The protocol founder Zooko admitted that "it is fundamentally impossible to prove whether it has been exploited before the fix" and disclosed the "possibility of infinitely minting ZEC."

Written by: Maher, Foresight News

On June 5, Zcash founder Zooko Wilcox, along with Jason McGee and Taylor Hornby, published a lengthy article, detailing a critical integrity vulnerability in the project’s latest privacy layer, the Orchard pool, which could be exploited to create an unlimited amount of forged ZEC in a concealed environment.

Previously, the Zcash ecosystem had completed an emergency network upgrade to address the issue. However, after the detailed impact was disclosed, the price of ZEC experienced extreme fluctuations, dropping more than 30% in a single day, with a low point around $411.

Zcash has been an absolute star in the privacy track over the past six months, soaring from around $200 since March this year to a peak of $688. Prominent figures, including AllianceDAO co-founder Wang Qiao, Bankless founder David Hoffman, and "pump king" Arthur Hayes, have expressed strong optimism about its performance.

However, shortly after the vulnerability was discovered, Arthur Hayes tweeted that he had sold all his ZEC holdings. He stated that after reading the details of the vulnerability and observing a 30% pullback in ZEC, he decided to completely close his position for profit. He mentioned that he would continue to reassess and consider buying back at a lower price if it proves his assumptions wrong later.

So, what exactly happened with Zcash?

In simple terms, Orchard is a privacy vault in Zcash that is "completely invisible inside." Once money is put inside, neither the outside world nor the blockchain itself knows how much money is inside or whose it is. The vulnerability this time lies in the vault's "verification lock"—this lock should be very secure, allowing only legitimate transactions to pass verification. However, due to a mathematical constraint being written too loosely (like a gear in the lock being loose), attackers can forge what appears to be a completely legitimate key, tricking the system and creating new ZEC out of thin air inside the vault.

This incident directly challenges the narrative of "technological trust is core value" in the privacy coin sector.

Zcash, as the first public chain to scale zk-SNARKs for private transactions, has been viewed as a more efficient evolutionary version of the Sapling pool since the Orchard pool was activated with the NU5 upgrade in May 2022, housing a large amount of private funds. Now, the vulnerability discovered by security researchers using the latest AI models has led the entire industry to reassess the gap between privacy technology from theory to practice.

Source of Vulnerability Discovery: AI-Assisted Audit

The process of discovering the vulnerability was dramatic.

In April 2026, Shielded Labs hired veteran security engineer Taylor Hornby to conduct ongoing security research on the Zcash protocol, aiming to identify issues before malicious actors do.

On May 28, Anthropic released the Opus 4.8 model. The next day, Taylor used this model in conjunction with traditional methods to conduct a highly targeted review of the Orchard circuit and discovered the issue: there was an insufficient constraint in the halo2_gadgets crate’s elliptic curve multiplication, allowing attackers to input any false values into the multiplication operation while validation still passes. This means that seemingly completely valid Orchard actions could be constructed—i.e., generating forged ZEC within the Orchard pool, which cannot be distinguished on-chain due to privacy features.

Taylor immediately disclosed the issue to the core engineers at ZODL, who confirmed the severity of the vulnerability within hours and initiated an emergency response.

The foundation's early security announcement downplayed the situation, describing it as a "double-spending risk" and assured that "the revolving door mechanism protected the total amount from changing, and there was absolutely no inflation of the total supply." They attempted to stabilize market sentiment by claiming "total supply security," while covering up the harsh reality that the Orchard pool might have been artificially inflated and honest users' assets were effectively diluted.

By June 4, the statement from founders like Zooko added fatal details. He admitted that "it is fundamentally impossible to prove whether it has been exploited before the fix" and disclosed the "possibility of infinitely minting ZEC." This candid admission directly shattered the "security illusion" maintained by the foundation, triggering a panic-driven market crash.

Zooko

Because if attackers have exploited the vulnerability over the past few years to mint one million fake ZEC in the Orchard pool and withdrew them to the transparent pool before the fix, the total supply has indeed not inflated, but the real assets of users in the Orchard pool have been evaporated into thin air and subjected to targeted harvesting. Once the revolving door limit is announced next week, the Orchard pool will face the largest "bank run" in the history of privacy public chains, and the assets of users who withdraw will be forever locked up.

In the AI Era, "Unchecked Vulnerability Equals Security" is No Longer Valid

Since the activation of Orchard in 2022, bugs have persisted despite years of auditing by top cryptographers, and it was only discovered through targeted research with the latest AI tools. This sounds an alarm for many privacy schemes (including other ZK privacy projects): theoretically "perfect" mathematical constructs may still have omissions in engineering implementation.

Taylor Hornby, using Anthropic Opus 4.8, quickly pinpointed the Orchard flaw, proving that AI can be a powerful aid to white-hat researchers, but also implying that attackers can similarly use such tools to more rapidly discover high-value targets.

If project teams fail to establish a continuous and proactive security review mechanism, the window from vulnerability discovery to malicious exploitation will shrink sharply. Zcash has gained the advantage this time due to its advance in safety research,

but for the entire crypto industry, this seems more like a collective warning: in the AI-driven security offensive and defensive race, any reliance on "years of being unnoticed equals security" is no longer valid. Only by integrating AI auditing, formal verification, and rapid response capabilities into standard practices will privacy protocols truly withstand the stress tests of the new era.