The Zcash ecosystem has confirmed a critical vulnerability in its privacy transaction pool, Orchard, that allows for the forging of an unlimited number of ZEC. The associated fix was completed on June 1. However, due to Orchard’s privacy-preserving design, it is currently impossible to verify on-chain whether the vulnerability was exploited between May 2022 and June 2026. After the announcement, ZEC dropped to around $250, recording a intraday peak decline of 43%.
Vulnerability allows bypassing validation
The vulnerability was discovered by security researcher Taylor Hornby on May 29. Hornby, commissioned by the Zcash team to conduct security research, developed a fully functional exploit code with the assistance of Anthropic’s Claude Opus.
The issue lies in Orchard's validation logic for transaction inputs. Although this check appears to verify that inputs comply with the rules, it fails to properly enforce the constraints. An attacker could construct fraudulent inputs that still pass the zero-knowledge proof verification, thereby generating ZEC out of thin air—fraudulent tokens that are indistinguishable from legitimate ones.
Repair completed
Hornby stated that he only completed verification in a local environment and immediately disclosed the issue to ZODL, responsible for coordinating Zcash development, without executing any attack on the mainnet. The Zcash ecosystem deployed an emergency patch on June 1 to prevent further exploitation of this vulnerability.
However, the team also acknowledged that the vulnerability may have been exploitable for approximately four years. The challenge lies in the fact that Orchard is a privacy pool, designed to conceal transaction amounts and participant information, which also means it is impossible to determine through cryptographic means whether covert minting occurred in the past.
The community proposes to proceed with the upgrade.
To address subsequent risks, Shielded Labs is proposing a network upgrade. The proposal includes deploying a new privacy pool and implementing a "turnstile accounting" verification mechanism for tokens from Orchard.
Following this approach, existing Orchard tokens must pass through a verifiable checkpoint to identify any forged supply. This proposal still requires community governance approval and must go through Zcash’s standard network upgrade process. A more detailed proposal is expected to be released next week.
AI auditing capabilities are gaining attention
In addition to the upgrade plan, Shielded Labs stated that it will initiate mathematical verification of the entire Orchard circuit and hire a security lead and cryptography researchers. This incident has also drawn market attention to AI's capabilities in security research.
Claude Opus 4.8 was publicly released on May 28, and researchers discovered this long-existing critical vulnerability within approximately 24 hours after the model went live. As more powerful models continue to be released, the pace of attacks and defenses facing crypto protocols may accelerate further.