Why did Zcash (ZEC) fall more than 30%?

Zcash fell more than 30% after the public disclosure of a critical vulnerability in its Orchard privacy pool. The bug could theoretically have allowed an attacker to create unlimited counterfeit ZEC, raising concerns about the integrity of the cryptocurrency's supply despite the flaw already being patched.

What was the Zcash counterfeit vulnerability?

The vulnerability affected Zcash's Orchard shielded pool and allowed false inputs to pass a cryptographic verification check. In theory, this could have enabled an attacker to generate unlimited counterfeit ZEC that would be difficult to detect within the privacy-focused system.

Was the Zcash bug exploited on the live network?

There is currently no evidence that the vulnerability was exploited on the Zcash mainnet. However, researchers say there is no cryptographic way to prove with certainty that no one used the exploit before it was fixed, which is a key reason investors reacted negatively.

How was the Zcash vulnerability discovered?

Security engineer Taylor Hornby discovered the bug on May 29 while conducting a targeted security review for Shielded Labs. The review was assisted by Anthropic's Claude Opus 4.8 AI model, which helped analyse the complex cryptographic code underlying Orchard.

What role did Anthropic's Claude AI play in finding the bug?

Claude Opus 4.8 was used as an auditing tool to assist in reviewing Zcash's cryptographic circuits. Researchers said the AI helped identify a subtle flaw that had previously escaped years of expert review, although the discovery still required significant human expertise and validation.

Has the Zcash vulnerability been fixed?

Yes. The Zcash Open Development Lab implemented an emergency response and activated a hard fork on June 3 to patch the vulnerability. Researchers say the flaw can no longer be exploited on the updated network.

Why are investors still worried if the bug is fixed?

The main concern is uncertainty over whether counterfeit ZEC may have been created before the patch was deployed. Because Orchard is a privacy-focused system, proving that no exploitation occurred is difficult, creating lingering concerns about the token supply.

What did Arthur Hayes say about the Zcash vulnerability?

BitMEX co-founder Arthur Hayes said it was unlikely that counterfeit ZEC had been minted through the exploit. However, he acknowledged that it could not be cryptographically proven impossible and said he sold his entire ZEC position following the disclosure.

Image for illustrative purposes only. Not a real photo.

Zcash loses $3B after AI bug discovery

Written by Heidi Cuthbert Published Jun 5, 2026, 5:47 AM

Zcash’s market value fell by more than $3 billion after the disclosure of a critical vulnerability that could theoretically have allowed attackers to create unlimited counterfeit ZEC tokens.

Security engineer Taylor Hornby discovered the flaw on May 29 while working with Shielded Labs and reported it to the Zcash Open Development Lab, which deployed an emergency hard fork on June 3 to patch the issue.

“If he had run the same tool on Zcash mainnet it would have generated unlimited, undetectable counterfeit ZEC in his mainnet Zcash wallet,”

The security researchers said.

The vulnerability affected Zcash’s Orchard shielded pool and allowed false inputs to bypass a cryptographic verification process designed to validate transactions.

Researchers said the primary concern is that Orchard’s privacy features make it impossible to cryptographically prove whether the exploit had been used before the patch was deployed.

The flaw was discovered during a targeted audit assisted by Anthropic’s Claude Opus 4.8 AI model, which helped analyse the cryptographic circuit underpinning the Orchard privacy pool.

Shielded Labs said it is working with Zcash developers on a future upgrade that would allow users to verify the integrity of the ZEC supply and demonstrate the absence of counterfeit tokens within the Orchard pool.

At the time of reporting, Zcash price was $390.65.