The price of ZEC fell on Thursday after further details were disclosed of a critical counterfeiting vulnerability in Zcash’s Orchard pool that could theoretically allow a bad actor to mint an unlimited amount of ZEC.
According to a post on X, security engineer Taylor Hornby, who was engaged by Shielded Labs, discovered the bug on May 29 and disclosed it to the Zcash Open Development Lab (ZODL), which deployed an emergency response to fix the vulnerability with a hard fork activated on June 3.
However, there are new concerns about the extent to which the vulnerability, which has existed since May 2022, has been used, leading Zcash to fall more than 30% over the past 24 hours to $410 at the time of writing. Its market capitalization has shrunk by more than $3 billion.
However, BitMEX co-founder Arthur Hayes said on Friday it is unlikely that ZEC has been illegally minted this way, though he acknowledged “it cannot be formally cryptographically proved impossible.”
“Sadly, due to the Orchard Pool exploit, I had to dump our entire ZEC bag,” he said.
“The Holy Trinity is dead,” he added, referring to Zcash and the two other tokens he sold this week, Hyperliquid (HYPE) and Near Protocol (NEAR).
ZEC crashes 30% in 24 hours after two months of solid gains. Source: TradingView
Claude assists in bug discovery
Taylor used Claude Opus 4.8, which was released on May 28, a day before the discovery, to assist in a highly targeted review of the Orchard circuit, the cryptographic component underlying Zcash’s Orchard shielded pool.
The critical bug allowed false inputs into an elliptic curve multiplication check, which means the math that is supposed to cryptographically verify transactions could be fooled.
Taylor built and tested a working exploit, which generated unlimited counterfeit ZEC.
“If he had run the same tool on Zcash mainnet it would have generated unlimited, undetectable counterfeit ZEC in his mainnet Zcash wallet,” the security researchers said on Friday.
The primary concern is that there is no cryptographic way to prove whether anyone had previously exploited it before it was patched, due to Orchard’s privacy properties.
However, Shielded Labs was “not overly concerned” because the bug was subtle enough to evade years of expert review, and the discovery was a deliberate, highly skilled effort using cutting-edge tools and AI.
Related: Crypto exploit losses in May fall 90% over month to $68M: CertiK
The firm is working with Zcash developers on a proposed network upgrade to allow anyone to verify the integrity of the ZEC supply and to prove the nonexistence of counterfeit tokens in the Orchard pool, they stated.
Not the first counterfeiting vulnerability for Zcash
Mert Mumtaz, co-founder and CEO of Solana tooling firm Helius, said that almost all privacy protocols have a variant of this same vulnerability.
“This same FUD comes back every five months as new people learn how privacy pools work,” he said.
He explained that it is a theoretical risk in most zero-knowledge privacy protocols from circuit bugs that are hard to exploit or detect.
This is not the first time a similar vulnerability in Zcash has been discovered. In 2018, a counterfeiting vulnerability in the cryptography underlying zk-proofs was discovered by the Electric Coin Company, which remediated it with no losses in 2019.
Magazine: Big Questions: Do we really only need 2–5 cryptocurrencies?
