Zcash’s native cryptocurrency, ZEC, plunged roughly 45% today after a disclosure from the protocol’s founder, Zooko Wilcox, and other core contributors revealed a serious vulnerability in the network’s shielded pool.
The announcement explained that researchers recently discovered and patched a critical flaw in Zcash’s Orchard shielded pool—one that could have enabled an attacker to mint unlimited counterfeit ZEC without detection. This is one of the most severe types of bugs a cryptocurrency can face because it directly threatens the integrity of the coin’s total supply.
The researchers stated they believe prior exploitation is unlikely. However, because of Zcash’s privacy design, there is no cryptographic method to prove whether the bug was ever exploited before it was fixed.
What Happened to ZEC on June 5th, 2026?
On June 5th, 2026, ZEC experienced a steep decline, losing more than 45% of its value and falling from above $600 to about $300 within hours following the public disclosure of the vulnerability. The sudden market reaction reflected investor concern about the potential for undetected counterfeit token creation.
Security researcher Taylor Hornby discovered the vulnerability on May 29th, 2026, while auditing the Orchard circuit. Orchard is one of Zcash’s shielded pools—the component that enables private transactions.
Hornby was hired by Shielded Labs in April 2026 to perform targeted security research on Zcash. Using a combination of traditional security techniques and AI-assisted review—specifically Anthropic’s Opus 4.8 model, released on May 28th—Hornby identified the flaw and disclosed it to the Zcash Open Development Lab (ZODL) on May 30th.
ZODL coordinated an emergency response across the Zcash community and implemented a fix by June 2nd, closing the window of risk. Still, because the vulnerability could have been abused before the patch, the discovery raised immediate concerns about the protocol’s supply integrity.
Why This Bug Was So Serious
In simple terms, the vulnerability could have allowed someone to create fake ZEC within Orchard. Blockchains enforce strict rules to prevent counterfeiting: they must always be able to verify that coins being spent genuinely exist and that no additional supply has been created outside of protocol rules. Zcash has a fixed maximum supply of 21 million ZEC. If an attacker could mint unlimited counterfeit coins, it would undermine the protocol’s fundamental supply guarantee.
The root cause was described by the researchers as an “under-constrained” element in the Orchard circuit. In Zcash, a circuit is a mathematical construct used to validate that a private transaction follows protocol rules without revealing sender, recipient, or amount. “Under-constrained” means the circuit failed to enforce a check it should have enforced. That allowed false inputs to be injected into a core cryptographic operation—elliptic curve multiplication—while still producing a proof that appeared valid.
The researcher reportedly developed and tested a full exploit in a local environment; during those tests, the exploit generated effectively unlimited undetectable counterfeit ZEC. The authors noted that if the tool had been used on mainnet before the patch, it would have created counterfeit ZEC in real wallets.
The Tradeoff for Privacy
Crucially, Zcash’s privacy design is what makes this situation particularly challenging. Orchard was activated in May 2022, meaning the flawed code existed for more than four years. Because shielded transactions do not reveal public details about senders, recipients, or amounts, forensic analysis is far more difficult than on transparent blockchains. On a transparent chain, investigators can trace abnormal coin creation or unusual transaction patterns. In Orchard, the information that would indicate damage is intentionally hidden, so there is no definitive cryptographic proof that counterfeit coins were or were not created prior to the fix.
That distinction matters: the disclosure does not assert that counterfeiting occurred—only that it cannot be proven that it did not.
Why the Authors Think Exploitation Was Unlikely
Despite the severity of the bug, the researchers argue that exploitation before discovery was likely unlikely for several reasons. First, the vulnerability went unnoticed for years despite multiple reviews by experienced engineers and cryptographers, which suggests that finding and exploiting it required specialized, focused effort. Second, Hornby was specifically engaged to seek deep protocol vulnerabilities using advanced tools and expert analysis; the discovery was the result of deliberate, expert review rather than an accidental find.
Finally, the vulnerability was patched within a few days of discovery. Nevertheless, the researchers emphasized they could not simply ask users to accept their assessment without additional verification, and they proposed a formal approach to restore confidence in the supply.
What’s Next?
Shielded Labs and other Zcash developers are working on a proposed network upgrade to allow users to verify the integrity of the ZEC supply. The plan involves creating a new shielded pool and implementing “turnstile accounting” for funds leaving Orchard. In practice, this would create a controlled migration: coins would move from the old pool to the new one under rules designed to ensure that no more ZEC leaves the old pool than legitimately entered it. Such an upgrade would require community approval through Zcash’s governance process.
Market reaction has been driven by the uncertainty that remains even after the patch. Analysts note that because the privacy properties of Orchard prevent a full cryptographic audit of historical shielded activity, the supply cannot yet be certified as clean. That uncertainty, rather than the technical details of the fix itself, largely explains the sharp price drop.
“What markets are reacting to is the part that cannot be fully resolved by the patch. Due to the privacy design of Orchard, there is no cryptographic way to audit whether someone exploited this before the fix. The Zcash team has said exploitation is unlikely, for reasonable reasons, but they have been explicit that they cannot prove it. That is a genuine supply integrity problem. A network upgrade is being proposed that would migrate coins to a new shielded pool with turnstile accounting, allowing independent verification. Until that is live and audited, the honest answer is that current ZEC supply cannot be certified clean.
The price reaction reflects that uncertainty more than the bug itself. A patched vulnerability in a minor privacy coin would ordinarily be a footnote. The -30% move is the market assigning non-trivial probability to the scenario where some counterfeiting did occur and is permanently undetectable without the proposed upgrade.”
AI-Assisted Security Research and Opus 4.8
An important part of this episode is the role AI-assisted tools played in discovering the flaw. Taylor Hornby incorporated Anthropic’s Opus 4.8 model into his audit of the Orchard circuit. This does not mean the AI autonomously discovered the bug; the effort combined an experienced security researcher’s judgment, targeted review, and custom tooling with AI assistance.
The event demonstrates that AI can become a valuable component in complex, high-stakes security work—particularly in cryptographic systems where subtle mistakes can have major consequences. Shielded Labs said it will accelerate similar proactive research efforts going forward.