Home
News
Details

Zcash Founder Zooko Reveals Details of Critical Orchard Pool Forgery Vulnerability

iconKuCoinFlash
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
ZEC
$398.6177.2%
AI summary iconSummary

expand icon
Zcash founder Zooko disclosed a vulnerability related to a critical forgery flaw in the Orchard pool, identified by Taylor Hornby on May 29, 2026. The Zcash Open Development Lab coordinated a response and resolved the issue by June 2. Shielded Labs confirmed the vulnerability is real and permits infinite ZEC generation in tests. Due to privacy features, it remains unclear whether the flaw was exploited prior to the fix. A network upgrade proposal is currently being explored to deploy a new shielded pool and enable on-chain monitoring of token supply integrity.

BlockBeats news, on June 5, Zcash founder Zooko posted that security researcher Taylor Hornby discovered a critical forgery vulnerability in the Zcash Orchard pool on May 29 and disclosed it to the Zcash Open Development Lab (ZODL). ZODL subsequently coordinated an emergency response across the ecosystem, and the patch was completed on June 2.


Shielded Labs stated that the vulnerability is real and exploitable; the exploit code written by Taylor in a local test environment can generate infinite, undetectable forged ZEC. Due to Orchard’s privacy properties, it is not possible to cryptographically prove whether the vulnerability was exploited prior to its patch, but they believe the likelihood of prior exploitation is low. Shielded Labs is exploring a network upgrade proposal to deploy a new shielded pool and implement turnstile accounting for all tokens from the Orchard pool, enabling anyone to verify the integrity of Zcash’s supply and prove that no forged ZEC exists within the Orchard pool.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.