Zcash extended its recent selloff beyond 50% on Friday to roughly $310 as a critical counterfeiting vulnerability disclosed earlier this week continued to weigh on sentiment.
ZEC fell as much as 60% at one point, from around $630 on Thursday to as low as roughly $250 on Friday, before recovering some losses, while liquidations surpassed $116 million — the third-largest among cryptocurrencies over the past 24 hours behind bitcoin and ether — according to CoinGlass.
Notably, the CoinGlass figure reflects a partial picture. Liquidation data is staggered and known to underreport, meaning actual forced-close volumes are likely higher.
Zcash's liquidation data shows almost $72 million in long liquidations and over $45 million in shorts over the 24-hour period, with peak volume between 8 a.m. and 9 a.m. UTC on June 5. CoinGlass rated the session's liquidation intensity 3.72x against the seven-day average.
The disclosure came from Zooko Wilcox, Zcash co-founder and Shielded Labs head, alongside researchers Jason McGee and Taylor Hornby, who confirmed the flaw had existed in Zcash's Orchard zero-knowledge proof circuit since its activation in May 2022. The Block previously reported on the initial discovery and price drop.
The vulnerability, rooted in an under-constrained element of the Orchard circuit's variable-base scalar multiplication gadget, would have allowed a malicious actor to spend the same shielded note multiple times by revealing a unique nullifier with each spend — effectively minting unlimited, undetectable counterfeit ZEC within the Orchard pool.
Hornby discovered the bug on May 29, hours after Anthropic released its Claude Opus 4.8 model.
Using a custom AI-assisted auditing framework he called zcash-full-stack-auditor, Hornby ran a targeted review of the Orchard circuit.
An audit agent flagged the critical flaw at around 6 p.m. MDT. By 11:53 p.m., Hornby had delivered a proof-of-concept and a full report to the Zcash Open Development Lab over Signal. By the following Monday night, a soft fork mitigation was live on mainnet. A full network upgrade, NU6.2, re-enabled Orchard at block 3,364,600 on June 2 with the corrected circuit.
The window of exposure ran from Orchard's activation on May 31, 2022, through the soft fork on June 1, 2026 — four years, one day, and ten hours. From the moment Opus 4.8 was publicly released to the patch activation, the window was four days and roughly ten hours.
What makes the disclosure particularly sharp is what the patch cannot resolve.
Zcash's privacy architecture makes it cryptographically impossible to verify whether the exploit was used before remediation. Wilcox and his co-authors were direct on this.
"There is no way to cryptographically prove whether the vulnerability was exploited before it was remediated," the disclosure states. "We believe it is important to be transparent about that uncertainty."
That uncertainty may have led to Arthur Hayes's position ending. The BitMEX co-founder and Maelstrom CIO posted this week that he had sold his entire ZEC bag and Maelstrom's.
"The Holy Trinity is dead," Hayes wrote. "While I think it's extremely unlikely of any minting, it cannot be formally cryptographically proved impossible. The privacy from AI, govt, big tech narrative demands perfection not improbability." Hayes said he remained open to re-entering if his assumptions changed.
Shielded Labs and several prominent backers pushed back on the most bearish read of the disclosure.
Grayscale CLO Craig Salm argued that to believe the exploit was actually triggered, someone would have had to scrutinize the Zcash codebase more thoroughly than every developer at ECC, ZODL, Shielded Labs, and the Zcash Foundation combined — and then chosen not to drain the Orchard pool's turnstile during a 20x-plus bull run. "Seems unlikely to me," Salm said on X.
Cameron Winklevoss, co-founder of crypto exchange Gemini, made a similar argument. "When it comes to any L1, there will be bugs," Winklevoss stated. "What's important is that there are world-class researchers focused on hardening the network and staying ahead of the bad guys." He called the rapid discovery and remediation a "vote of confidence, not a cause for alarm."
MetaMask security researcher Taylor Monahan placed the disclosure in a broader context. "The takeaway should be that these models CAN AND WILL uncover worst-of-the-worst vulns that have existed in prod undetected for years," Monahan said, arguing Zcash's relationship with security researchers had long been a differentiator.
Hornby's own work log — released publicly alongside the disclosure — notes that Opus 4.8 was notably skeptical of its own finding, initially assuming the upstream code had already been audited and therefore must be correct. It required prodding before taking the issue seriously.
Earlier audits using Claude Opus 4.7, with high effort, failed to surface the bug when given a generic prompt. Meanwhile, Opus 4.8 found it in only one of four test runs when prompted broadly, whereas it was reliably found when the prompt was narrowly targeted at the specific gadget.
Shielded Labs said it is exploring a network upgrade that would deploy a new shielded pool and enforce turnstile accounting for all coins migrating from Orchard — a mechanism that lets anyone verify the integrity of the Zcash supply and prove the absence of counterfeit ZEC.
The proposal would require approval from the community governance. A follow-up post with full technical details is expected next week. The firm is also formally initiating a project to mathematically verify the Orchard circuit and has opened searches for a Head of Security and a Cryptographer.
Josh Swihart, ZODL's founder, said the more important question is not whether a second Orchard pool gets built but how the protocol ensures vulnerabilities never recur. His answer is formal verification.
"A loose rule can be difficult to spot," Swihart wrote a detailed X post. "In this recent case, the loose rule went undetected despite numerous expert-level security audits and reviews." Formal verification, he argued, replaces human review with a mathematical proof that checks the entire circuit against a concise, readable specification — one that a computer cannot be fooled by.
Swihart said a second Orchard pool could, in principle, be targeted for NU7 at the end of July, and that a formally verified Orchard circuit, if completed, could serve as the best interim step before Tachyon — Zcash's next-generation proving system, which is being built with formal verification from the ground up.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2026 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
