AI-assisted Zcash flaw exposes the supply integrity gap an emergency fork could not fully close
A soundness bug in Zcash’s Orchard zero-knowledge proof circuit nearly allowed unlimited counterfeit ZEC. Taylor Hornby of Shielded Labs reportedly found it during a protocol review on May 29 using Anthropic’s Opus 4.8 plus a custom AI harness, producing a local exploit in regtest that could have worked on mainnet. Zcash said there is no evidence of mainnet exploitation or unauthorized inflation, and the 21 million ZEC cap remains intact. The issue required a consensus-level fix: an emergency soft fork on June 2 temporarily disabled Orchard actions, followed by the NU6.2 hard fork on June 3 to replace the circuit and restore functionality. The incident highlights a key problem for privacy coins: hidden balances make it hard to prove no counterfeit value was ever created. Zcash’s turnstile mechanism showed no suspicious flows, but Shielded Labs argues a later upgrade should make supply integrity directly verifiable. The episode also fits a broader trend of AI-assisted discovery reaching core crypto infrastructure, not just smart contracts.
