Back

Critical Forgery Vulnerability Discovered in Zcash's Orchard Privacy Pool

Severity: High (Score: 69.0)

Sources: Panewslab, Decrypt.Co, podcasts.apple.com, Blockhead.Co

Published: 2026-06-05 · Updated: 2026-06-05

Keywords: zcash, vulnerability, founder, forgery, orchard, critical, details

Severity indicators: critical, vulnerability

Summary

On May 29, 2026, security researcher Taylor Hornby identified a critical forgery vulnerability in Zcash's Orchard privacy pool, allowing for the potential minting of unlimited counterfeit ZEC tokens. The vulnerability, which existed since the pool's launch in May 2022, was discovered using Anthropic's Claude Opus 4.8 AI model. Zcash's Open Development Lab (ZODL) responded quickly, deploying a patch by June 1, 2026. However, due to the privacy features of Orchard, it is impossible to cryptographically verify if the vulnerability was exploited prior to the patch. Following the disclosure, ZEC's price dropped over 30% within 24 hours. Zooko Wilcox, Zcash's founder, stated that the likelihood of prior exploitation is low, given the vulnerability's elusiveness to top cryptographers. Shielded Labs is proposing a network upgrade to further secure the Orchard pool and ensure the integrity of the Zcash supply. Key Points: • A critical forgery vulnerability in Zcash's Orchard pool was discovered on May 29, 2026. • The vulnerability allowed for the minting of unlimited counterfeit ZEC tokens and existed since May 2022. • Zcash's price dropped over 30% following the disclosure, despite the patch being deployed quickly.

Detailed Analysis

**Impact** The vulnerability affects all users of Zcash’s Orchard privacy pool, active since May 2022, potentially allowing undetectable creation of unlimited counterfeit ZEC tokens. Although no evidence indicates exploitation on mainnet, the inability to cryptographically verify past misuse poses a risk to the integrity of the ZEC supply cap of 21 million tokens. The incident caused a market impact with ZEC’s price dropping over 30% within 24 hours, affecting investors globally. No user funds or privacy data have been reported compromised. **Technical Details** The flaw is a soundness bug in the Orchard zero-knowledge proof circuit (halo2_gadgets crate), where an insufficient constraint allowed invalid elliptic curve multiplication inputs to pass verification. This enabled forgery of ZEC tokens with valid zero-knowledge proofs, bypassing transaction input validation. The exploit was discovered and demonstrated by security researcher Taylor Hornby using Anthropic’s Claude Opus 4.8 AI model, which generated a working proof-of-concept exploit in a local environment. The vulnerability existed since Orchard’s May 2022 launch and was patched via a soft fork and subsequent hard fork in early June 2026. No CVE identifiers or IOCs were provided. **Recommended Response** Apply the emergency patch deployed by Zcash Open Development Lab, including the NU6.2 hard fork that corrected the Orchard circuit and disabled vulnerable transactions during remediation. Monitor for upcoming network upgrades proposing a new privacy pool with turnstile accounting to verify supply integrity. Organizations should audit their Zcash nodes for compliance with the latest protocol version and follow Shielded Labs’ guidance on governance proposals. Due to privacy features, continuous monitoring for counterfeit issuance is not feasible; focus on applying patches and participating in network upgrades.

Source articles (5)

  • Zcash founder reveals details of a serious forgery vulnerability in Orchard, stating that ... — Panewslab · 2026-06-05
    PANews reported on June 5th that Zcash founder Zooko Wilcox posted on the X platform that security researcher Taylor Hornby discovered a serious forgery vulnerability in the Zcash Orchard pool on May…
  • Claude AI Finds Critical Vulnerability in Zcash — Blockhead.Co · 2026-06-05
    Zcash founder Zooko Wilcox has publicly disclosed the details of a critical forgery vulnerability in the Orchard shielded pool that was discovered, patched, and resolved through an emergency network u…
  • Zcash was found to have a vulnerability in its issuance scheme by AI, causing ZEC to ... — Panewslab · 2026-06-05
    On June 5th, Zcash founder Zooko Wilcox disclosed on the X platform that security researcher Taylor Hornby discovered a critical forgery vulnerability in the Zcash Orchard privacy pool on May 29th. Th…
  • Morning Minute: Massive ZCash Exploit Found by Claude, Extent Unknown — Decrypt.Co · 2026-06-05
    Morning Minute is a daily written by Tyler Warner . The analysis and opinions expressed are his own and do not necessarily reflect those of Decrypt. And c heck out our new daily news show covering all…
  • Id1520762610 — podcasts.apple.com · 2026-06-05
    A -generation media company capturing the most compelling narratives in emerging technology. Hosted on Acast. See acast.com/privacy for more information. Bitcoin sellers are finally taking a break. Bu…

Timeline

  • 2026-05-29 — Vulnerability discovered by Taylor Hornby: Hornby found a forgery vulnerability in Zcash's Orchard privacy pool using Claude Opus 4.8 AI.
  • 2026-06-01 — Emergency patch deployed: Zcash Open Development Lab patched the vulnerability, restoring normal operations.
  • 2026-06-05 — ZEC price plummets: Following the vulnerability disclosure, ZEC's price dropped over 30% in 24 hours.
  • 2026-06-05 — Zooko Wilcox comments on vulnerability: Wilcox stated the likelihood of prior exploitation is low due to the vulnerability's elusiveness.

Related entities

  • Zero-day Exploit (Attack Type)
  • Shielded Labs (Company)
  • ZODL (Company)
  • Zcash (Platform)
  • Halo 2 Proving System (Platform)
  • NU5 (Platform)
  • Nu6.2 (Platform)
  • Orchard Privacy Pool (Platform)
  • Orchard Shielded Pool (Platform)
  • Anthropic Opus 4.8 (Tool)
  • Anthropic Opus 4.8 Model (Tool)
  • Claude Opus 4.8 (Tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed