Humanity Protocol has introduced a full token migration and 1:1 airdrop of latest H tokens because the mission’s first concrete steps to compensate house owners after a $36 million exploit on June eighth.
The staff posted a restoration plan to X on Monday. The earlier H token on Ethereum was $BNB The Chain, and Humanity mainnet has been decommissioned and changed with a newly audited ERC-20 contract deployed on Ethereum.
New tokens will likely be airdropped 1:1 to holders based mostly on snapshots taken on Ethereum. $BNB Chain and Humanity mainnet, June eighth, simply earlier than the exploit. In line with CoinGecko, the H token fell about 27% to about $0.22 on Monday, down about 73% from its all-time excessive of $0.84 on June 2.
“We all know it has been an extended wait, however your persistence meant all the pieces to us,” Humanity Protocol mentioned.
Who mechanically will get airdrops
Normal externally owned accounts holding H on any of the three chains on the time of the snapshot will obtain new tokens immediately with no motion required. Wallets linked to the attackers and addresses recognized by safety agency Quantstamp throughout post-exploitation investigations have been excluded.
H held inside a liquidity pool, vault, or sensible contract on the time of a snapshot can’t be mechanically attributed to particular person holders. These balances will likely be transferred to a vault and the mission will coordinate with affected events concerning distribution, it mentioned.
Insurance coverage claims fund for advanced circumstances
Humanity Protocol has established a separate H Compensation Fund to handle conditions not lined by automated airdrops. The three classes are holders with H in third-party protocol integrations, decentralized liquidity pool publicity, and customers who bought H after the June eighth snapshot and nonetheless maintain their tokens.
Publish-snapshot patrons searching for compensation should full id verification earlier than funds might be processed. The mission cited its affiliation with North Korea, which was flagged by Quantstamp, as the explanation for the compliance requirement.
“Because the exploit is related to North Korea-related risk actors, we’re working intently with related authorities concerning AML compliance,” Humanity Protocol mentioned.
Quantstamp’s investigation abstract, revealed by way of Humanity Protocol’s personal web site on June 11, traced the assault to a phishing electronic mail spoofing South Korean trade Bithumb, which put in malware on the director’s Home windows machine and gave the attackers distant entry to personal keys. The breach resulted in roughly 141.18 million H tokens being leaked from Ethereum Bridge and enabled the minting of roughly 100 million further tokens on BSC. The attackers used Hancom digital certificates to signal the malware, a technique Quantstamp described as “attribute of DPRK intrusions.”
Mainnet restart scheduled
Humanity Protocol mentioned it plans to reboot Humanity Mainnet within the coming weeks with the brand new H token performing as its native fuel token. The mission is coordinating with centralized exchanges, bridge suppliers and liquidity companions on the migration schedule. Change customers ought to comply with their very own platform bulletins for token migration directions.
The mission warned holders to keep away from false airdrops and hyperlink claims, and mentioned official communications will solely happen via verified Humanity Protocol channels.
What stays unresolved
The stolen funds haven’t but been recovered. Quantstamp’s analysis notes that as of June 11, there was greater than $21 million in ETH in wallets managed by the attackers. $BNBRevenues for the facet are nonetheless being tallied.
The Compensation Fund doesn’t specify how post-snapshot purchasers will likely be individually evaluated apart from id verification. Humanity Protocol additionally didn’t disclose the entire stability of H tokens in sensible contracts that will likely be transferred to the vault.
Defiant’s authentic protection on June ninth documented the primary breach. The mission’s Quantstamp forensics and Monday’s compensation announcement mark two concrete public actions taken since then.
