Critical Zcash Vulnerability Found and Fixed

If you’re a user—owner?—of this cryptocurrency, this is important:

On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash Orchard privacy pool using Claude Opus 4.8. The Zcash team hired Hornby specifically to look for this kind of issue. He found one fast enough to be embarrassing.

The Orchard pool is the newest and most advanced shielded transaction system in the cryptocurrency Zcash. Introduced in 2022, it allows users to send and receive ZEC while keeping transaction details private. It uses zero-knowledge proofs to validate transactions without revealing amounts or participants. The bug: a specific check that was supposed to validate transaction inputs wasn’t actually enforcing the rules it appeared to enforce. An attacker could have exploited the flaw to feed false inputs into that check and generate ZEC from nothing, with the zero-knowledge proof system blessing the fraudulent transaction as valid.

It’s fixed; that’s the good news. The bad news is that there’s no way of knowing if anyone exploited the vulnerability to steal money. And this fragility is the fundamental problem that makes blockchain such a bad idea.

Tags: , , ,

Posted on June 8, 2026 at 1:06 PM5 Comments

Comments

tfb June 8, 2026 2:23 PM

I mean, it’s not as if the very first thing a competent person using zcash for, say, money laundering would do is use shielded transactions is it? Oh, it is.

Clive Robinson June 8, 2026 4:12 PM

@ Bruce, ALL,

Whilst,

“And this fragility is the fundamental problem that makes blockchain such a bad idea.”

Has “technical truth” but…

The fundamental human problems of “blockchain” are it is not just an “environmental disaster” it’s also slow and fails to give anonymity. It also fails to allow for corrections by third party authorities…

Oh and along with this there is the cost of running a public facing blockchain that is an ongoing drain on the system.

Fidel Ramos June 8, 2026 5:45 PM

The bad news is that there’s no way of knowing if anyone exploited the vulnerability to steal money. And this fragility is the fundamental problem that makes blockchain such a bad idea.

The bug is serious, but there is no need to throw FUD around.

You can read Zooko’s assessment of the vulnerability at https://forum.zcashcommunity.com/t/the-orchard-counterfeiting-vulnerability-and-next-steps/56015

The plan is to implement a network upgrade that will allow anyone to prove the vulnerability was not exploited and the ZEC supply is as it should be. If it wasn’t exploited then all is well, one less critical bug in an open-source project. If it was then we’ll see how ZCash reacts, it might be able to upgrade again to correct it after the fact. In any case, “there’s no way of knowing if anyone exploited the vulnerability to steal money” is untrue.

pedroapero June 8, 2026 5:59 PM

this fragility is the fundamental problem that makes blockchain such a bad idea.

This is not true, the impossibility to audit the coins supply is very specific to Zcash, not applicable to other blockchains.

Rontea June 9, 2026 9:14 AM

This incident is a stark reminder that even systems with years of expert scrutiny can harbor silent, critical flaws. Zcash’s Orchard pool operated for four years with a vulnerability that could have generated undetectable counterfeit currency—highlighting the asymmetric risk posed by cryptographic privacy designs. The fact that a publicly released AI model, Opus 4.8, found this issue within a day underscores how quickly the defensive and offensive landscape is shifting.

For protocol teams: assume that advanced analysis, including AI-assisted review, is already being applied by both researchers and adversaries. The absence of evidence is not evidence of absence—particularly in privacy-preserving systems where exploitation may be fundamentally invisible. Any future design must incorporate verifiable integrity checkpoints, like the proposed turnstile accounting, if we’re going to manage systemic trust in decentralized finance.

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.