Zcash Discloses Critical Orchard Pool Bug That Could Have Enabled Unlimited ZEC Creation

• Zcash disclosed a critical Orchard pool bug that could’ve allowed unlimited ZEC creation.
• Researchers found and patched the flaw within days, and a new upgrade was proposed.
• Arthur Hayes exited his entire ZEC position after the disclosure as token tanked 33%.

A major security issue in Zcash’s Orchard shielded pool has triggered a network-wide response after developers confirmed the bug could have allowed unlimited counterfeit ZEC to be created inside the privacy pool.

According to Zcash founder Zooko Wilcox-O’Hearn, the vulnerability was discovered on May 29 by security researcher Taylor Hornby and fixed through an emergency update completed on June 2.

The flaw had been present since Orchard launched in May 2022. Hornby demonstrated a working exploit in a local test environment that generated unlimited counterfeit ZEC while remaining invisible to normal detection methods.

Developers said the same exploit could have produced unlimited counterfeit coins on the live network if it had been deployed before the patch.

The issue originated from a weakness inside Orchard’s cryptographic circuit. In simple terms, the system could be tricked into accepting false transaction data as valid, allowing new coins to be created inside the shielded pool.

The biggest concern was not just the bug itself. Because Orchard is designed to hide balances and transaction details, developers cannot use cryptographic proofs to determine whether anyone exploited the vulnerability before it was fixed.

Shielded Labs said there is currently no definitive way to prove from blockchain data alone that counterfeit ZEC was never created during the four-year period the flaw existed. At the same time, the organization added that it believes prior exploitation is unlikely.

The vulnerability escaped years of review by cryptographers and auditors. Shielded Labs said Hornby’s discovery came during a dedicated security program launched specifically to find hidden weaknesses before attackers could.

Emergency Upgrade Rolled Out

After receiving the disclosure, engineers from the Zcash Open Development Lab coordinated a private response with miners and exchanges. An emergency soft fork disabled Orchard transactions on June 2 at block 3,363,426.

A second upgrade, known as NU6.2, restored Orchard functionality on June 3 at block 3,364,600 using a corrected circuit. During the upgrade window, Orchard transfers were paused while transparent transactions and Sapling transactions continued operating.

Meanwhile, the inability to prove that counterfeit coins never existed inside Orchard remains the central issue. Orchard currently holds more than 4 million ZEC and represents the majority of coins stored inside Zcash’s private pools.

Related: Zcash Faces Temporary Halt Even as Shielded Privacy Use Soars

New Proposal Aims to Prove Supply Integrity

Shielded Labs now wants to introduce another network upgrade designed to remove uncertainty around the Orchard supply.

The proposal would create a new shielded pool and require all coins leaving Orchard to pass through turnstile accounting. The goal is to allow anyone to independently verify that no counterfeit ZEC exists.

Developers plan to publish the full proposal in the coming days.

ZEC erased its weekly gains and fell roughly 33% over 24 hours, while posting a seven-day decline of around 25%. BitMEX co-founder Arthur Hayes said he liquidated his entire ZEC position after reviewing the vulnerability.

Hayes stated that although he believes unauthorized minting was probably unlikely, he could not cryptographically prove it never happened. For him, that uncertainty conflicted with the core investment case for privacy assets.

Hayes said he remains open to buying back into ZEC if future evidence strengthens confidence in the network’s supply integrity.

Related: Zcash (ZEC) Price Prediction 2026-2050: Will Zcash Hit $1,000 Soon?