in the 'proof of personhood' space, a niche within the blockchain industry that seeks to verify that a digital account is held by a unique human being rather than a bot or an automated script.

While the specific technical details regarding the entry point of the exploit—whether it was a smart contract flaw, a bridge vulnerability, or an issue within the biometric data processing layer—have not been fully disclosed in the initial reports, the scale of the loss is definitive. A $36 million exploit represents a significant portion of capital and trust within the decentralized identity (DeID) ecosystem. This event serves as a stark reminder that the integration of physical biometrics with blockchain technology introduces unique security surfaces that require rigorous and continuous auditing.

Technical Foundation: Palm Biometrics and Zero-Knowledge Proofs

The core value proposition of the Humanity project lies in its dual-layered approach to identity: palm biometrics and zero-knowledge proofs. Palm biometrics are used to capture the unique physical characteristics of a user's hand, providing a biological anchor for their digital identity. This method is often touted as more secure and less intrusive than facial recognition or iris scanning, yet it remains a highly sensitive form of data.

To address the privacy concerns associated with storing or transmitting biometric data, Humanity employs zero-knowledge proofs (ZKP). This cryptographic technique allows one party (the prover) to prove to another party (the verifier) that a statement is true without revealing any information beyond the validity of the statement itself. In the context of Humanity, ZKPs are intended to verify that a user has a valid, unique palm scan without ever exposing the actual biometric data to the blockchain or third parties. However, the recent exploit suggests that the security of the funds associated with these identities is independent of the cryptographic strength of the identity verification itself. The breach highlights a potential disconnect between the security of the identity layer and the security of the financial layer within the project's architecture.

Industry Impact

Implications for Decentralized Identity (DeID)

The exploit of the Humanity project is likely to have a chilling effect on the decentralized identity sector. As the industry moves toward more sophisticated methods of 'proof of personhood,' the security of these platforms becomes a matter of both financial and personal safety. The loss of $36 million may lead to a reevaluation of how biometric-linked protocols are structured. Investors and users alike may demand higher transparency regarding the security of the underlying smart contracts that manage the assets tied to these biometric identities.

Trust and Biometric Adoption in Web3

One of the greatest hurdles for projects like Humanity is gaining public trust to handle sensitive biological data. An exploit of this magnitude could hinder the adoption of biometric blockchain solutions. If a project cannot secure its treasury or its users' assets, the perceived risk of providing biometric data—even when protected by zero-knowledge proofs—may become too high for the average user. This incident will likely trigger a wave of security audits across the industry, as similar projects look to fortify their systems against the vulnerabilities that led to Humanity's $36 million loss. The focus will likely shift from purely cryptographic innovation to holistic system security, ensuring that every component of the identity-to-asset pipeline is resilient against sophisticated exploits.

Frequently Asked Questions

Question: What is the Humanity project?

Humanity is a blockchain-based identity project that focuses on verifying user identities using palm biometrics and zero-knowledge proofs. It aims to create a secure and private system for establishing 'proof of personhood' in the digital world.

Question: How did the Humanity project lose $36 million?

The project suffered a security exploit on June 9, 2026. While the specific technical details of the exploit's origin have not been fully detailed in the initial reports, the total financial loss has been confirmed at $36 million.

Question: How do zero-knowledge proofs work in the Humanity project?

Zero-knowledge proofs (ZKP) allow the Humanity project to verify a user's identity based on their palm biometrics without actually seeing or storing the raw biometric data. This ensures that the user's privacy is maintained while still proving they are a unique human being.

Read Original Article

Related News

Meituan LongCat Team Releases General 365 Benchmark Revealing Reasoning Gaps in Leading AI Models
Industry News

Meituan LongCat Team Releases General 365 Benchmark Revealing Reasoning Gaps in Leading AI Models

The Meituan LongCat team has officially introduced General 365, a new evaluation benchmark designed to test the reasoning capabilities of large language models. In a recent assessment of 26 mainstream models, the benchmark revealed a significant performance gap across the industry. Gemini 3 Pro, currently identified as the strongest model in the test, achieved an accuracy rate of 62.8%. However, the results indicate a broader struggle within the field, as the vast majority of the 26 models tested failed to reach the 60% accuracy threshold, which is considered the passing mark. This release by Meituan's technical team establishes a new standard for measuring AI reasoning, highlighting that even top-tier models have substantial room for improvement in complex cognitive tasks.

Managing AI Coding Through Agent Evaluation: A 310,000-Line Code Refactoring Case Study
Industry News

Managing AI Coding Through Agent Evaluation: A 310,000-Line Code Refactoring Case Study

As AI-generated code begins to account for over 90% of system development, the primary challenge shifts from increasing coding speed to managing and constraining AI output. Meituan's technical team has shared a comprehensive practice involving the refactoring of 310,000 lines of code using an 'Agent evaluation' mindset. By implementing a structured framework—including technical debt sorting, rule construction, standardized operating procedures (SOP), and a Pre-PR (Pull Request) mechanism—the team successfully transitioned code refactoring from a high-cost, specialized project into a sustainable, daily iterative process. This approach addresses the risk of AI-driven development amplifying system chaos and emphasizes the necessity of unified standards in the era of AI-native programming.

Meituan BI Evolution: Building a Next-Generation Architecture with Metrics Platforms and Enhanced Calculation Engines
Industry News

Meituan BI Evolution: Building a Next-Generation Architecture with Metrics Platforms and Enhanced Calculation Engines

Meituan's data platform team has pioneered a new generation of Business Intelligence (BI) architecture, placing a centralized metrics platform at its core. This strategic shift addresses critical limitations found in traditional BI systems, which often suffer from inconsistent data definitions—commonly known as "data caliber confusion"—and sluggish query performance when handling personalized datasets. By developing and implementing two primary technical capabilities, automatic semantics and enhanced calculation, Meituan has successfully streamlined its data processing workflows. This evolution marks a significant transition from dataset-driven analytics to a more robust, metrics-centric model, ensuring higher data reliability and faster insights for the organization's diverse business operations. The practice underscores Meituan's commitment to solving complex data engineering challenges through architectural innovation.