u.today
The privacy coin Zcash ($ZEC) has plummeted by 60% after the disclosure of a critical vulnerability.
The bug could have allowed attackers to mint an infinite amount of counterfeit coins.
The flaw, which sat undetected in the Orchard pool since May 2022, was recently exposed by a security researcher utilizing Anthropic's Claude Opus 4.8 AI model.
Claude's powerful model
On May 29, security engineer Taylor Hornby discovered the critical counterfeiting vulnerability in Zcash’s Orchard pool during a targeted review using the newly released Opus 4.8 model.
The vulnerability involved an under-constrained element of the Orchard circuit, allowing arbitrary false inputs to pass elliptic curve multiplication checks.
With the help of the AI, Hornby built a working exploit that successfully generated unlimited, undetectable counterfeit $ZEC in a local test environment.
ZODL engineers and the Zcash ecosystem acted quickly, successfully patching the vulnerability via an emergency hard fork between June 1 and June 3.
When privacy can be a downside
Given that privacy coins obscure balances, there is no way to scan the chain for abuse or cryptographically prove whether the vulnerability was actually exploited. A similar class of bug previously hit Zcash in 2019 and also went undetected for years.
Shielded Labs believes that prior exploitation is unlikely due to the bug's complexity and the speed of the patch, but they cannot definitively prove the integrity of the supply using only cryptography.
Developers are exploring a network upgrade that involves a new shielded pool and "turnstile accounting" to verify the Zcash supply and prove the non-existence of counterfeit coins. The team is also initiating a project to formally verify the Orchard circuit with a mathematical proof and is opening a search for a new Head of Security and a Cryptographer.
Community reaction
BitMEX co-founder and prominent cryptocurrency figure Arthur Hayes has announced the liquidation of his entire Zcash ($ZEC).
However, there were those who started defending Zcash. Tyler Winklevoss emphasized that software vulnerabilities are inevitable. He has stated that security is a "never-ending race between the good guys and the bad guys".
Meanwhile, Digital Currency Group founder Barry Silbert fiercely defended the development team, expressing that he is "proudly on Team Zcash". Silbert criticized individuals who framed the situation negatively (without directly naming Hayes).