Zcash tumbles 50% as Hayes exits bag over privacy pool flaw

Zcash (ZEC) lost half of its value within 24 hours after developers disclosed a critical vulnerability in the Orchard, Zcash’s current shielded pool that enables private ZEC transactions by encrypting all key transaction details using advanced zero-knowledge tech.

According to a statement from Zooko Wilcox-O’Hearn, Zcash’s primary founder, the flaw, which was discovered by security researcher Taylor Hornby on May 29, could have allowed someone to create unlimited counterfeit ZEC without detection.

After Hornby reported the issue, Zcash Open Development Lab coordinated an emergency fix that was completed within days. While the vulnerability is now closed, the privacy features that protect Orchard users also make it impossible to know with certainty whether anyone exploited the bug before it was patched.

The discovery came from a proactive security effort. Earlier in 2026, Shielded Labs hired Hornby to look for exactly these kinds of vulnerabilities before attackers could find them. Using both traditional security research and the latest AI-assisted auditing tools, including Anthropic’s newly released Opus 4.8 model, he conducted a focused review of Orchard and quickly identified the issue.