Key Takeaways:
ZEC fell 48.4% to $272.79 after Shielded Labs disclosed a critical counterfeiting vulnerability in Zcash's Orchard privacy pool that had remained undetected for four years.
"The Holy Trinity is dead," Arthur Hayes, co-founder of BitMEX, said on X, referring to ZEC alongside Hyperliquid and NEAR Protocol positions he exited this week. Hayes acknowledged illegal ZEC minting was unlikely but said it "cannot be formally cryptographically proved impossible."
The vulnerability, discovered May 29 by security engineer Taylor Hornby using Anthropic's Claude Opus 4.8 AI system, allowed fraudulent inputs into an elliptic curve multiplication check — the mathematical verification underpinning Orchard transactions. Hornby built and tested a working exploit that generated unlimited counterfeit ZEC in an isolated environment. An emergency hard fork was deployed June 3. ZEC's market capitalization shrank by more than $3 billion.
Shielded Labs is developing a network upgrade proposal that would introduce turnstile accounting for assets exiting the Orchard pool, enabling independent verification of ZEC's total supply. The organization said it will release full details in the coming week. The incident marks the second counterfeiting vulnerability in Zcash's history, following a similar flaw discovered in 2018 and remediated in 2019 without confirmed losses.
Mert Mumtaz, co-founder and CEO of Solana infrastructure firm Helius, said almost all privacy protocols carry a variant of this vulnerability, calling it a theoretical risk inherent to zero-knowledge privacy systems.
This article is for informational purposes only and does not constitute investment advice.
