@Zcash ($ZEC) has climbed roughly 10% over the past 24 hours, continuing a rebound after a brutal selloff that cut its value by more than half. The recovery came after the Zcash Open Developm
@Zcash ($ZEC) has climbed roughly 10% over the past 24 hours, continuing a rebound after a brutal selloff that cut its value by more than half. The recovery came after the Zcash Open Development Lab detailed the mechanics of an emergency fix applied to a critical flaw in the protocol's Orchard shielded pool.
The vulnerability was discovered on May 29 by security researcher Taylor Hornby, who was commissioned by Shielded Labs to conduct a protocol audit. The flaw had been present since Orchard's activation in May 2022 and was found using Anthropic's Opus 4.8 AI model.It resided in the cryptographic component governing Zcash's shielded transactions and, if exploited, would have allowed a malicious actor to create counterfeit $ZEC inside the shielded pool with no on-chain signature.
Shielded Labs confirmed the vulnerability was real and exploitable, stating that Hornby, with the help of Opus 4.8, wrote a complete exploit that generated unlimited, undetectable counterfeit ZEC in a local test environment.The Zcash Foundation said there was no evidence the bug was exploited, no unauthorized value creation, and no impact on user privacy.
The Zcash Open Development Lab coordinated an emergency response, deploying a soft fork on June 2 to disable Orchard, followed by the NU6.2 hard fork on June 3 to permanently fix the circuit.ZODL confirmed the incident in an official announcement posted on the Zcash Community Forum, stating the issue was discovered during routine auditing and security reviews.
$ZEC fell roughly 40% in early June 2026 after the network disclosed the flaw, erasing more than $3 billion from its market capitalization and pushing the price below $350. Selling pressure was amplified when BitMEX co-founder Arthur Hayes disclosed he had sold his entire ZEC position.Nansen research analyst Nicolai Sondergaard told Decrypt that "the price reaction reflects that uncertainty more than the bug itself," pointing to the core challenge: Zcash's privacy design makes it impossible to fully verify whether the bug was exploited before discovery, as the shielded pool's internal movements are not publicly visible.
Despite the turbulence, some investors viewed the dip as an opportunity. Lookonchain data showed a whale withdrew 37,316 ZEC worth $13.1 million from Binance, suggesting some investors are buying the dip.This is not Zcash's first brush with a critical cryptographic flaw. In 2019, the team disclosed a counterfeiting vulnerability in the older Sprout shielded pool that had gone undetected for years, and that bug was also never known to have been exploited.
Sources:The Block: Security researcher finds Zcash vulnerability allowing 'unlimited' counterfeit mintingDecrypt: ZEC Crashes 38% as Zcash Discloses Critical Counterfeiting VulnerabilityCrypto Times: Zcash Executes Emergency Fork After Critical Orchard Vulnerability Discovery
