TheBlock
A critical zero-knowledge circuit vulnerability in Zcash's Orchard shielded transaction pool allowed an attacker to mint an "unlimited" amount of counterfeit ZEC — completely undetectable within the pool. Security engineer Taylor Hornby, hired by Shielded Labs, discovered the flaw on May 29 using Anthropic's Opus 4.8 model and a custom AI harness, then immediately disclosed it to engineers at the Zcash Open Development Lab. The bug was patched on June 1, but had been present since Orchard's activation in May 2022.
Why it matters
The vulnerability stemmed from an "under-constrained" element of the Orchard circuit — the zero-knowledge proof system that validates shielded transactions. By feeding arbitrary false inputs to an elliptic curve multiplication, an attacker could bypass the circuit's validity checks entirely. Hornby confirmed a working exploit in a local regtest environment that generated unlimited, undetectable counterfeit ZEC. Because Orchard's privacy properties obscure transaction details by design, it is technically impossible to rule out whether the flaw was exploited during its three-year window of exposure. Shielded Labs said it is "not overly concerned" that counterfeiting occurred, noting the bug evaded the world's top cryptographers for years — but the uncertainty itself is the market risk.
Market impact
ZEC plunged 31% in 24 hours to $40.64 as of 11:00 p.m. ET Thursday, with the bulk of the decline compressed into the five hours following Shielded Labs' public disclosure. The sell-off reflects the market pricing in supply-integrity uncertainty: if counterfeit ZEC exists in the Orchard pool, the true circulating supply is unknowable.
WuBlockchain
CoinTelegraph
CoinDesk
CryptoSlate