The flaw existed since May of 2022, and was discovered by security engineer Taylor Hornby on May 29. While researchers successfully demonstrated the exploit in a controlled environment, there
The flaw existed since May of 2022, and was discovered by security engineer Taylor Hornby on May 29. While researchers successfully demonstrated the exploit in a controlled environment, there is currently no evidence that it was used on the live network.
Zcash (ZEC) experienced a steep decline in value after the public disclosure of a critical security vulnerability that could have theoretically allowed an attacker to create an unlimited amount of counterfeit ZEC. The revelation triggered a lot of concern among investors, and contributed to a decline of more than 30% in the cryptocurrency’s price over the past 24 hours.
ZEC price action over the past 24 hours (Source: CoinCodex)
The vulnerability was discovered on May 29 by security engineer Taylor Hornby while conducting a security review on behalf of Shielded Labs. According to reports, Hornby identified a flaw in Zcash’s Orchard shielded pool, a privacy-focused component that uses advanced cryptographic techniques to conceal transaction details. After the discovery, the issue was disclosed to the Zcash Open Development Lab (ZODL), which coordinated an emergency response and deployed a hard fork on June 3 to eliminate the threat.
The flaw reportedly existed since May of 2022 and involved a weakness in an elliptic curve multiplication check used in Orchard’s cryptographic verification process. This bug could potentially allow malicious actors to bypass transaction validation mechanisms and generate counterfeit ZEC without detection. During testing, Hornby successfully created a proof-of-concept exploit capable of producing unlimited counterfeit coins in a controlled environment.
Hornby used Claude Opus 4.8, an advanced artificial intelligence model released only one day before the discovery, to assist with the targeted code review that ultimately uncovered the vulnerability. Researchers stated that if the same exploit had been executed on the live Zcash network prior to the patch, it could have resulted in undetectable counterfeit ZEC being generated in a wallet.
Despite the seriousness of the vulnerability, there is currently no evidence that it was exploited on the mainnet. BitMEX co-founder Arthur Hayes commented that while it cannot be mathematically proven that no illicit minting occurred, he believes it is unlikely that attackers successfully abused the flaw. Nevertheless, Hayes revealed that he sold his entire ZEC position after the disclosure.
Others pointed out that similar theoretical risks exist across many privacy-focused cryptocurrency protocols that rely on zero-knowledge proofs. Mert Mumtaz, CEO of Solana infrastructure company Helius, argued that vulnerabilities of this nature are not unique to Zcash and often stem from complex cryptographic circuits that are difficult to audit and monitor.
The incident also revived memories of a previous counterfeiting vulnerability discovered in Zcash’s cryptographic framework in 2018. That flaw was privately fixed before any known exploitation occurred.
