AI-Assisted Audit Uncovers Critical Zcash Flaw, Triggering 38% ZEC Selloff

An AI-assisted security review uncovered a four-year-old flaw in Zcash’s Orchard shielded pool that could have allowed unlimited counterfeit ZEC, triggering a sharp selloff and renewed debate over software auditing in crypto. The disclosure led some security researchers to warn that similar undiscovered bugs may exist across crypto and banking software.

Opus 4.8 Helped Researcher Find Critical Orchard Bug Within 24 Hours

Independent security engineer Taylor Hornby, hired by Shielded Labs in April for an ongoing protocol review, discovered the vulnerability on May 29 using a custom AI auditing framework paired with Opus 4.8, which Anthropic had released the day before. The flaw had been present since Orchard’s activation in May 2022.

The bug stemmed from an under-constrained element of the Orchard circuit that allowed false inputs to pass an elliptic curve multiplication check and still validate. In simple terms, a missing constraint in Orchard’s proof system let invalid inputs pass a key mathematical check. Hornby wrote a complete exploit program that successfully generated counterfeit ZEC in a local test environment before reporting the issue.

Because Orchard hides balances and amounts using zero-knowledge proofs, any counterfeit tokens produced through the exploit would have been indistinguishable from legitimate ZEC.

Shielded Labs said in its disclosure that prior exploitation appears unlikely but cannot be ruled out cryptographically, explaining that the privacy properties that make the system valuable are the same properties that make exploitation undetectable.

Zcash Patched the Flaw Before Public Disclosure

Zcash completed an emergency network response by June 2, with public disclosure following after the fix was already live. Zcash founder Zooko Wilcox disclosed the details publicly on June 5.

ZEC fell nearly 38% in the 24 hours following disclosure, erasing billions of dollars in market capitalization. Investor Arthur Hayes said he sold his entire ZEC position, citing the inability to cryptographically prove no counterfeiting occurred as incompatible with his thesis around the token’s privacy guarantees.

Shielded Labs has proposed a network upgrade it calls “turnstile accounting,” which would route existing Orchard coins through a verifiable checkpoint to expose any counterfeited supply. The proposal requires community governance approval through Zcash’s standard upgrade process, with a detailed plan expected the following week.

Security Experts Say Zcash Flaw May Not Be an Isolated Case

Several industry figures said the incident may point to wider software-security risks in crypto and finance, beyond the specific Zcash flaw itself. Dragonfly managing partner Haseeb Qureshi, whose firm is an early Zcash investor, framed the discovery as a net positive for the industry.

Formally verified cryptography can’t have implementation bugs by construction. Right now AI is surfacing vulnerabilities across all our software […] browsers, OSes, and blockchains are no exception.

SingularityNET CEO Ben Goertzel told CoinDesk that other cryptocurrencies are not vulnerable to this specific bug, which he described as a logic error specific to the Zcash implementation.

He said other cryptocurrencies are “certainly very much likely to possess similar vulnerabilities, which are likely to be found by AI tools in the coming weeks and months,” and that banking software is “very likely to embody serious bugs to be found by AI tools in the near future as well.”

A subsequent Anthropic audit of Zcash, conducted at Shielded Labs’ request using its Mythos model, did not identify any further serious bugs in the protocol, Wilcox said in a June 13 post.