AI Uncovered a Critical Zcash Flaw That Had Been Hidden for Four Years

Artificial Intelligence Found What Human Auditors Missed

A security weakness that had gone undetected in Zcash's Orchard pool since May 2022 was brought to light by an AI-assisted audit process — not by traditional manual code reviewers. Security researcher Taylor Hornby, engaged by the non-profit organization Shielded Labs, used Anthropic's AI model Claude Opus 4.8 integrated into a custom audit framework to identify what is described as an under-constrained circuit element in Zcash's zero-knowledge proof system, according to information reported by Seeking Alpha.

The flaw was of the most serious category: it could potentially have allowed an attacker to create an unlimited number of counterfeit ZEC tokens within the shielded pool — without any possibility of detection.

A flaw that had survived four years of human audits was uncovered by an AI model in days.

AI Uncovered a Critical Zcash Flaw That Had Been Hidden for Four Years - Bilde 1

Swift Crisis Management

When the flaw was discovered on May 29, 2026, the Zcash team moved quickly. An emergency soft fork was rolled out as early as June 1, followed by a hard fork — dubbed NU6.2 — two days later on June 3. The Zcash Foundation has stated that there is no evidence the vulnerability was exploited, that no unauthorized value creation was detected, and that user privacy remained intact throughout the entire period. The absolute cap of 21 million ZEC tokens is also said to have been maintained.

There is, however, an important caveat: due to Orchard's built-in privacy features, it is cryptographically impossible to prove with full certainty that the flaw was not exploited before the patch was implemented. This is a limitation inherent to the technology itself, and should be factored into any assessment of the claim that no harm occurred.

~4 years

Age of the flaw in the codebase

3 days

From discovery to hard fork

AI Uncovered a Critical Zcash Flaw That Had Been Hidden for Four Years - Bilde 2

Follow-Up Audit Gave the All-Clear

In the wake of the incident, Zcash founder Zooko Wilcox-O'Hearn announced on June 12, 2026, that Anthropic had conducted a comprehensive security audit of the entire Zcash protocol using its non-public AI model known as "Mythos." Wilcox-O'Hearn expressed gratitude toward Anthropic and stated that the audit revealed no additional serious flaws in the protocol. The audit was also commissioned by Shielded Labs.

Co-founder Eli Ben-Sasson publicly endorsed the use of AI-assisted discovery and called for broader adoption of similar methods, combined with formal verification, across the protocol.

What This Means for Crypto Security

The incident illustrates something experts have long warned about: traditional manual audits can fall short in highly complex cryptographic systems. A zero-knowledge proof system of Zcash's caliber contains enormous amounts of intricate code where even marginal logic errors can have catastrophic consequences.

The flaw had survived repeated expert audits for four years — AI found it in days.

Industry observers note that AI is accelerating a security arms race: the same tools that help defenders find vulnerabilities faster could, in theory, also be used by attackers. The Zcash team views the incident as an argument for proactive AI-based red-teaming as a permanent fixture of its security work going forward.

The Road Ahead: Ironwood and Formal Verification

Zcash has announced a series of measures to strengthen security. The corrected Orchard circuit will form the foundation of a new shielded pool called "Ironwood," which is scheduled to be activated in late July 2026. The Ironwood upgrade will include formal verification, independent security audits, and AI-assisted review as part of a strengthened assurance framework.

A key additional feature in Ironwood is so-called "turnstile accounting," which will enable independent verification of the token supply — directly addressing the legitimate concerns around supply integrity that the Orchard flaw exposed.

Zcash vs. Monero: Key Security and Privacy Differences

Privacy by default: Monero has mandatory privacy for all transactions. Zcash offers optional privacy between transparent (t-addresses) and shielded (z-addresses) transactions
Technology: Zcash uses zk-SNARKs (zero-knowledge proofs). Monero uses ring signatures, stealth addresses, and RingCT
Fungibility: Monero's mandatory privacy provides superior fungibility. Zcash coins can potentially be traced if they have passed through transparent addresses
Regulatory compatibility: Zcash's "view keys" enable selective disclosure for auditors — making it better suited for institutional use
Anonymity set: As of March 2026, shielded transactions accounted for approximately 86.5% of Zcash transactions, but only around 31% of the circulating supply was actually shielded

Market Context

The news comes amid a crypto market characterized by risk aversion, with Bitcoin trading around $63,930 and the Fear & Greed Index at a low 18 out of 100 — a level indicating extreme fear among investors. In such a climate, security-related incidents can have a disproportionately large impact on confidence in individual projects, even when flaws are quickly remediated.

Published	June 14, 2026
Category	Crypto
Sources	1 source references
Production	AI-generated
Review	Automatic quality check
Human review	Not standard

Published	June 14, 2026
Category	Crypto
Sources	1 source references
Production	AI-generated
Review	Automatic quality check
Human review	Not standard