Zcash's proposed Ironwood upgrade could help restore trust following the discovery of a critical vulnerability in the Orchard shielded pool. The proposal would allow users to independently ve
Zcash's proposed Ironwood upgrade could help restore trust following the discovery of a critical vulnerability in the Orchard shielded pool. The proposal would allow users to independently verify Zcash's circulating supply immediately after activation by running a node and checking balances across active pools. This directly addresses the main concern raised by the Orchard flaw, which made it impossible for users to independently verify whether counterfeit ZEC had ever been created.
The proposal follows a turbulent period for Zcash. After the vulnerability disclosure, the project's market value fell by more than $3 billion as investors reacted to concerns about supply integrity. While developers say there is no evidence that the flaw was exploited, Ironwood is designed to remove uncertainty and restore verifiability.
The issue involved Zcash's Orchard shielded pool, a privacy-focused transaction system introduced to improve the network's shielded transaction capabilities.
Security engineer Taylor Hornby discovered the vulnerability on May 29 while working with Shielded Labs. The flaw was responsibly disclosed to the Zcash Open Development Lab (ZODL), which coordinated an emergency network upgrade with ecosystem participants.
Researchers said the vulnerability could theoretically have allowed an attacker to create unlimited counterfeit ZEC by bypassing a cryptographic verification process.
A targeted audit helped uncover the issue, with assistance from Anthropic's Claude Opus 4.8 AI model, which was used to analyze the cryptographic circuit underlying the Orchard privacy pool.
According to developers:
The challenge is that Orchard's privacy features make it impossible to cryptographically prove whether the vulnerability was exploited before it was patched.
The main goal of Ironwood is to restore supply verifiability.
Before the vulnerability was discovered, users could trust that Zcash's consensus rules enforced the correct supply. The flaw introduced uncertainty because users could no longer independently confirm that no counterfeit ZEC existed.
According to Zcash co-founder Zooko Wilcox-O'Hearn, Ironwood would immediately restore every user's ability to verify the soundness of the circulating supply simply by running a node.
This means users would not need to rely on assumptions about the behavior or incentives of other participants.
Ironwood would introduce a new shielded pool built on the Orchard protocol with the vulnerability fixed.
The proposal includes several key changes:
The objective is to ensure that users can independently verify Zcash's circulating supply immediately after activation.
A key part of the proposal is Zcash's turnstile mechanism.
Turnstiles track how much ZEC enters and exits shielded pools. They reject transactions that attempt to move out more ZEC than was legitimately deposited.
Once Ironwood activates:
Because of these restrictions, users do not need to wait for everyone to migrate funds before verifying the circulating supply.
Developers believe Ironwood could also provide evidence about whether the vulnerability was ever exploited.
As users migrate funds from Orchard into Ironwood, a hypothetical counterfeiter would face a difficult choice.
If no excess ZEC attempts to leave Orchard, it would provide strong evidence that the vulnerability was never exploited.
Developers argue that anyone holding counterfeit funds would have a strong incentive to move them before migration activity concludes.
If excess ZEC attempts to leave Orchard:
Developers say they believe this outcome is unlikely based on current analysis.
The Ironwood transition is expected to be straightforward for users.
Wallet providers are being encouraged to support the new pool and help users migrate funds after activation.
Developers note that migration does have privacy implications because transfer amounts and timing become visible during the move. However, they believe wallet design can reduce the impact.
ZODL currently targets activation for late July 2026.
The timeline depends on:
Another important factor is the ongoing deprecation of zcashd.
ZODL, the Zcash Foundation, Shielded Labs, Tachyon Group, and Valar Group are working on migration efforts that include Zebra adoption, Zallet development, wallet support updates, and infrastructure coordination. These efforts are expected to influence the final deployment timeline.
Ironwood is designed to address the primary concern left by the Orchard vulnerability: supply verification. By introducing a new shielded pool, restricting activity within the current Orchard pool, and relying on turnstile accounting, the proposal would allow users to independently verify Zcash's circulating supply immediately after activation.
Combined with formal verification, independent audits, and additional security reviews, Ironwood aims to strengthen confidence in Zcash's supply integrity while maintaining the network's privacy-focused design.
