Zcash Orchard exploit reveals cryptographic supply integrity gap
In brief
- AI-assisted exploit in Zcash Orchard discovered May 29 could generate unlimited counterfeit ZEC
- Emergency soft fork June 2, hard fork June 3 disabled and replaced faulty zero-knowledge circuit
- Orchard's privacy properties make cryptographic supply integrity proof impossible
- No mainnet exploitation evidence; patch deployed in under 5 days
The Discovery and the Flaw
Taylor Hornby, a security researcher at Shielded Labs, discovered the exploit on May 29 during a targeted protocol security review. Hornby used Anthropic's Opus 4.8 (released May 28) alongside a custom AI harness and prompts to produce a complete local exploit in a regtest environment. The exploit originated in the zero-knowledge proof circuit that powers Orchard, Zcash's newest shielded pool.
Orchard's proof circuit contained a soundness bug: a proof system accepted something it should have rejected. The practical implication was stark. If applied to mainnet, the exploit could have generated unlimited counterfeit ZEC within Orchard without detection.
Emergency Response and the Supply Integrity Gap
ZODL engineers confirmed the flaw within hours, and Zcash executed an emergency soft fork followed by a full consensus hard fork to close it. The emergency soft fork was activated at 02:00 UTC on June 2 at block 3,363,426, temporarily disabling Orchard actions. The NU6.2 hard fork followed on June 3 at 00:05 EDT at block 3,364,600, replacing the circuit and restoring full Orchard functionality.
Yet the speed of the fix masks a deeper problem. Zcash's official position is that there is no evidence of mainnet exploitation and no unauthorized value creation has been detected. But Shielded Labs takes a harder stance.
Shielded Labs holds a harder line, warning that Orchard's privacy properties make it cryptographically difficult to prove the supply was never tampered with, and proposing a further upgrade to route coins through turnstile accounting so anyone can verify integrity directly.
The irony is sharp: Orchard's privacy design—the feature that makes it valuable—also makes it nearly impossible to audit retroactively. Privacy and auditability sit in tension. You can't verify what you can't see.
Market Impact and Broader Context
ZEC traded as high as $611 intraday before the disclosure and fell sharply, settling around $421 as the market priced the risk in. The price action reflected not just the exploit itself but the uncertainty embedded in Shielded Labs' warning.
The incident fits a troubling pattern. In February 2026, Octane disclosed that its AI found a high-severity bug in Nethermind, an Ethereum execution client, that could have caused local block production to stop for roughly 38% of Ethereum validators. A January 2026 arXiv paper on AI-agent exploit generation found a 63% success rate on a smart contract benchmark. AI-assisted exploits are moving from targeting DeFi protocols to directly affecting the money layer. TRM Labs' 2026 Crypto Crime Report counted $2.87 billion stolen across nearly 150 hacks in 2025.
The Zcash team moved fast. But the vulnerability wasn't caught before an AI system found it—and that's the real story.
