Zcash Critical Vulnerability Timeline: Price Once Plunged 40%, AI Audit Landmark Case

Edit | Grok and others

As a well-known privacy coin project in the cryptocurrency space, Zcash is renowned for its powerful shielded transaction (shielded transactions) feature. These transactions utilize Zero-Knowledge Proof (ZKP) technology, allowing users to complete transfers without revealing specific details such as amounts and addresses, thereby protecting privacy.

In April–May 2026, the price of ZEC experienced a significant surge, soaring up to 150%, with market capitalization reaching hundreds of billions of dollars. As global regulation tightened and on-chain transparency increased, concerns about “censorable/forfeitable” assets grew. Zcash’s shielded pools (especially the Orchard pool) offer optional privacy protection, attracting investors seeking “censorship and seizure-resistant” assets. Institutions like Multicoin Capital explicitly position ZEC as a return to cypherpunk ideals, emphasizing that privacy will become a core requirement in the on-chain financial era. This narrative resonates with broader market environments (such as discussions around potential wealth taxes), driving capital inflows.

Cypherpunk Technologies (supported by Winklevoss) surged as the company heavily bought ZEC, now holding approximately 1.7%-2% of the total supply, becoming a major institutional holder. The Winklevoss twins (founders of Gemini) have long supported Zcash, donating multiple times and increasing holdings through their entities. Foundry Digital launched an institutional-grade ZEC mining pool; Maelstrom Fund (associated with Arthur Hayes) and others also increased their holdings. Grayscale has submitted an application to convert the Zcash Trust into the US’s first privacy coin spot ETF (potential ticker ZCSH). If approved, this would provide a compliant entry point for institutional funds, likely attracting billions of dollars.

However, recently, Zcash’s latest privacy pool Orchard was found to have a major vulnerability, causing intense market volatility. The team quickly took emergency measures, temporarily disabling related transactions via soft fork, then completing a fix through a hard fork. No signs of actual exploitation were found during the process, but the privacy design’s features also posed challenges for verifying supply integrity. This article summarizes a detailed timeline based on official announcements, developer forums, and reputable media reports, and explains key technical terms.

What is Orchard pool? Why is it so important?

Orchard is the latest shielded pool introduced by Zcash in the May 2022 NU5 network upgrade. Unlike earlier Sprout and Sapling pools, Orchard is based on Halo 2 proof system, an advanced zero-knowledge proof technology that does not require a trusted setup, significantly improving privacy efficiency and scalability.

As of the vulnerability disclosure, the Orchard pool held over 4.5 million ZEC, representing a substantial portion of the total supply, worth billions of dollars. It is central to Zcash’s privacy architecture, but the complex zero-knowledge circuits also pose long-term auditing challenges.

Nature of the vulnerability: Soundness Bug explained

This vulnerability is a soundness (健全性) flaw located in the Orchard Action circuit (the zero-knowledge proof circuit that handles shielded transaction actions). Specifically, it is an under-constrained circuit constraint, allowing the generation of invalid proofs that can still be accepted by the network.

In simple terms: in a zero-knowledge proof system, “soundness” ensures that only legitimate transactions pass verification. If soundness is compromised, an attacker could theoretically forge proofs, enabling double-spending within the Orchard pool or minting fake ZEC without detection. This vulnerability has lurked since Orchard’s launch nearly four years ago.

It’s worth noting that, due to Zcash’s turnstile mechanism (a cross-pool accounting check system), even if anomalies occur within the Orchard pool, the total supply will not be infinitely inflated—turnstile limits the value flowing out of the pool to not exceed what entered. However, the privacy features make it difficult for external parties to fully cryptographically verify that the pool has never been exploited.

Discovery process (May 29)

May 29, 2026: Independent security researcher Taylor Hornby (former Electric Coin Company security engineer, commissioned by Shielded Labs for protocol auditing) discovered the vulnerability during routine auditing. He used Anthropic’s latest Claude Opus 4.8 AI model to assist in analyzing the circuit and successfully built a complete exploit in a local testing environment, generating unlimited fake ZEC.

Hornby privately disclosed the issue on the same day to Zcash Open Development Lab (ZODL) and the Zcash Foundation. The team immediately initiated an emergency response, coordinating miners, exchanges, and node operators.

First phase of emergency response: soft fork disabling Orchard (June 1–2)

Starting from the evening of May 31, coordination was done privately. The first soft fork attempt faced deployment coordination issues, prompting rapid iteration.

