Zcash developers completed a rare emergency network upgrade this week after discovering a critical soundness bug in the Orchard shielded pool, the blockchain’s newest privacy layer. The vulnerability could have allowed invalid state transitions inside Orchard, potentially enabling double spending within the pool.

The Zcash Foundation said there was no evidence the bug was exploited, no unauthorized value creation, and no impact on user privacy.

The vulnerability was discovered on May 29 by Taylor Hornby, an independent security researcher conducting a protocol audit for Shielded Labs. What followed was a coordinated emergency response involving the Zcash Open Development Lab and the Zcash Foundation.

Phase one landed on June 2. A temporary soft fork activated at mainnet block height 3,363,426, around 02:00 UTC, disabling Orchard actions across the network while developers prepared the corrective code.

Phase two followed on June 3. The NU6.2 hard fork activated at block 3,364,600 at approximately 00:05 EDT, re enabling Orchard with a corrected circuit. The full response took about five days from private disclosure to final activation.

The Zcash Foundation said the network briefly became unstable during the transition as miners and node operators upgraded to the latest Zebra releases.

What the bug actually was

The issue was a soundness bug in the Orchard zero knowledge proof circuit implementation. Soundness is the property that ensures a proof system accepts only valid transactions and state transitions.

In this case, the flaw could have allowed an invalid Orchard transaction to pass verification, creating a double spending risk within the shielded pool.

The bug did not allow inflation of ZEC’s total supply, according to the Zcash Foundation. The protocol’s turnstile mechanism acts as a cross pool accounting check, tracking value across Sprout, Sapling, Orchard, transparent, and lockbox pools to confirm that total supply remains intact.

The Foundation said the turnstile detected no unauthorized value creation while the bug was live. Sapling and transparent transactions continued to work normally during the incident, while Orchard transactions were temporarily disabled.

For context, this is not Zcash’s first brush with a critical cryptographic flaw. In 2019, the team disclosed a counterfeiting vulnerability in the older Sprout shielded pool that had gone undetected for years. That bug was also never known to have been exploited.

The market responded with confidence rather than panic. ZEC climbed above $600 during the upgrade window, gaining as the broader crypto market traded lower.