Particle.news
Download on the App Store

Zcash Restores Shielded Pool After Counterfeiting Flaw

Developers patched Orchard and reopened shielded transactions while users still cannot cryptographically prove whether counterfeit ZEC was ever created.

Overview

  • Security researcher Taylor Hornby, using AI-assisted tools, found a soundness counterfeiting bug in Orchard on May 29, and developers disabled Orchard with an emergency soft fork on June 2 before deploying the NU6.2 hard fork on June 3 to restore functionality.
  • The flaw lay in Orchard’s zero-knowledge circuit and could have let an attacker mint undetectable ZEC inside the shielded pool by breaking the circuit’s soundness guarantees.
  • Zcash teams report no on-chain evidence the bug was exploited and no confirmed loss of user funds, but Orchard’s privacy design makes definitive, independent proof impossible.
  • Public disclosure caused extreme market stress, with ZEC falling roughly 30–57%, large liquidations, and a 37,316 ZEC withdrawal from Binance to a new wallet after the price crash.
  • Critics faulted a small group of developers for coordinating the emergency fix directly with dominant mining pools, and core contributors have proposed Ironwood, turnstile accounting, formal verification, and wider audits to restore trust with a target migration window in late July.