On May 29, 2026, a security researcher named Taylor Hornby found a critical vulnerability in Zcash’s Orchard shielded pool. The bug had been sitting undiscovered since Orchard launched in May 2022, four years of cryptographers reviewing the same circuit without finding it. What changed was the tool Hornby used. One day after Anthropic released Claude Opus 4.8, Hornby applied it as part of a targeted security audit of the Orchard zero-knowledge proof circuit. Within hours, the vulnerability was found.
The vulnerability was not minor. It was an under-constrained element in the Orchard circuit that allowed arbitrary false inputs into an elliptic curve multiplication while still passing the multiplication check. In plain terms: someone who knew about it could create an unlimited, completely undetectable amount of counterfeit ZEC inside the Orchard pool. Hornby built a working exploit in a local test environment that confirmed it. Had he run it on mainnet, he could have generated as much ZEC as he wanted with no trace and no cryptographic proof it ever happened.
He did not run it on mainnet. He reported it immediately to the Zcash Open Development Lab. By June 2, an emergency soft fork had disabled Orchard transactions. By June 3, NU6.2, a full hard fork with a corrected circuit, had re-enabled Orchard. The fix was the second security-driven network upgrade in Zcash’s history since its 2016 launch. ZEC fell 25% in the 24 hours after Shielded Labs’ public disclosure on June 5. It is now trading at approximately $587.
AI-Assisted Auditing: What Actually Happened on May 28-29
Shielded Labs, the nonprofit that funds Zcash development, had engaged Taylor Hornby in April 2026 for ongoing security research. The goal was explicit: find vulnerabilities before malicious actors do. On May 28, Anthropic released Claude Opus 4.8. The next day, Hornby used it as part of a highly targeted review of the Orchard circuit alongside traditional security research methods and a custom-built AI harness he had developed specifically for this work.
Zooko Wilcox, co-founder of Zcash, described it precisely in the official disclosure: “Shortly after the release of Anthropic’s Opus 4.8 model on May 28, Taylor used it as part of a highly targeted review of the Orchard circuit. On May 29, Taylor discovered the vulnerability.” The key phrase is “as part of.” Hornby used Claude Opus 4.8 as one component of a custom AI audit harness he had built, alongside traditional security research methods. The discovery belongs to Hornby. The contribution of AI-assisted tooling was real and material, but attributing the find to Claude alone would misrepresent what Zooko actually wrote. The combination of Hornby’s deep expertise in Zcash’s cryptography and the pattern-recognition capability of the latest AI model found something that neither could have surfaced as quickly alone.
The implication is significant beyond Zcash. If a one-day-old AI model can discover a critical cryptographic vulnerability in a zero-knowledge proof circuit that the world’s best cryptographers had reviewed for four years without finding, the security research model for blockchain protocols needs to be reconsidered. Shielded Labs is now doubling down on AI-assisted security research, continuing to work with Hornby and Anthropic, and has also announced a formal verification project for the Orchard circuit to mathematically prove no further bugs exist.
What the Bug Actually Was
The Orchard pool uses zero-knowledge proofs to allow private transactions. When you spend ZEC in Orchard, you create a proof that cryptographically demonstrates you have the right to spend those coins without revealing any information about which coins they are, how much you hold, or who you are. The circuit is the mathematical structure that defines what constitutes a valid proof.
The vulnerability was an under-constrained element in that circuit. Specifically, an elliptic curve multiplication operation lacked sufficient constraints, meaning the check that should have verified the multiplication’s inputs was not tight enough. An attacker could put arbitrary false values into that multiplication and still produce a proof that the circuit accepted as valid. Because the false inputs could be crafted to show a spending of ZEC the attacker did not own, the attacker could mint counterfeit ZEC from nothing and have it accepted as legitimate by the network.
The critical detail that makes this uniquely serious is the word undetectable. Due to Orchard’s privacy properties, there is no cryptographic method to prove whether any counterfeiting occurred before the bug was patched. The privacy features that make Orchard valuable, the fact that no one can see what is happening inside the pool, also mean that no one can definitively prove nothing bad happened. The Zcash Foundation’s turnstile mechanism, which tracks total value across all pools to confirm supply integrity, detected no unauthorized value creation during the window. But this is negative evidence, not positive proof.
