Zcash plummets 30% as Shielded Labs reveals a major bug that went undetected for four years

That could have damaged trust in the token's supply and its value. By Omkar Godbole, AI Boost Jun 5, 2026, 5:43 a.m. 3 min read Make preferred on ZEC's price slide. (Coin Desk)What to know: Shielded Labs disclosed a critical bug in its Zcash's Orchard privacy pool that could have allowed unlimited, undetectable counterfeit tokens.The vulnerability, present since Orchard’s activation in May 2022, was discovered on May 29 by security engineer Taylor Hornby using Anthropic’s Opus 4.8 AI model and was patched in an emergency fix by June 1.Shielded Labs says there is no cryptographic way to know whether the flaw was exploited before the fix, and is proposing a network upgrade with new accounting measures and expanded security efforts to restore confidence in ZEC’s supply integrity.Privacy-focused zcash (ZEC) has taken a beating in the past 24 hours, falling roughly 30% to $400 amid broader market weakness. The selling accelerated after Shielded Labs, a nonprofit Zcash developer, disclosed a critical vulnerability in the blockchain's Orchard privacy pool that could have threatened the integrity of the token's supply.

Late Thursday, Shielded Labs published a detailed disclosure on X, revealing a vulnerability that, if exploited, could have allowed an attacker to create an unlimited number of counterfeit ZEC tokens, completely undetected. Think of it as someone secretly gaining access to the Federal Reserve's dollar printing press, except in this case, even the Fed wouldn't be able to tell these extra dollars were printed.

The vulnerability was discovered on May 29 by Taylor Hornby, a security engineer engaged by Shielded Labs in April 2026 specifically to identify protocol vulnerabilities before malicious actors could. Working with Anthropic's recently released Opus 4.8 AI model, Hornby conducted a highly targeted review of the Orchard circuit, which is the cryptographic system underpinning Zcash's most advanced privacy pool.