Zcash Orchard Vulnerability Found With Claude, ZEC Drops 30%

The flaw lived deep in Orchard’s zero-knowledge proof system. Left unpatched, it could have let a single user forge valid-looking proofs. As a result, that user could have created fake ZEC that nobody could detect on-chain.

What the Zcash Orchard Vulnerability Actually Was

Orchard is Zcash’s newest shielded pool. It launched in May 2022 with the NU5 network upgrade. It uses Halo 2, a zero-knowledge proof system that keeps transactions fully private.

Unlike Zcash’s older Sprout and Sapling pools, Halo 2 needs no trusted setup. That design choice removed one risk, yet the proof circuit still had to be perfect. This bug shows why.

The bug sat in an under-constrained elliptic-curve multiplication gadget. In plain terms, the math circuit that checks one key operation had a loophole.

Security researcher Taylor Hornby found the issue on May 29. Shielded Labs had contracted him to audit the protocol.

According to the disclosure, an attacker could feed the circuit fake numbers. The network would still accept the proof as valid. So the door was open to counterfeiting or double-spending inside the pool.

The specific weakness lived in the ecc::chip::mul function of the halo2_gadgets crate. It is a cryptographic soundness bug, not a wallet or node software issue.

How Claude Opus 4.8 Helped Build the Exploit

The discovery has drawn attention for one reason. Hornby credited Anthropic’s Claude Opus 4.8 with helping him write a working exploit.

Anthropic released the model on May 28, just one day before the find. According to the Zcash disclosure, the tool generated unlimited counterfeit ZEC in a local test environment.

In a forum post, Zooko Wilcox, Jason McGee, and Hornby described the result plainly.

Taylor, with the help of Opus 4.8, wrote a complete exploit which, when he tested it in a local regtest environment, generated unlimited, undetectable counterfeit ZEC.

Anthropic has not commented publicly. For now, the AI-assistance claim rests only on the Zcash and Shielded Labs disclosure.

A Five-Day Race to Patch the Network

Hornby disclosed the bug privately to the Zcash Open Development Lab late on May 29. The team confirmed it within days.

Developers then coordinated quietly with miners and exchanges. On June 2, an emergency soft fork shipped through Zebra 4.5.3.

That update temporarily disabled all Orchard actions at block 3,363,426. In effect, it froze the risky feature while a full fix was prepared.

The next day, a hard fork called NU6.2 activated through Zebra 5.0.0. It went live at block 3,364,600 and re-enabled Orchard with a patched circuit.

According to the Zcash Foundation, the patch pinned a new verifying key and added stricter proof-size checks. So the loophole is now closed, and shielded transactions work again.

Why No One Can Prove the Bug Was Never Used

Here lies the hardest part of the story. Orchard is private by design, so its full transaction history stays shielded.

Because of that privacy, there is no way to cryptographically prove whether anyone exploited the flaw earlier. Zcash developers stated this point directly.

The network’s turnstile mechanism tracks total supply across all value pools. It confirms that the overall ZEC supply stayed intact.

However, the turnstile cannot reveal hidden counterfeits inside Orchard itself. So far, the Zcash Foundation reports no evidence of unauthorized value creation.

According to the foundation, the team caught the issue before any known exploitation occurred. Still, the privacy trade-off means full certainty is impossible.

ZEC Price Drops as Traders React to the Zcash Orchard Vulnerability

The market reacted fast. ZEC fell between roughly 27% and 33% over 24 hours, according to CoinGecko data.

The token slid from above $600 toward the $400 to $455 range. Meanwhile, 24-hour trading volume surged to around $1.4 billion.

Market cap dropped to about $6.8 billion. Even so, the sell-off stayed largely contained to ZEC.

Monero slipped only 3% to 4%, while Dash held roughly steady. In short, traders treated this as a Zcash-specific event.

This article is not financial advice. As always, do your own research before making any investment decision.

A Pattern of Fast Security Fixes

This is not the first time Zcash has scrambled to close a serious flaw. In March 2026, developers patched a Sprout pool verification bug within days through version 6.12.0.

April 2026 then brought another round of multi-vulnerability fixes across zcashd and Zebra. So the team already had a tested playbook for emergency coordination.

Governance also spreads across several groups. The Electric Coin Company, the Zcash Foundation, the Open Development Lab, and Shielded Labs each played a role here.

Shielded Labs funded the independent audit that surfaced this Zcash Orchard vulnerability. As a result, an outside researcher caught the bug before any attacker did.

What Comes Next for Zcash

The fix is live, and Orchard is running normally again. Still, the episode has reopened a debate about auditing private blockchains.

Zcash developers have floated a new turnstile upgrade for Orchard to strengthen future supply checks. They have also pointed to formal verification as a longer-term goal.

The community response has leaned toward relief and praise for the fast disclosure. For many holders, the bigger story is that AI tooling now sits inside the security audit process.

Readers can follow the official details through the Zebra security advisory and the Zcash Foundation blog.