When you lose $36 million in an exploit, you don't really have the luxury of business as usual. Humanity Protocol is learning that lesson in real-time. Terence Kwok, the founder behind the project that once sold the vision of a decentralized palm-scanning identity layer, is now steering the ship toward enterprise AI. In the startup world, we call this a pivot. In the security world, we call it a consequence.
The Weight of a Nine-Figure Breach
Let's be blunt about the numbers. A $36 million loss is not a rounding error. It is a catastrophic event for any protocol, especially one asking users to trust it with biometric data. While the team initially focused on individual palm-recognition to prove personhood, the exploit changed the internal math. Kwok has admitted the odds of recovering those funds are slim. When the money goes, the original roadmap usually goes with it.
For builders, this is a sobering reminder that your security is your product. You can have the most noble intentions about preventing AI-driven bot swarms, but if the smart contracts holding the incentive layers are porous, the foundation is cracked. Humanity Protocol isn't just changing its product; it is trying to outrun the shadow of an exploit that undermined its initial value proposition.
Why Enterprise AI?
The shift toward enterprise AI feels like a strategic retreat into a sector that is currently flush with cash and slightly less obsessed with retail biometrics. The new focus appears to be on providing identity verification and data integrity for corporations struggling with the deluge of synthetic content. If you can't convince individual users to scan their palms after a hack, you try to sell the infrastructure to companies who need to verify that their data hasn't been tampered with by an LLM.
This move is a classic founder play: find a bigger problem where your existing tech stack might fit. Enterprise clients care about compliance and reliability. They have deep pockets, but they also have long memories. The challenge for Kwok and his team is proving that a protocol which suffered a major exploit is the right partner for securing high-stakes corporate data. It is a tough sell, but in a survival scenario, it's often the only sell left on the table.
The Identity Crisis in Web3
We have to look at the broader context of the Proof of Personhood (PoP) narrative. Worldcoin, Humanity Protocol, and others are all racing to solve a real problem: how do we know you're a human on the internet? But the methods—scanning irises or palms—have always been a hard sell for the privacy-conscious. Add a multi-million dollar hack to the mix, and the trust gap becomes a canyon.
Builders in the decentralization space should take note. The pivot doesn't just reflect a failure of code; it reflects the difficulty of scaling biometric crypto projects in a skeptical market. Moving to enterprise AI suggests that the consumer market for decentralized identity might not be ready, or perhaps, the tech isn't yet robust enough to handle the responsibility of being the world's digital ID card.
What Builders Should Take Away
If you are founding a project today, there are three specific lessons to pull from this repositioning:
- Audit-Driven Architecture: Security isn't a feature you add later. If your protocol involves high-value assets or sensitive data, you are a target from day one. An exploit doesn't just take your money; it takes your brand.
- The Utility of the Pivot: Kwok is doing what founders must do—adapting to survive. If your original thesis is dead, don't ride it into the ground. However, you must ensure the new direction isn't just a buzzword-heavy distraction from the original failure.
- Reality Check on Recovery: The admission that the funds likely won't be returned is refreshing in its honesty. Too many projects string their communities along with false hope. In crypto, once the funds move to a mixer or a sophisticated drainer, they are usually gone. Build your runway assuming your insurance or recovery efforts will fail.
"The shift from retail biometrics to enterprise AI isn't just a change in target audience; it's an admission that the current model for decentralized identity is under immense pressure."
The Hard Road Ahead
Can Humanity Protocol actually win in the enterprise AI space? It's a crowded room. Every major tech firm is currently building tools to verify data and identify AI interference. To compete, Kwok's team will need to deliver more than just a rebranded palm-scanner. They need to prove that their decentralized approach offers a tangible security advantage that centralized competitors lack.
The irony is that a protocol that failed at security is now marketing itself as a security solution for AI. That is the hurdle. Builders should watch this closely. If Humanity Protocol can successfully rebrand and gain enterprise traction, it will be one of the most significant comeback stories in the space. If they can't, it will serve as a definitive case study on why security is the only metric that truly matters in the end.
Final Thoughts for Founders
Don't fall in love with your first idea so much that you ignore the reality of your balance sheet. The pivot is a tool, but it's not a magic wand. If you're building in AI or Web3 identity right now, your primary job isn't innovation—it's resilience. Without it, you're just one exploit away from a very difficult conversation with your investors.
Read the original at The Block →