A security researcher using Anthropic’s newest AI model uncovered a critical vulnerability in the privacy cryptocurrency Zcash that had existed undetected for four years. The flaw could have allowed attackers to create unlimited counterfeit coins that would appear completely legitimate and remain undetectable within the network’s privacy-focused architecture.
Taylor Hornby, a security researcher hired by the Zcash team specifically to hunt for vulnerabilities, discovered the flaw on May 29 using Claude Opus 4.8 – just one day after Anthropic released the AI model. The bug was present in Zcash’s Orchard privacy pool since its launch in May 2022 until an emergency fix was deployed on June 1, 2026.
The discovery highlights a troubling reality for cryptocurrency security: advanced AI models can uncover critical flaws in well-reviewed systems with startling speed, raising questions about what vulnerabilities may already have been found by those with access to even more powerful tools.
The Orchard pool is Zcash’s most advanced privacy system, designed to keep transaction details completely hidden while using zero-knowledge proofs to validate transactions without revealing amounts or participants. The vulnerability centered on a specific validation check that wasn’t properly enforcing the rules it appeared to enforce. An attacker could have exploited this flaw to feed false inputs into the system and generate ZEC from nothing, with the zero-knowledge proof system blessing the fraudulent transaction as valid.
Hornby developed a working proof-of-concept exploit in a test environment before immediately reporting the issue to ZODL, Zcash’s coordinating development body. The news sent ZEC prices tumbling 43% to as low as $250 when the vulnerability was disclosed.
The most unsettling aspect of this discovery isn’t the bug itself, but the impossibility of knowing whether someone else found it first. Because Orchard is designed as a privacy pool, the same properties that make transactions confidential also make any potential exploitation undetectable through cryptographic analysis alone.
“Due to the privacy properties of Orchard and the nature of the bug, there is no definitive way to determine, using only cryptography, whether such exploitation occurred,” wrote Shielded Labs, the independent research organization behind Zcash development.
The Zcash team argues that prior exploitation was unlikely because the bug evaded years of expert review and required advanced AI tools to discover. However, they acknowledge this assessment shouldn’t be taken as definitive proof. The vulnerability’s four-year lifespan coincided with a period of intense scrutiny on privacy cryptocurrencies and growing sophistication in both security research and potential attack methods.
To address the uncertainty, Shielded Labs is proposing a network upgrade called “turnstile accounting.” The plan involves:
- Deploying a new shielded pool to replace the compromised Orchard system
- Forcing every existing Orchard coin through a verifiable checkpoint
- Creating a process that would expose any counterfeited supply as discrepancies
- Allowing the community to verify the integrity of the entire Zcash supply
This solution requires community governance support and must go through Zcash’s standard network upgrade process. A detailed proposal is expected next week. Additionally, Shielded Labs plans to mathematically verify the entire Orchard circuit from scratch and is hiring new security personnel, including a Head of Security and a Cryptographer.
The incident raises broader questions about AI’s role in cybersecurity research. If a publicly available AI model could find a four-year-old vulnerability within 24 hours of its release, what might more advanced, privately held AI systems already have discovered? Anthropic’s even more powerful Mythos model remains restricted, not available to the public.
This development comes at a time when privacy cryptocurrencies face increased regulatory scrutiny and technical challenges. The ability of AI to rapidly audit complex cryptographic systems could be both a blessing for security research and a curse for projects harboring unknown vulnerabilities. Many cryptographic systems that haven’t been tested against modern AI capabilities may be hiding similar flaws.
For the cryptocurrency industry, this event serves as a wake-up call about the accelerating pace of AI-assisted security research. Protocol teams across the industry now face the uncomfortable question of whether their systems can withstand analysis from increasingly powerful AI tools – and who else might already have access to even more advanced capabilities than what’s publicly available.
