ZEC peaked at $611 before plunging to $421 after news broke of a zero-knowledge proof circuit flaw in the protocol's Orchard pool. The vulnerability, lurking deep within the cryptographic core of Zcash’s private transaction system, could have led to unlimited counterfeit Zcash (ZEC) without detection, according to CryptoSlate.

Taylor Hornby, a security researcher at Shielded Labs, discovered this flaw on May 29 during a protocol security review. Hornby harnessed the power of Anthropic’s Opus 4.8, utilizing a custom AI harness and prompts to identify the exploit. Opus 4.8, released just a day prior on May 28, proved instrumental in uncovering the flaw within hours. ZODL engineers swiftly confirmed the vulnerability, prompting Zcash to initiate an emergency soft fork followed by a hard fork to address the issue.

Despite Zcash’s official assertion that no unauthorized value creation took place on the mainnet, the exploit's existence casts doubt over the supply's integrity. Shielded Labs underscores the difficulty in proving that the supply was never tampered with due to Orchard’s privacy properties. They have proposed an upgrade to route coins through turnstile accounting for direct verification of supply integrity.

The urgency of the response was evident. The soft fork, activated at 02:00 UTC on June 2, temporarily disabled Orchard actions. Just a day later, at 00:05 EDT on June 3, the NU6.2 hard fork restored functionality after replacing the compromised circuit. The entire process, from discovery to remediation, took less than five days—a testament to Zcash's agile response.

Yet this incident is part of a broader trend. AI-assisted exploits are increasingly targeting the very foundation of cryptocurrencies. The February 2026 incident where Octane’s AI found a flaw in Nethermind is a case in point. Such vulnerabilities, whether in execution clients or proof circuits, demand coordinated responses to preempt potential exploits.

Privacy coins like Zcash inherently juxtapose transparency and confidentiality. When a soundness bug emerges, the same privacy that protects users also makes it near impossible to audit for counterfeit creation. The Zcash Foundation’s turnstile mechanism offers some assurance, yet it only tracks value flow without revealing individual transactions. Shielded Labs’ proposed upgrade aims to enhance this by ensuring route coins through turnstile accounting for on-chain verification.

In 2025 alone, $2.87 billion was stolen across nearly 150 hacks according to TRM Labs, highlighting the concentrated attacks on operational and cryptographic infrastructure. Wallet compromises are surging, as Hacken’s 2026 report notes $482.6 million stolen in just one quarter. This underscores the urgent need for robust security measures at every layer of the cryptocurrency environment.

More from Coin Times

MARKETS

Bitcoin Slides as $3.45B Flows Out of ETFs—AI Gains

As $3.

The flaw in Zcash's Orchard protocol originated within the zero-knowledge proof circuit, a critical component of its privacy-focused transaction system. This circuit is designed to ensure transaction confidentiality while maintaining the integrity of the supply. However, the soundness bug allowed the proof system to accept invalid inputs, potentially leading to undetected counterfeit ZEC.

The update process required to fix this flaw involved a consensus-level change, a significant undertaking that necessitated coordinated agreement among miners, exchanges, wallet providers, and infrastructure operators. This was accomplished within a compressed timeline, showcasing the collaborative effort required to maintain blockchain security.

AI technologies like Anthropic’s Opus 4.8 are playing a crucial role in identifying vulnerabilities within complex cryptographic systems. The use of AI in security reviews allows for the rapid detection of issues that may not be immediately apparent through traditional methods. However, the reliance on AI also introduces new challenges, as adversaries can utilize similar technologies to find and exploit vulnerabilities before they are patched.

As AI-assisted reviews become the norm, every blockchain’s security posture must evolve faster than adversaries can exploit these vulnerabilities. The Zcash incident serves as a stark reminder of the importance of robust security measures and the need for continuous vigilance in the face of evolving threats.

The Zcash Foundation's turnstile mechanism provides a level of assurance by tracking aggregate value flows between shielded pools without revealing individual transactions. However, this approach is not foolproof, as it relies on probabilistic assurance rather than cryptographic certainty. Shielded Labs’ proposed upgrade would route existing Orchard coins through turnstile accounting, creating an on-chain record that anyone could verify, thereby enhancing supply integrity.

Until such upgrades are implemented, the gap between "no detected exploitation" and "provably clean supply" remains a concern. This incident highlights the need for ongoing improvements in blockchain security and the importance of proactive measures to protect against potential threats.

As the cryptocurrency landscape continues to evolve, the integration of AI in security reviews and the development of more sophisticated cryptographic mechanisms will be crucial in safeguarding the integrity of blockchain systems. The lessons learned from the Zcash incident will undoubtedly inform future efforts to enhance the security and resilience of cryptocurrencies.