Privacy protection has always been a core goal of the Zcash ecosystem. From the original Sprout pool to Sapling and then Orchard, Zcash has continued to optimize its zero knowledge proof architecture to lower the barrier to use and improve network security.
The launch of Orchard was not only a technical upgrade, but also a sign of Zcash’s transition toward a new generation of zk-SNARKs systems. A vulnerability involving the Orchard circuit later drew more user attention to how this privacy pool actually works.
Orchard is the privacy pool in the Zcash network responsible for processing the latest shielded transactions. Users can send and receive ZEC through Orchard addresses without revealing the identities of the transaction parties or the transaction amount.
Unlike the fully public ledger model used by traditional blockchains, Orchard uses zero knowledge proofs to verify transaction validity. Network nodes can confirm that a transaction is valid, but they cannot see the transaction contents.
Orchard also plays an important role in Zcash’s privacy innovation. Many new features and cryptographic upgrades are deployed first within the Orchard system, giving future protocol development a stronger foundation.
Looking at Zcash’s development history, its privacy pools have gone through three main stages: Sprout, Sapling, and Orchard. Sprout first enabled on chain private transactions, Sapling significantly reduced proof generation costs, and Orchard, built on the Halo 2 technical framework, further improves scalability and upgrade flexibility.

Orchard’s privacy capabilities are built on zk-SNARKs technology. zk-SNARKs are a cryptographic method that allows users to prove a statement is true without revealing the underlying data.
In the Zcash network, the sender generates a zero knowledge proof to show that the transaction funds genuinely exist and that no double spending has occurred. Validator nodes only need to verify the proof to confirm that the transaction is valid, without knowing the amount or the participating addresses.
The Halo 2 framework used by Orchard is a new generation zero knowledge proof system. Compared with earlier approaches, Halo 2 provides more flexible circuit design capabilities and supports more complex proof structures, leaving room for future protocol upgrades.
For more on how zero knowledge proofs work, see “How Does Zcash Enable Private Transactions? A Detailed Explanation of How zk-SNARKs Work.”
This incident began with a targeted security review of the Orchard circuit. During the review, the researcher Taylor found abnormal circuit behavior and privately reported the findings to the Zcash Open Development Lab (ZODL).
After receiving the report, the development team quickly conducted reproduction testing and confirmed that the issue did present a potential security risk. Because the issue involved Orchard’s circuit verification logic, the team immediately began an emergency response process.
Unlike traditional software vulnerabilities, risks in zero knowledge proof systems often appear at the circuit constraint layer. The circuit defines which behaviors the system allows to be proven as valid, so any design flaw may affect the overall security model.
This incident also shows that in modern zk-SNARKs systems, circuit audits are just as important as cryptographic audits. Even when the underlying algorithms are secure, flaws at the implementation layer can still create risk.
After confirming the vulnerability, the development team did not immediately disclose the details publicly. This approach follows the responsible disclosure practices commonly used in the security industry, with the goal of preventing attackers from using public information before the fix was completed.
To reduce risk, the team first limited the creation of new Orchard outputs and also paused spending of funds already held in the Orchard shielded pool.
This did not mean that the entire Zcash network stopped operating. Transparent addresses and the Sapling shielded pool continued to work normally during the upgrade, so users could still complete some transaction activities.
This layered privacy architecture improved the network’s resilience during a security incident and allowed the development team to complete the fix without disrupting the entire ecosystem.
After confirming the vulnerability, the Zcash community adopted a phased upgrade strategy. The first stage was an emergency soft fork, designed to quickly limit potential risk and prevent affected transactions from continuing to enter the network.
After the soft fork took effect, nodes began enforcing new validation rules to stop risky Orchard operations from continuing to propagate. This stage mainly served as a temporary protection mechanism.
Because the issue involved Orchard’s circuit verification key, a protocol level update was still ultimately required. The development team then released an upgraded version containing the new verification key and formally activated the new protocol rules through a hard fork.
The full upgrade process involved not only the development team, but also miners, node operators, exchanges, and infrastructure service providers, all of whom needed to complete software upgrades. This kind of coordination is an important part of public blockchain network governance.
This incident brought several organizations within the Zcash ecosystem to the attention of many users for the first time.
Shielded Labs is an independently operated organization that supports the Zcash ecosystem and has long participated in protocol research, security audits, and privacy technology development. It is mainly funded through community donations and is not part of the Zcash Foundation or ZODL.
Zcash Open Development Lab (ZODL) is responsible for core protocol development and maintenance. In this incident, ZODL handled vulnerability verification, patch development, and network upgrade coordination.
The Zcash Foundation is a nonprofit organization that supports the long term development of Zcash. Its responsibilities include infrastructure development, community governance, and support for the open source ecosystem.
The participation of multiple independent organizations in protocol development helps reduce single point risk and improves the network’s transparency and long term sustainability.
Orchard is Zcash’s current third generation privacy pool and an important application of the Halo 2 zero knowledge proof system. Compared with Sprout and Sapling, Orchard offers further improvements in performance, scalability, and long term upgradeability.
A security review of the Orchard circuit uncovered a potential vulnerability. The Zcash community then completed the fix through responsible disclosure, feature restrictions, soft fork protection, and a hard fork upgrade, restoring Orchard to normal operation.
Sapling mainly addressed the efficiency problems of earlier private transactions, while Orchard is built on Halo 2 and further improves scalability, upgradeability, and future compatibility.
Publicly disclosed information indicates that there were no known losses of funds in this incident. The vulnerability was discovered during a security review and fixed before any potential attack occurred.
The development team needed to prevent the vulnerability details from being exploited after public disclosure, so Orchard functions were temporarily restricted to keep the network secure during the upgrade.
Transparent addresses and the Sapling shielded pool continued to operate normally during the upgrade. As a result, only Orchard related functions were affected, not the entire Zcash network.





