A security researcher working under contract for Zcash development organization Shielded Labs discovered a critical flaw in the Orchard shielded pool on May 29, 2026, one that would have allowed an attacker to mint unlimited counterfeit ZEC without detection. The vulnerability had existed since Orchard launched in May 2022, sitting undetected for nearly four years by any of the world's top cryptographers. Developers deployed an emergency patch over four days: a soft fork activated on June 2 and a full hard fork followed on June 3, completing the response cycle.

The Orchard pool is Zcash's flagship privacy layer, introduced in 2022 with the NU5 network upgrade. It uses a zero-knowledge proof system called Halo2, which lets users prove a transaction is valid without revealing its contents. The flaw was located inside the circuit that validates those proofs: an under-constrained component tied to elliptic curve multiplication (a standard building block of cryptographic math) allowed the network to accept fraudulent transactions as legitimate. Researcher Taylor Hornby built a working exploit and confirmed it produced counterfeit tokens in a local test environment. The Zcash Community Forum's official disclosure stated the bug "could have been exploited to undetectably create an unlimited amount of counterfeit ZEC within Orchard."

What makes the discovery notable beyond the vulnerability itself is how Hornby found it. He used Anthropic's Claude Opus 4.8, a frontier AI model released just one day before the discovery, alongside a custom audit tool to construct the exploit. ZODL core developer Pacu, in comments on the incident, acknowledged the role of AI in protocol work, saying "Zcash core developers make responsible use of AI to enhance protocol development." The incident is one of the first documented cases of a major blockchain vulnerability being identified with direct assistance from a cutting-edge AI model.

After Hornby reported the issue to the Zcash Open Development Lab (ZODL), engineers confirmed the bug within hours. Developers at ZODL, the Zcash Foundation, and Shielded Labs coordinated an emergency response across multiple independent organizations. On June 2, a soft fork deployed at block 3,363,426 temporarily disabled all Orchard transactions. The following day, a full hard fork designated NU6.2 activated at block 3,364,600, replacing the flawed circuit with a corrected version and restoring shielded transactions. The upgrade was not seamless: the network experienced a four-plus hour outage on June 3, 37 blocks were orphaned, and a 25-block fork span was observed during migration. Cake Wallet, a widely used privacy wallet with a significant user base across Africa and Asia, suspended services during the disruption. Seth for Privacy, VP at Cake Wallet, noted plainly that "This means Zcash won't work due to broader network issues" during that window.

The market reacted sharply. ZEC fell roughly 31% following the public disclosure, down from a pre-incident range of approximately $587 to $596. After the fix was confirmed, the coin recovered more than 10%, climbing back above $600 even as broader crypto markets moved lower. That recovery pattern suggests investors interpreted the rapid response as confidence-positive. Before the incident, ZEC had risen approximately 1,200% from its pre-halving lows, with a market capitalization near $9.8 billion. The Orchard pool holds over 4.5 million ZEC, roughly 30% of circulating supply.

The central unresolved issue is supply integrity. Because of Orchard's privacy architecture, it is cryptographically impossible to determine whether the vulnerability was exploited at any point during the four years it existed. The Zcash Foundation confirmed "there is no evidence of unauthorized value creation" and that "user privacy was not affected," but that statement reflects the absence of observable evidence rather than a verified clean bill of health. Zcash founder Zooko Wilcox, speaking on June 5, framed the risk as low, noting that the flaw went unnoticed by top cryptographers for nearly four years and that Hornby's discovery created only a brief window before the patch closed it. That framing may be accurate, but it is not provable.

For users in South Asia and Africa, the implications are practical. In India, where regulatory pressure around privacy coins is already squeezing ZEC off domestic exchanges, the incident gives compliance officers additional grounds for avoidance. The regulatory backdrop shifted meaningfully earlier this year: the U.S. Securities and Exchange Commission closed its investigation into the Zcash Foundation in January 2026 without enforcement action, a development that contributed to ZEC's strong pre-incident performance and improved institutional posture. In Pakistan and Bangladesh, where informal capital controls drive use of privacy assets for cross-border transfers, the supply integrity question carries particular weight. Communities whose primary use case depends on trust in monetary soundness face a genuinely difficult communication problem when that soundness cannot be independently verified. In Nigeria, Ghana, and Kenya, where Cake Wallet's disruption was felt directly, even a brief service outage can push users toward stablecoins or competing assets. Shielded Labs has proposed a follow-up upgrade that would introduce turnstile accounting for Orchard tokens, a mechanism to make the total shielded supply verifiable without compromising individual user privacy. That proposal, not yet scheduled for mainnet, will be a significant test of whether Zcash's privacy architecture can satisfy both its core user base and the minimum auditability threshold that broader adoption requires.

This incident is also the fourth major security patch Zcash has issued in three months. The pattern has precedent: in 2019, a counterfeiting vulnerability in Zcash's earlier Sprout shielded pool went undiscovered for years without being exploited. The stakes are considerably higher now because Orchard holds far more value than Sprout did at the time of that earlier flaw. The recent patches followed a March 2026 Sprout pool bug, four April vulnerabilities across its two node clients, and a separate sigop counting issue disclosed on June 1. Zcash's next major upgrade, NU7, is targeting later in 2026 and has been in testnet since May 22. The pace of recent security activity may prompt additional circuit audits before NU7 reaches mainnet.