June 2, 2026 (around UTC 2:00, block height 3,363,426): Deployment of Zebra 4.5.3 and other emergency updates, activating an emergency soft fork. The network required nodes and miners to reject all transactions and blocks containing Orchard actions, temporarily disabling Orchard transactions (Sapling and transparent transactions unaffected). This aimed to prevent potential exploitation during the fix.

The network experienced brief instability during the transition, with multiple competing chains and orphaned blocks. Wallets like Cake Wallet temporarily limited ZEC functionality, but the chain overall continued to operate.

Second phase of emergency response: NU6.2 hard fork for fix (June 3)

June 3, 2026 (around EDT 00:05, block height 3,364,600): Activation of NU6.2 hard fork supported by Zebra 5.0.0. This upgrade deployed the corrected Orchard Action circuit, introduced new verification keys (per-circuit verifying key), and re-enabled Orchard transactions.

From disclosure to full recovery took only about five days, marking the second time in Zcash history that a protocol upgrade was driven by security concerns. ZODL and the foundation confirmed: no funds were lost, no unauthorized value was created, the turnstile mechanism detected no anomalies, and user privacy and fund security were maintained.

Market reaction and community impact

Following the disclosure, ZEC’s price fluctuated sharply, dropping nearly 40–50% from its peak, with market cap evaporating billions. Notable figures (like Arthur Hayes) liquidated holdings, and derivatives short positions surged. But as the fix was implemented, prices stabilized somewhat.

Community discussions focused on: the impact of the privacy pool suspension on decentralization narratives, AI’s role in security auditing, the challenges of maintaining dual nodes (zcashd + Zebra), and upcoming NU7 upgrades (faster blocks, support for shielded assets). Shielded Labs also proposed further upgrades, including new pools and turnstile enhancements to improve supply verifiability.

This incident highlights the delicate balance between privacy and auditability in privacy coins. The swift, professional response of the Zcash team is commendable—coordinating multiple parties efficiently and completing complex upgrades in a short time, exemplifying effective crisis management in crypto history.

However, the dual-edged nature of privacy design also reminds the industry: complex zk systems require ongoing formal verification, multi-party audits, and AI-assisted tools. As a pioneer in privacy, Zcash’s future node migrations (toward Zebra), governance improvements, and institutional opportunities (such as potential ETFs) will determine its long-term trust rebuilding.

AI-assisted security audit milestone

A notable aspect of the Zcash Orchard pool soundness vulnerability is that security researcher Taylor Hornby used Anthropic’s latest Claude Opus 4.8 AI model to successfully discover and verify this nearly four-year latent flaw. This process not only highlights AI’s powerful potential in complex cryptographic audits but also provides important insights for the entire blockchain security field.

On May 28, 2026, Anthropic officially released Claude Opus 4.8, the latest flagship model in its Opus series. The model reaches cutting-edge levels in coding ability, agentic tasks, long-context reasoning, and professional knowledge work, supporting up to 1 million tokens of context window, and introducing new features like “Dynamic Workflows” and “Effort Controls.”

Hornby, as an independent security engineer commissioned by Shielded Labs, began ongoing review of the Zcash protocol in April 2026. The day after Claude Opus 4.8’s release (May 29), he combined it with a custom AI auditing framework to conduct targeted reviews of the Orchard Action circuit.

Leveraging the model’s strong code comprehension and complex reasoning capabilities, Hornby not only identified the under-constrained issue but also successfully authored a complete exploit. In a local regtest environment, this exploit could generate unlimited, undetectable counterfeit ZEC, indistinguishable from legitimate ZEC within the privacy pool.

This process integrated traditional security research methods with cutting-edge AI tools: Opus 4.8 helped analyze elliptic curve mathematics, generate test cases, and assist in constructing proof generation code, greatly accelerating the cycle from theoretical discovery to practical verification. Hornby responsibly privately disclosed the findings to Zcash Open Development Lab (ZODL), avoiding any risk to the mainnet.

This event is regarded as a milestone in AI-assisted security auditing. Despite multiple manual audits and formal verifications over recent years, complex zero-knowledge circuits (especially based on Halo 2 and Orchard) still contain blind spots difficult for humans to fully cover. Claude Opus 4.8’s involvement demonstrates the unique advantages of frontier large models in handling vast codebases and detecting subtle constraint deficiencies.

The application of Claude Opus 4.8 in discovering Zcash vulnerabilities marks a shift from AI as an auxiliary tool to a core security force. This not only accelerated response times (from disclosure to fix in just days) but also established a new “AI white-hat” paradigm in crypto. As more advanced models like Anthropic Mythos series emerge, blockchain protocol auditing efficiency is expected to improve significantly.