Discovery to Fix: The 7-Day Timeline
May 22 – June 5, 2026 | Sources: Shielded Labs, ZODL, The Defiant | @cryptonewsbytes
May 28, 2026
Anthropic releases Claude Opus 4.8
Taylor Hornby immediately incorporates the model into his existing AI-assisted security audit harness, targeting the Orchard zero-knowledge proof circuit.
May 29, 2026: Discovery
Hornby finds the under-constrained elliptic curve multiplication element
Immediately discloses to ZODL engineers. Builds complete working exploit confirming unlimited undetectable ZEC creation in local test environment. Does not run on mainnet.
May 31, 2026
Private coordination begins with miners and exchanges
ZODL works quietly to prepare the emergency soft fork without tipping off potential attackers. Ecosystem-wide coordination without public disclosure.
June 1-2, 2026: Emergency soft fork (NU6.1)
Orchard transactions disabled at block 3,363,426 at 22:30 EDT
Zebra v4.5.3 deployed. Orchard actions frozen. Transparent and Sapling transactions continue normally. Re-enabled at 14:00 EDT June 2 after initial fix deployed.
June 3, 2026: Full hard fork (NU6.2)
Orchard re-enabled with corrected circuit at block 3,364,600
Second security-driven upgrade in Zcash history. Network stops producing blocks for 4+ hours during transition, causing brief confusion. Zebra v5.0.0 released.
June 5, 2026
Shielded Labs publishes full public disclosure
Zooko Wilcox, Jason McGee, and Taylor Hornby post detailed disclosure. ZEC falls 25% in 24 hours. Shielded Labs proposes NU7 to cryptographically prove no counterfeiting occurred.
Sources: Shielded Labs disclosure, ZODL community forum, The Defiant, CryptoBriefing | @cryptonewsbytes
The Unsolvable Problem: Proving Nothing Bad Happened
The vulnerability existed from May 2022 to June 2026. Four years. During that window, any actor who independently discovered it could have been silently creating counterfeit ZEC with no trace. The Zcash Foundation’s turnstile mechanism tracked total value across pools and detected no unauthorized creation. Shielded Labs assessed that prior exploitation was unlikely for several reasons: the bug evaded years of expert review, meaning few people had the capability to find it; Hornby’s discovery was the result of a deliberate, sophisticated effort using the most advanced tools available; and the window between discovery and fix was narrow.
But Shielded Labs was explicit that users should not rely on their assessment or anyone else’s. The privacy properties that make Orchard valuable are the same properties that make it impossible to cryptographically prove the supply was never tampered with. Closing the bug does not retroactively prove clean behavior during the four years it was open. This is the hard problem the proposed NU7 upgrade attempts to solve.
The NU7 proposal involves deploying a new shielded pool and routing all coins leaving Orchard through turnstile accounting that allows anyone to verify total supply integrity and prove the non-existence of counterfeit ZEC. In practical terms, coins in Orchard would need to pass through a verification checkpoint before moving to the new pool, and the accounting at that checkpoint would be publicly verifiable. If total values balance, no counterfeiting occurred. If they do not, it proves counterfeiting did. Either outcome is more informative than the current state of uncertainty. The proposal requires community governance approval and a full network upgrade process before it can activate.
The Market Reaction: Fear Then Confidence
ZEC’s price told two stories simultaneously. During the actual emergency upgrade window on June 1 to 3, before full public disclosure, ZEC climbed above $620, outperforming a broader market that was declining sharply with Bitcoin falling below $64,000. A whale who had shorted ZEC was liquidated for $2.9 million in losses during this period and subsequently reopened a 10x leveraged short position on the other side. The initial market reaction, for those who knew about the upgrade but not the reason for it, was constructive.
After Shielded Labs published the full disclosure on June 5, explaining what the vulnerability actually was and the impossibility of proving whether exploitation occurred, ZEC reversed the week’s gains and fell 16% over seven days, with a 25% drop in the 24 hours following the disclosure. The token traded in a range between $637 and $599 in the immediate aftermath. At the time of writing ZEC is trading at $587.35 with a 24-hour trading volume of $1.89 billion, placing it as the 29th largest cryptocurrency by market cap at approximately $9.8 billion.
