An AI model that came out last week just found a hidden bug in Zcash $ZEC - The token dropped from $590 to $250 within 24 hours.

Zcash is a privacy coin. Its main feature, called the Orchard pool, lets people send ZEC anonymously.

It launched in May 2022 and has been considered one of the most cryptographically rigorous systems in crypto.

For four years, a bug was hiding inside it. The bug let anyone create unlimited fake ZEC that would be impossible to tell apart from real ZEC.

If exploited, it could have quietly broken the entire supply and nobody caught it.

Last week, Anthropic released a new AI model called Opus 4.8. A security researcher named Taylor Hornby pointed it at the Zcash code.

Within 24 hours he had identified the flaw and written a working exploit that minted counterfeit tokens in a test environment.

Zcash disabled the affected pool on June 2 and shipped a permanent fix the next day. The team went public on June 5.

Here is the problem. Because the Orchard pool was designed for total privacy, there is no way to look back and prove whether the bug was ever used.

Zcash says exploitation is extremely unlikely but they cannot prove it didn't happen.

For a privacy coin, that uncertainty is the product breaking.

Arthur Hayes sold his entire ZEC position the same day. He had previously called it part of his three best trades in crypto.

His exit reason was simple. A privacy network has to be provable. Probably safe is not the same as safe.

This is not the first time Zcash has dealt with a hidden counterfeiting bug. There was one years ago in an older version of the system. The token took years to recover from it.

The bigger story is the timeline. Four years of human review missed this.

One day of AI assisted review caught it. Every protocol in crypto has been audited under the assumption that human review is enough. That assumption just stopped being true.