Full Report
If you’re a user—owner?—of this cryptocurrency, this is important: On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash Orchard privacy pool using Claude Opus 4.8. The Zcash team hired Hornby specifically to look for this kind of issue. He found one fast enough to be embarrassing. The Orchard pool is the newest and most advanced shielded transaction system in the cryptocurrency Zcash. Introduced in 2022, it allows users to send and receive ZEC while keeping transaction details private. It uses zero-knowledge proofs to validate transactions without revealing amounts or participants. The bug: a specific check that was supposed to validate transaction inputs wasn’t actually enforcing the rules it appeared to enforce. An attacker could have exploited the flaw to feed false inputs into that check and generate ZEC from nothing, with the zero-knowledge proof system blessing the fraudulent transaction as valid...
Analysis Summary
# Vulnerability: Inflation Flaw in Zcash Orchard Privacy Pool
## CVE Details
- **CVE ID:** Not explicitly listed in the source (Internal Zcash Security Advisory 2024-05-29)
- **CVSS Score:** Critical (Estimated 9.0 - 10.0)
- **CWE:** CWE-684: Incorrect Provision of Specified Functionality (Logic Flaw in Validation)
## Affected Systems
- **Products:** Zcash (ZEC)
- **Versions:** Orchard shielded pool implementations (since introduction in 2022)
- **Configurations:** Transactions interacting with the Orchard shielded pool.
## Vulnerability Description
The vulnerability stems from a logic error in a validation check within the Zcash Orchard privacy pool. The Orchard pool utilizes zero-knowledge proofs (ZKP) to validate transactions while maintaining privacy. A specific check intended to validate transaction inputs was found to be ineffective; it did not actually enforce the rules it was designed to uphold. This allowed for a "false input" to be accepted by the system. Because the zero-knowledge proof system would "bless" these fraudulent transactions as valid based on the flawed check, an attacker could bypass the conservation of value principle.
## Exploitation
- **Status:** Fixed. No confirmed evidence of exploitation in the wild, though the privacy-preserving nature of the pool makes detection of historical exploitation difficult.
- **Complexity:** Medium (Requires deep understanding of ZKP and Orchard's protocol architecture).
- **Attack Vector:** Network (Submitting a crafted transaction to the blockchain).
## Impact
- **Confidentiality:** None (The vulnerability does not expose private transaction data).
- **Integrity:** Critical (Allows for "infinite minting" or generating ZEC from nothing, undermining the integrity of the total money supply).
- **Availability:** Low (Risk of chain forks or shutdown if mass inflation was detected).
## Remediation
### Patches
- The Zcash team has released a fix for the Orchard protocol. Users and node operators should update to the latest version of the Zcash node software (zcashd) or supported wallets immediately.
### Workarounds
- No manual workarounds are available for end-users other than updating to patched software. Users of older, unpatched versions should avoid interacting with the Orchard pool until updated.
## Detection
- **Indicators of Compromise:** Discrepancies in the total expected transaction value versus the actual shielded pool balance.
- **Detection Methods:** Due to the nature of zero-knowledge proofs, identifying specific fraudulent transactions in the past is non-trivial. The Zcash team monitors pool balances for unexpected inflation (the "turnstile" mechanism, though this is primarily for older pools).
## References
- Schneier on Security: hxxps[://]www[.]schneier[.]com/blog/archives/2026/06/critical-zcash-vulnerability-found-and-fixed[.]html
- Security Affairs: hxxps[://]securityaffairs[.]com/193224/hacking/claude-opus-found-a-four-year-old-hole-in-zcashs-privacy-layer-nobody-knows-if-someone-already-used-it[.]html
- Zcash Official Blog: hxxps[://]z[.]cash/blog/ (Search for May/June 2024 advisories)