The comparison to Zcash’s 2019 Sprout vulnerability is instructive. In that case, the team disclosed a counterfeiting vulnerability in the older Sprout pool that had also gone undetected for years and was never known to have been exploited. ZEC recovered from that disclosure. The SEC also closed its investigation into Zcash earlier in January 2026, and Grayscale has filed to convert its Zcash Trust into what could become the first U.S. spot privacy coin ETF. The institutional backdrop for ZEC is meaningfully stronger in 2026 than it was in 2019. Whether the market treats the Orchard disclosure as a crisis or a confidence test depends on how the NU7 supply-verification proposal is received.
ZEC Price: Discovery to Disclosure
May 29 – June 5, 2026 | @cryptonewsbytes
ZEC actually climbed during the silent fix window. Sold off 25% only after the full vulnerability details became public. Source: CoinGecko | @cryptonewsbytes
Why This Story Matters Beyond Zcash
The Zcash disclosure is simultaneously a security story, a market story, and an AI story. The security story is a near-miss: a vulnerability that could have enabled infinite undetectable money printing in a $9.8 billion asset was found and patched without exploitation. The market story is the ZEC reaction, which shows how a transparent, well-handled disclosure can turn a potential catastrophe into a confidence test. The AI story is the one that changes the industry.
Every major blockchain protocol has ZK proof circuits, multisig implementations, bridge contracts, and oracle logic that has been reviewed by humans. If an expert security researcher using Claude Opus 4.8 as part of a targeted audit can find a critical bug in a circuit that the best cryptographers in the world reviewed for four years, the question every protocol security team should be asking right now is: when did we last run our circuits through an AI-assisted audit? Shielded Labs is now formally partnering with Anthropic on ongoing security research. Other protocols should be paying close attention.
The Radiant Capital hack we covered earlier this week shows what happens when the human layer is compromised by social engineering. The Zcash story shows what happens when the human layer is augmented by AI-assisted auditing. Both stories point in the same direction: the security gap between protocols that use the best available tools and those that do not is widening. The Lazarus Group is already using AI to identify and target victims. The question is whether the defense keeps pace.
Frequently Asked Questions
Is my ZEC safe?
Yes. The vulnerability has been patched. The NU6.2 hard fork deployed a corrected Orchard circuit on June 3. Your existing ZEC holdings and completed transactions are not affected. Orchard transactions are fully operational again. The Zcash Foundation’s turnstile mechanism detected no unauthorized value creation during the window the bug was active. Shielded Labs assesses that exploitation before discovery was unlikely, though not provably impossible due to the privacy properties of Orchard.
How did Claude find a bug that human cryptographers missed for four years?
Taylor Hornby used Claude Opus 4.8 alongside a custom-built AI audit harness and traditional security research methods in a targeted review of the Orchard circuit. The combination of AI-assisted pattern recognition across the full circuit alongside Hornby’s expert framing of what to look for appears to have surfaced the under-constrained elliptic curve multiplication element that manual review had missed. Shielded Labs noted the vulnerability had evaded years of scrutiny by world-class cryptographers, and attributed the discovery to both Hornby’s expertise and the new AI tooling. The full technical work log has been published by Taylor Hornby.
What is the NU7 proposal and why does it matter?
The NU7 proposal would deploy a new shielded pool and require all coins leaving Orchard to pass through a turnstile accounting checkpoint that is publicly verifiable. Because Orchard’s privacy properties make it impossible to cryptographically prove whether counterfeiting occurred during the four years the bug was active, NU7 is designed to let anyone independently verify total supply integrity going forward. If the accounting balances at the turnstile, no counterfeiting occurred. Shielded Labs plans to publish full technical details of the proposal next week. Like all major Zcash network upgrades, it requires community governance approval before it can activate.
Further Reading
The contrast case. Radiant’s vulnerability was in the human layer and Lazarus exploited it for $50M. Zcash’s vulnerability was in the circuit and an AI found it first. Both stories define the 2026 crypto security landscape.
A code bug in Sui’s v1.72 upgrade triggered three outages with no exploitation. Same week as the Zcash vulnerability. Protocol resilience is the defining security theme of June 2026.
The NU7 proposal will need to pass Zcash community governance. Cardano’s summit vote this week showed how on-chain governance can override even well-funded foundation proposals. Zcash’s NU7 path will face similar dynamics.
This article is for informational purposes only and does not constitute financial advice. Sources: Shielded Labs disclosure (Zcash Community Forum), The Defiant, CryptoBriefing, CryptoTimes, KuCoin, DailyCoin, PANews, CoinGecko. Published June 5, 2026.
