Zcash Orchard Pool Counterfeiting Vulnerability

2022-05-01

Orchard shielded pool activated via Zcash NU5 network upgrade; vulnerability introduced in halo2_gadgets scalar multiplication gadget.

2026-04-01

Shielded Labs engages Taylor Hornby as a security engineer to conduct proactive protocol vulnerability research.

2026-05-28

Anthropic publicly releases the Opus 4.8 AI model.

2026-05-29

Taylor Hornby discovers the Orchard circuit soundness vulnerability using Anthropic's Opus 4.8 model and a custom AI auditing harness. Hornby constructs a working exploit generating unlimited counterfeit ZEC in a local regtest environment. Responsible disclosure made to ZODL core engineers the same evening.

2026-05-31

Private coordination with miners, exchanges, and node operators begins in preparation for emergency network response.

2026-06-02

Emergency soft fork activates at Mainnet block height 3,363,426 (approximately 02:00 UTC) via Zebra 4.5.3, disabling all Orchard-containing transactions and blocks.

2026-06-03

NU6.2 hard fork activates at Mainnet block height 3,364,600 (00:05 EDT) via Zebra 5.0.0, re-enabling Orchard with corrected circuit logic and a new consensus rule rejecting non-canonical proof sizes.

2026-06-05

Public disclosure of the vulnerability by Shielded Labs. ZEC declines approximately 37.8-38% in 24 hours, falling from approximately $635 to a low of approximately $309.

2026-06-05

Arthur Hayes, BitMEX co-founder, publicly discloses he has liquidated his entire ZEC position, citing the irresolvable uncertainty about whether counterfeiting occurred prior to the fix.

2026-06-05

Shielded Labs proposes a new network upgrade to create a fresh shielded pool with turnstile accounting on all existing Orchard coins to provide provable supply integrity.