Source
ArticleThe Orchard Counterfeiting Vulnerability — and next steps
Added to the wiki June 17, 2026 at 06:17 PM UTC · full text archived June 17, 2026 at 09:17 PM UTC
Shielded Labs' public disclosure of a critical soundness bug in Zcash's Orchard shielded pool, written by Zooko Wilcox, Jason McGee, and Taylor Hornby and published as an X article. It reports that Taylor Hornby discovered the flaw on 29 May 2026 during an audit, that the bug had been present since Orchard activated in 2022, and that it broke the soundness of the pool's zero-knowledge circuit — an under-constrained step in an elliptic-curve check that could let an attacker mint counterfeit ZEC inside the shielded pool with no on-chain trace. The authors report the discovery was assisted by an AI model. The post lays out the immediate emergency response and frames the longer-term question the bug raises: how to re-establish confidence in the circulating supply.
It is the primary first-party account of what the bug was and how it was found.