coin-img-ETHETH-3.92%coin-img-BTCBTC+0.03%coin-img-SOLSOL-2.66%coin-img-XRPXRP-1.18%coin-img-USDCUSDC-0.01%coin-img-HYPEHYPE-7.94%coin-img-ADAADA-13.47%coin-img-SUISUI-7.13%coin-img-ETHETH-3.92%coin-img-BTCBTC+0.03%coin-img-SOLSOL-2.66%coin-img-XRPXRP-1.18%coin-img-USDCUSDC-0.01%coin-img-HYPEHYPE-7.94%coin-img-ADAADA-13.47%coin-img-SUISUI-7.13%coin-img-ETHETH-3.92%coin-img-BTCBTC+0.03%coin-img-SOLSOL-2.66%coin-img-XRPXRP-1.18%coin-img-USDCUSDC-0.01%coin-img-HYPEHYPE-7.94%coin-img-ADAADA-13.47%coin-img-SUISUI-7.13%coin-img-ETHETH-3.92%coin-img-BTCBTC+0.03%coin-img-SOLSOL-2.66%coin-img-XRPXRP-1.18%coin-img-USDCUSDC-0.01%coin-img-HYPEHYPE-7.94%coin-img-ADAADA-13.47%coin-img-SUISUI-7.13%

ZEC Sinks More Than 40% After Disclosure of Long-Running Zcash Orchard Flaw

Zcash security group Shielded Labs has disclosed a critical vulnerability in the Orchard shielded pool, triggering a market selloff that pushed ZEC down more than 40%. Shielded Labs, a nonprofit grant organization within the Zcash ecosystem, said the issue had gone unnoticed for roughly four years and, in theory, could have enabled unlimited counterfeiting of ZEC. The affected component was Orchard, Zcash's most advanced privacy pool, which went live in May 2022, uses Halo2 zero-knowledge proofs without a trusted setup, and replaced the older Sapling and Sprout pools. According to the disclosure, Shielded Labs hired security engineer Taylor Hornby in April 2026 to proactively search for protocol vulnerabilities. Hornby found the flaw one day after Anthropic released Claude Opus 4.8, using the model alongside his own AI audit framework. He then wrote a full exploit in a local test environment and immediately reported it to the Zcash Open Development Lab. ZEC, which had previously traded above USD 600, fell below USD 350 after the news. Broader crypto markets were also weak, with Bitcoin at USD 62,000, down 2.8% on the day. What the Orchard bug made possible Shielded Labs characterized the issue as a soundness flaw in an underconstrained portion of the zero-knowledge proof system, specifically the Orchard cryptographic circuit. The bug allowed an attacker to supply arbitrary false inputs into an elliptic-curve multiplication while still passing the associated check. That, in turn, could allow a valid proof to be generated for an invalid transaction. In the Orchard pool, this could have opened a path to manipulate supply by creating counterfeit ZEC that would be undetectable on-chain. Because Orchard's privacy design hides balances and transactions, any inflation would not be visible through normal blockchain inspection. Shielded Labs said the exploit was not merely theoretical. "The vulnerability was real and exploitable. Taylor used Opus 4.8 to write a complete exploit that produced unlimited, undetectable counterfeit ZEC in a local regtest environment," the group said in its official disclosure. No evidence of exploitation, but no cryptographic way to prove it Shielded Labs and the Zcash Foundation said they have no evidence the vulnerability was abused. At the same time, they acknowledged that earlier exploitation cannot be ruled out cryptographically. The group cited three factors for why exploitation appears unlikely: the flaw eluded world-class cryptographers for years, discovery required cutting-edge AI tools and high-level expertise, and a fix followed quickly after the finding. The disclosure also highlighted a broader structural problem for privacy coins: the same cryptography that protects anonymity can make it impossible to prove past abuse from the chain alone. Shielded Labs pointed to Monero's 2017 inflation-related issue as a comparable case where retroactive verification of supply remained out of reach. Critics also noted that a small set of developers, miners, and exchanges coordinated a confidential emergency fix, raising questions about centralization risk. Proposal: a new pool and turnstile accounting to restore supply confidence To address the trust gap, Shielded Labs said it is preparing a proposal for another network upgrade. The plan would introduce a new shielded pool and apply "turnstile" accounting for all coins exiting the Orchard pool. Turnstile accounting, first established with the Sapling upgrade in 2018, is designed to allow verification of the total amount migrating from an old pool to a new one without revealing individual transactions. Shielded Labs said this would enable independent checks of the ZEC supply. The organization expects to publish details of the proposal in the following week, noting that any upgrade would require community backing and must proceed through the Zcash governance process. Shielded Labs also announced continued work with Hornby and the launch of a formal verification initiative aimed at mathematically proving the Orchard circuit's correctness. The team said it is opening new roles, including Head of Security and Cryptographer. The vulnerability has already been remediated. An emergency soft fork disabled the Orchard pool, and the later NU6.2 hard fork re-enabled it with a corrected circuit. Shielded Labs said the remaining challenge is restoring confidence in supply integrity, which the proposed upgrade is intended to address.
Selected
BTC
BTC+0.09%
BNB
BNB+0.08%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.