Zcash (ZEC) lost half of its value within 24 hours after developers disclosed a critical vulnerability in the Orchard, Zcash’s current shielded pool that enables private ZEC transactions by encrypting all key transaction details using advanced zero-knowledge tech.

According to a statement from Zooko Wilcox-O’Hearn, Zcash’s primary founder, the flaw, which was discovered by security researcher Taylor Hornby on May 29, could have allowed someone to create unlimited counterfeit ZEC without detection.

After Hornby reported the issue, Zcash Open Development Lab coordinated an emergency fix that was completed within days. While the vulnerability is now closed, the privacy features that protect Orchard users also make it impossible to know with certainty whether anyone exploited the bug before it was patched.

The discovery came from a proactive security effort. Earlier in 2026, Shielded Labs hired Hornby to look for exactly these kinds of vulnerabilities before attackers could find them. Using both traditional security research and the latest AI-assisted auditing tools, including Anthropic’s newly released Opus 4.8 model, he conducted a focused review of Orchard and quickly identified the issue.

According to the report, the flaw involved a weakness in the Orchard circuit that allowed incorrect cryptographic inputs to pass a verification check. Hornby successfully created a proof-of-concept exploit and demonstrated in a testing environment that it could generate unlimited counterfeit ZEC while remaining undetectable.

The vulnerability had existed since Orchard launched in May 2022 and remained present until the emergency patch was deployed on June 1, 2026, as noted by the team.

Even though there is no way to conclusively determine whether the flaw was exploited before it was fixed, Shielded Labs believes that scenario is unlikely. The bug had gone unnoticed for years despite extensive reviews by highly skilled cryptographers.

ZEC slid from approximately $516 to $414 after news of the vulnerability became public, CoinGecko data shows.

Sentiment worsened when BitMEX founder Arthur Hayes disclosed that he had completely liquidated his position in the asset, despite previously championing ZEC as part of a select trio of favorites alongside HYPE and NEAR.

The selloff deepened rapidly on Hayes’ announcement, sending ZEC to a low near $265. At press time, the asset changed hands at $320, down 40% in the last 24 hours.

Hayes said yesterday that he had exited his entire stake in HYPE and NEAR.

Shielded Labs proposes Orchard network upgrade

Shielded Labs is proposing a network upgrade that would deploy a new shielded pool with turnstile accounting, essentially forcing all Orchard coins through a checkpoint that would reveal any excess supply. The team says a detailed proposal is coming within the week, and any upgrade would need to pass through standard governance.

Shielded Labs is now hiring a Head of Security and a cryptographer, and has begun working toward a formal mathematical verification of the Orchard circuit.

Hayes, for his part, left the door open to returning.

“Privacy is priceless,” he wrote, “and I have no issue eating humble pie and rebuying much higher.”