Let\u2019s dive a bit deeper.<\/p>\n According to Zooko\u2019s post on Twitter, security researcher Taylor Hornby discovered the vulnerability on May 29th, 2026, while reviewing the protocol\u2019s Orchard circuit. To those unaware, Orchard is one of Zcash\u2019s shielded pools \u2013 the part of the protocol that makes private transactions possible.<\/p>\n Hornby had been hired by Shielded Labs back in April 2026 to conduct ongoing security research on the protocol. His job was to look for hidden flaws before malicious hackers could find it.<\/p>\n The discovery came relatively short after Antrophic released its Opus 4.8 AI model on May 28th. In fact, Hornby used this same model as part of a targeted audit of the Orchard circuit. He combined AI-assisted review with traditional security research, and one day later he found the bug and disclosed it to the Zcash Open Development Lab, or ZODL for short.<\/p>\n ZODL then coordinated an emergency response throughout the entire Zcash ecosystem, completing the fix by June 2nd, and thereby closing the window of risk. But that\u2019s not the end of the story, because the bug could have caused damage before it was fixed. Allow me to explain.<\/p>\n Put in simple terms, the vulnerability could have allowed for someone to create fake ZEC inside Orchard.<\/p>\n Cryptocurrencies usually rely on very strict rules to prevent counterfeiting. A blockchain must absolutely know, at all times, that coins being spent really exist and that no one is secretly creating more than allowed. Zcash has a maximum supply of 21 million ZEC, similar to Bitcoin\u2019s fixed-supply model. If someone is able to create unlimited fake ZEC, that would undermine one of the most basic and fundamental promises of the system itself.<\/p>\n https:\/\/t.co\/v7BiOdzU9E<\/a><\/p>\n \u2014 zooko The vulnerability was caused by what the authors described as an \u201cunder-constrained\u201d element in the Orchard circuit. Now, a circuit is a mathematical system used to verify that a private Zcash transaction follows the rules without revealing sensitive details. These are the details about the sender, the receiver, and the amount.<\/p>\n \u201cUnder-constrained\u201d here means that the circuit did not fully check something it was supposed to be checking. In this case, the flaw enabled the insertion of false inputs into a core cryptographic operation, elliptic curve multiplication, while still making the proof appear valid.<\/p>\n The researcher reportedly built a complete exploit and tested it in a local environment. During that test, the exploit generated virtually unlimited undetectable counterfeit ZEC. The authors admitted that if the same tool had been used on mainnet before the fix, it would have generated counterfeit ZEC directly in the real Zcash wallet.<\/p>\n The crucial part of this disclosure is not only that the bug existed, but that Zcash\u2019s privacy design makes it impossible to prove whether it was ever exploited before the fix. And it has been here for a while. To be precise \u2013 since Orchard was activated in May 2022. So that\u2019s over 4 full years it could have been exploited.<\/p>\n Zcash\u2019s protocol is designed so that shielded transactions do not reveal public details about who sent the funds, who received them, or how much was transferred. That privacy is the whole point of the system. At the same time, though, it makes forensic analysis that much harder.<\/p>\n On a traditional public and transparent blockchain, investigators are able to trace abnormal coin creation or suspicious transaction patterns. In Orchard, the relevant information, which could essentially point to any potential damages, is hidden by design. As a result, the authors concluded that there is no definitive cryptographic way of determining whether counterfeited coins were created before the vulnerability was patched.<\/p>\n It\u2019s important to note that this doesn\u2019t mean that counterfeiting happened \u2013 it just means there\u2019s no way to prove it doesn\u2019t.<\/p>\n Despite the serious nature of the vulnerability, the authors argue that prior exploitation was probably unlikely.<\/p>\n The first reason they outline is that the vulnerability had gone unnoticed for years, despite Zcash\u2019s protocol being reviewed by experienced security engineers and cryptographers. Orchard was activated back in May 2022, as we mentioned above, which means that the bug was there for four years without it being discoverd (or at least not that we know of such discovery).<\/p>\n The second reason is that Hornby was onboarded to specifically search for deep protocol vulnerabilities, and this discovery was not accidental. It was the result of focused security effort using advanced tools and expert judgment.<\/p>\n They also argued that the vulnerability was patched within just a few days after discovery. That said, the authors were very careful in asking the users not to simply trust their judgment, proposing a more formal way of restoring trust.<\/p>\n First things first, Shielded Labs is working with other Zcash devs on a possible network upgrade that would allow users to reliably verify the integrity of the ZEC supply.<\/p>\n This idea involves creating a new shielded pool and using \u201cturnstile accounting\u201d for coins leaving Orchard. Put simply, this would create a migration path that\u2019s more controlled. Coins could move from the old pool to the new one under rules that are designed to make sure that more ZEC cannot come out than it legitimately went in.<\/p>\n Naturally, this kind of network upgrade wouldn\u2019t take place automatically \u2013 it would need community support through the normal government process.<\/p>\n One of the most impressive parts of this story is the role of AI-assisted security research.<\/p>\n Taylor Hornby used Anthropic\u2019s Opus 4.8 model as part of the review that led to the discovery.<\/p>\n This doesn\u2019t mean that AI \u201cfound the bug on its own.\u201d The disclosure makes it clear that the process involved a very experienced professional, a targeted review, custom tooling, and expert analysis. However, it also shows that AI systems may increasingly become part of high-stakes security work, especially in complex cryptographic systems, where even the smallest mistakes can have disproportionately large consequences.<\/p>\n Shielded Labs said it\u2019s now accelerating this kind of proactive research.<\/p>\n \u00a0<\/p>\n Postitus Critical Zcash Vulnerability Revealed by Founder: Key Details and ZEC Outlook<\/a> ilmus esimesena veebilehel CryptoPotato<\/a>.<\/p>","protected":false},"excerpt":{"rendered":" Zcash\u2019s native cryptocurrency, ZEC, crashed by roughly 45% today, as the market reacted to a notable disclosure from the protocol\u2019s founder, Zooko Wilcox, and other key ecosystem figures. The post explained that researchers had recently found and patched a critical vulnerability associated with Zcash\u2019s Orchard shielded pool \u2013 one that could have allowed an attacker […]<\/p>\n","protected":false},"author":1,"featured_media":46148,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-46145","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-feeds"],"yoast_head":"\n![\"Screenshot](\"https:\/\/cryptopotato.com\/wp-content\/uploads\/2026\/06\/Screenshot-2026-06-05-at-11.02.22.png\")
<\/a>Why This Bug Was So Serious<\/h2>\n
\n
![\"\ud83d\udee1\"](\"https:\/\/s.w.org\/images\/core\/emoji\/16.0.1\/72x72\/1f6e1.png\")
![\"\ud83e\udd93\"](\"https:\/\/s.w.org\/images\/core\/emoji\/16.0.1\/72x72\/1f993.png\")
\u24e9 (@zooko) June 4, 2026<\/a><\/p>\n<\/blockquote>\nThe Tradeoff for Privacy<\/h2>\n
Authors Think Exploitation Was Unlikely: Here\u2019s Why<\/h2>\n
What\u2019s Next?<\/h2>\n
Opus 4.8 and Its Role in Discovering this Zcash Vulnerability<\/h2>\n