A soundness bug in Zcash's Orchard zero-knowledge proof circuit could have let an attacker create unlimited counterfeit ZEC. Security researcher Taylor Hornby found the flaw on May 29, 2024, using Anthropic's Opus 4.8 AI model with a custom harness to build a working local exploit. Zcash responded with an emergency soft fork on June 2 at block 3,363,426 and a NU6.2 hard fork the next day at block 3,364,600 — full functionality restored within five days of discovery.
How the bug was found
Hornby didn't just stumble across the vulnerability. He used Anthropic's latest AI to generate a working exploit against Zcash's Orchard protocol — the privacy-focused pool that handles shielded transactions. The bug was a soundness flaw in the zero-knowledge proof circuit. In plain terms, it meant a malicious actor could forge proofs to mint ZEC out of thin air. Zcash asserts no mainnet exploitation occurred, and the 21 million ZEC supply cap was preserved by the turnstile mechanism that tracks value movement between pools. But there's a catch.
The patch and its limits
Shielded Labs, the development group behind Zcash, warns that Orchard's privacy properties make it cryptographically impossible to verify whether the supply was actually compromised. The very anonymity that makes Zcash useful also means there's no way to prove the turnstile wasn't bypassed during the roughly four days between discovery and patch. Shielded Labs is now advocating for mandatory verification upgrades — something the community will have to debate. Meanwhile, ZEC's price took a hit, dropping from $611 to $421 after disclosure. That's a market differentiating between 'patched' and 'proven clean.'
What it says about AI in crypto security
This isn't an isolated incident. AI-assisted exploits are moving from application-layer protocols to the foundational monetary layers of crypto. A similar pattern showed up in the October 2026 Nethermind vulnerability that affected 38% of Ethereum validators. And a January 2026 arXiv paper documented a 63% success rate for AI agents generating exploits on smart contract benchmarks. The cycle is accelerating — find a bug, patch it, hope nobody found it first. With Zcash, the timing of the discover and the nature of the bug raise hard questions about how long 'safe' really lasts when AI can weaponize a proof-of-concept in hours.
For now, the Zcash network is running again. But the turnstile can't vouch for what happened in the gap. The community will need to decide whether to adopt mandatory verification — and whether that's even compatible with the privacy the chain was built for.
