AI identifies critical bug in Zcash that could have enabled unlimited counterfeit minting

A security engineer armed with Anthropic’s Claude Opus 4.8 found a bug in Zcash’s privacy architecture that could have allowed someone to mint unlimited counterfeit ZEC tokens without anyone noticing. The flaw had been sitting quietly in the Orchard shielded pool since its activation in May 2022, roughly four years of silent exposure.

Taylor Hornby, the security engineer who discovered the vulnerability on May 29, 2026, used AI to review the Orchard circuit, the cryptographic plumbing that powers Zcash’s most advanced privacy features. The market’s reaction was swift and brutal: ZEC’s price cratered between 38% and 50%, wiping out more than $5B from a market cap that had peaked around $10B.

A $200 audit that uncovered a billion-dollar risk

The entire AI-assisted audit cost roughly $200 in API credits. The unsubsidized value of those same API tokens would have been around $20,000, meaning the audit ran on heavily discounted compute.

The vulnerability itself was a soundness bug. In zero-knowledge proof systems, “soundness” means that a malicious actor cannot create a proof that the system accepts as valid when it shouldn’t be. A soundness bug in a shielded pool means someone could theoretically forge transaction proofs, creating new tokens out of thin air while the network’s verification logic nods along approvingly.

Zcash developers moved fast once the bug was confirmed. An emergency soft fork was implemented around June 1, followed by a hard fork designated NU6.2 on June 3, 2026. The turnaround from disclosure to network-level fix was roughly five days.

DeFi integrations face new scrutiny

Several key organizations in the Zcash ecosystem, including Shielded Labs, the Zcash Foundation, and ZODL, have proposed follow-up upgrades in response. Among these is a project called “Ironwood,” which appears focused on supply verification, essentially giving the network tools to confirm that total ZEC supply matches expectations even within shielded pools.

Developers have stated no evidence of exploitation was found, but the nature of the bug means that certainty is hard to come by.

There are already signals that similar AI-assisted audits are being planned for other privacy-focused projects, including Monero.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.