Currencies38131
Market Cap$ 2.28T+0.12%
24h Spot Volume$ 29.54B-9.37%
DominanceBTC56.39%0%ETH9.52%+0.83%
ETH Gas0.07 Gwei
Cryptorank
/

Zcash Slides 30% Despite Emergency Fix for Critical Bug


Zcash Slides 30% Despite Emergency Fix for Critical Bug

Share:

AI Overview

A critical Zcash (ZEC) vulnerability that could have allowed creation of unlimited counterfeit coins—present since May 2022—was discovered by security engineer Taylor Hornby on May 29 and coincided with a >30% ZEC price drop over 24 hours. Zcash Open Development Lab coordinated an emergency hard fork on June 3 to patch an elliptic-curve multiplication bug in the Orchard shielded pool; researchers demonstrated a proof-of-concept exploit in a controlled environment and report no evidence of mainnet exploitation, while some market participants, including BitMEX co-founder Arthur Hayes, sold their ZEC holdings. The discovery, aided by AI model Claude Opus 4.8, underscores security risks for privacy-focused crypto protocols and may weigh on trust, adoption and token market dynamics.

Bearish

Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

The flaw existed since May of 2022, and was discovered by security engineer Taylor Hornby on May 29. While researchers successfully demonstrated the exploit in a controlled environment, there is currently no evidence that it was used on the live network. 

Security Flaw Sends Zcash Price Into Freefall

Zcash (ZEC) experienced a steep decline in value after the public disclosure of a critical security vulnerability that could have theoretically allowed an attacker to create an unlimited amount of counterfeit ZEC. The revelation triggered a lot of concern among investors, and contributed to a decline of more than 30% in the cryptocurrency’s price over the past 24 hours.

ZEC price action over the past 24 hours (Source: CoinCodex)

The vulnerability was discovered on May 29 by security engineer Taylor Hornby while conducting a security review on behalf of Shielded Labs. According to reports, Hornby identified a flaw in Zcash’s Orchard shielded pool, a privacy-focused component that uses advanced cryptographic techniques to conceal transaction details. After the discovery, the issue was disclosed to the Zcash Open Development Lab (ZODL), which coordinated an emergency response and deployed a hard fork on June 3 to eliminate the threat.

The flaw reportedly existed since May of 2022 and involved a weakness in an elliptic curve multiplication check used in Orchard’s cryptographic verification process. This bug could potentially allow malicious actors to bypass transaction validation mechanisms and generate counterfeit ZEC without detection. During testing, Hornby successfully created a proof-of-concept exploit capable of producing unlimited counterfeit coins in a controlled environment.

Hornby used Claude Opus 4.8, an advanced artificial intelligence model released only one day before the discovery, to assist with the targeted code review that ultimately uncovered the vulnerability. Researchers stated that if the same exploit had been executed on the live Zcash network prior to the patch, it could have resulted in undetectable counterfeit ZEC being generated in a wallet.

Despite the seriousness of the vulnerability, there is currently no evidence that it was exploited on the mainnet. BitMEX co-founder Arthur Hayes commented that while it cannot be mathematically proven that no illicit minting occurred, he believes it is unlikely that attackers successfully abused the flaw. Nevertheless, Hayes revealed that he sold his entire ZEC position after the disclosure.

Others pointed out that similar theoretical risks exist across many privacy-focused cryptocurrency protocols that rely on zero-knowledge proofs. Mert Mumtaz, CEO of Solana infrastructure company Helius, argued that vulnerabilities of this nature are not unique to Zcash and often stem from complex cryptographic circuits that are difficult to audit and monitor.

The incident also revived memories of a previous counterfeiting vulnerability discovered in Zcash’s cryptographic framework in 2018. That flaw was privately fixed before any known exploitation occurred. 

Read the article at Coinpaper

In This News

Coins

$ 499.73

-0.18%

$ 78.00

-1.59%

$ 0.756

-32.8%

Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share:

In This News

Coins

$ 499.73

-0.18%

$ 78.00

-1.59%

$ 0.756

-32.8%

Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share: