Zcash has lost more than $5 billion in market value due to developers. Using Anthropic’s Claude AI, we discovered a long-standing flaw in one of our privacy systems. Counterfeit tokens are easily created without being detected.
Following this disclosure, ZEC fell more than 50% to $255, before recovering to around $321 as of press time, according to CryptoSlate data. This marks a sharp reversal for the asset, which has risen more than 1,000% over the past year as traders revived widespread bets on financial privacy.
Due to the price decline, the market capitalization of privacy-focused tokens fell from about $10 billion to about $4.5 billion during the reporting period. As of this writing, the amount has reached $5.3 billion.
Still, Zcash’s developers claim that the vulnerability was discovered before an attacker could use it, was patched within days, and was resolved with an emergency network upgrade.
However, this disclosure poses more difficult questions for Zcash investors. The question is, how much assurance does the market need when the affected systems are built to hide transaction amounts and wallet history by design?
Rally of private funds collapses due to information disclosure
Zcash was launched in 2016 as one of the earliest attempts to build private digital money. Unlike Bitcoin, where anyone can track balances and transactions through a ledger.
Zcash allows users to move funds through shielded addresses that obscure the amount, sender, and recipient. This design renews the token’s importance as governments, exchanges, and analytics firms expand their ability to monitor public blockchains.
According to Zechub data, approximately 30% of ZEC in circulation (equivalent to over 5 million coins) currently resides in shielded addresses.
The recent rise reflects that change. Traders had treated ZEC as one of the most obvious vehicles for privacy trading, in part due to growing concerns about surveillance, artificial intelligence and state access to financial data.
But momentum suddenly reversed after Shielded Labs released detailed information about vulnerabilities in Orchard, Zcash’s state-of-the-art shielded pool.
Shielded Labs said the flaw was discovered on May 29 by security engineer Taylor Hornby, who was engaged in April to explore vulnerabilities in the protocol before malicious actors discovered them.
Hornby used Anthropic’s Opus 4.8 artificial intelligence model in conducting a targeted review of Orchard’s cryptographic circuits.
In this review, we discovered a bug that could allow an attacker to create counterfeit ZECs within Orchard without being detected. According to Shielded Labs, Hornby created a complete exploit and tested it locally, which generated an unlimited number of potentially valid counterfeit ZECs.
Mr. Hornby immediately reported the issue to the Zcash Open Development Lab, which coordinated an emergency response.
Network developers then introduced temporary network changes that disabled the affected Orchard actions before deploying a hard fork upgrade that fixed the vulnerability and restored full functionality.
This bug has been living in Zcash’s shielded pool for years
This vulnerability was especially tricky because Orchard has been active since May 2022. This means that the flaw has been present for approximately four years, despite repeated reviews by cryptographers, engineers, and auditors.
To the layperson, this issue can be understood as a flaw in the rulebook governing private Zcash transactions.
Shielded transactions include mathematical proofs that show they follow the protocol’s rules without revealing the coin’s amount or history. In Orchard’s case, one of those rules was so loosely written that false information could pass as valid.
Essentially, the flaw was in the implementation of the Orchard Circuit, a set of instructions that determines whether or not to accept a private transaction.
A transparent blockchain makes it easy to inspect supply issues as balances and transfers are visible. In a shielded pool, the system intentionally hides that information and the user relies on the accuracy of the circuitry to ensure that all private transactions follow the rules.
Mert Mumtaz, co-founder and CEO of Helius, pointed out that most privacy protocols have this vulnerability, arguing:
“Theoretically, with the zk privacy protocol (not just zcash), there could be a bug in the circuitry that would inflate the supply if someone very sophisticated found it and somehow exploited it undetected (the difference with regular defi exploits is that it’s harder to detect).”
This is one of the reasons why the market reaction to the Zcash lawsuit was so harsh.
Zcash developers said there was no evidence that the bug was exploited, but several Zcash backers argued that the quick rollout and patch showed the network’s security processes were working.
By way of background, Gemini co-founder Cameron Winklevoss said:
“Zcash has unparalleled cryptographers, security engineers, and security researchers. Our community is also focused on continually improving and strengthening our network, which is why we engage world-class security researchers to look for bugs. And that’s why the latest potential exploit was discovered. This is no coincidence, it’s a vote of confidence, not a reason to be alarmed.”
But privacy coins have narrowed the room for doubt. Its value depends not only on confidentiality, but also on confidence that confidentiality does not weaken the underlying financial security.
For this reason, BitMEX co-founder Arthur Hayes said he sold all his positions in ZEC after reevaluating his privacy doctrine. Hayes said that while it was unlikely that counterfeit ZECs were created, the failure to formally prove that point changed his view of the transaction.
He said:
“When it comes to privacy with AI, governments, and big tech companies, we want perfection, not improbability.”
Shielded Labs directly acknowledged that uncertainty and acknowledged that there is no definitive way to cryptographically alone determine whether an exploit has occurred prior to remediation.
The proposed fix shifts the burden back to verification
Due to the current market uncertainty, Shielded Labs has proposed a network upgrade that creates new shielded pools and uses turnstiles for coins moving from Orchard.
Market participants noted that the proposal is an attempt to answer core market concerns. If Zcash cannot prove that counterfeit coins were not created using Orchard’s internal records alone, it may try to force a migration path that adjusts the value as the coins transition to the new system.
The process is both technically complex and socially sensitive. If there are no counterfeit ZECs, migration may help restore trust. In the event of a discrepancy, the community will face more difficult questions about which balances to honor and how to protect users holding funds in affected pools.
Meanwhile, Josh Swihart, founder of Zcash-focused company ZODL, said the more important long-term question is how to prevent similar vulnerabilities from happening again. He pointed to formal verification, the process of using mathematical proofs to ensure that a circuit’s implementation matches the intended rules.
Formal validation reduces reliance on human review of large and complex rulebooks. Instead of asking auditors to catch all edge cases through inspection, developers can create a concise specification and use computer-checked proofs to verify that their implementation complies with it.
This approach is becoming increasingly important as privacy systems become more sophisticated. Orchard is built for performance and includes special cases that make manual review difficult. If the circuit were simpler and formally verified, the surface area for this kind of mistake could be reduced.
Zcash developers and associated teams currently have multiple security initiatives in progress, including continued work with Hornby, formal validation of Orchard’s circuitry, and the hiring of additional security.
Shielded Labs also said a detailed proposal for supply verification upgrades could be announced soon.
AI turns old bugs into immediate market risks
The Zcash disclosure highlights a fundamental shift in the economics of software security. Artificial intelligence did not create the Orchard vulnerability, but it significantly shortened the timeline for hidden risks to be publicly discovered.
This acceleration poses systemic challenges to the broader digital asset sector.
Cryptocurrency protocols rely on open source code and complex financial logic to manage large pools of capital, making them highly attractive targets. Decentralized finance (DeFi) applications, cross-chain bridges, and layer 1 blockchains all suffer from fundamental bugs that were overlooked during initial audits.
This threat is moving at a pace that alarms industry veterans. Last month, OpenZeppelin co-founder Manuel Aráoz warned that AI agents can now identify vulnerabilities much faster than human reviewers and urged investors to exit DeFi altogether.
The warning comes as the DeFi sector faces increasing pressure after losing more than $1.1 billion to exploits over the past year.
Compounding these structural fears is Anthropic’s quiet publication of the Claude myth. An AI model that searches for vulnerabilities has been deemed too dangerous for public release by the San Francisco-based company, highlighting the potential for sudden and irreparable loss if such a tool falls into the wrong hands.
In an interview with CryptoSlate, Deddy Lavid, CEO of blockchain security firm Cybers, highlighted the scale of the problem, estimating that the sector’s economic exposure to AI exploits ranges well into the hundreds of millions to billions of dollars.
Ultimately, AI is a double-edged sword for blockchain infrastructure. As these models become more sophisticated, they will significantly reduce the cost and effort required for attackers to find weaknesses, while providing defender researchers with the tools to patch more quickly.
The reality of this dual use has shaped reactions from prominent crypto executives. Grayscale Chairman Barry Silbert positioned the Zcash episode as clear evidence that digital assets have entered a fully “AI-enabled” threat environment.
However, industry advocates argue that the fundamentals of protocol defense remain the same.
Gemini co-founder Tyler Winklevoss pointed out that software security has always been an ongoing competition between developers and malicious attackers.
He says artificial intelligence has only accelerated the pace of both. He said:
“AI will not change this cat-and-mouse game, it will only accelerate it. All software has to run this game. There is no escape from this game.”
