Zcash developers are exploring deployment of a new shielded pool following an emergency upgrade that patched a vulnerability in Orchard, the network's latest shielded transaction system. Shielded Labs, a Swiss-based Zcash support organization, said in a Friday security update that the vulnerability could have allowed creation of unlimited counterfeit ZEC within the Orchard pool, prompting discussion of a network upgrade with turnstile accounting for coins moving out of Orchard. The proposed upgrade aims to restore confidence in supply verification after the bug, which has no cryptographic proof of whether it was exploited before being fixed, though Shielded Labs said prior exploitation is unlikely.
ZEC Dropped 50% Following Vulnerability Disclosure
ZEC fell about 50% on Friday after the vulnerability was publicly disclosed, dropping from a daily high of $550.30 to as low as $264.80, according to CoinGecko data. The token later recovered to $308.07, but remained far below its Friday high.
Justin Bons, founder and chief investment officer of CyberCapital, said the market was overreacting because "the good guys caught it first." Gemini co-founder Cameron Winklevoss defended the response, saying the discovery reflected Zcash's investment in security researchers rather than a reason for panic. He argued that bugs are inevitable in layer-1 networks and that the key issue is whether teams can find and fix them before attackers do.
Shielded Labs Proposes Turnstile Accounting for Orchard Coins
Shielded Labs said in its Friday security update that it is exploring a proposed network upgrade that would deploy a new shielded pool and apply turnstile accounting to coins moving out of Orchard. The proposal is not final and remains subject to further explanation and community review, with a follow-up post planned next week to explain how the upgrade would work and what tradeoffs it could create.
The core issue is supply assurance. Shielded Labs said there is no cryptographic way to prove whether the bug had been exploited before it was fixed. The group said it believes prior exploitation is unlikely, but the inability to prove non-exploitation is what makes the proposed turnstile mechanism important. Turnstile accounting would create a verification boundary for coins moving from the affected pool into a new shielded pool or other parts of the network.
Developers Discuss Formal Verification as Long-Term Solution
Zcash developer and cryptography researcher Sean Bowe said the long-term answer is to make shielded protocols and their implementations formally verifiable. Zcash Open Development Lab founder Josh Swihart said the Orchard vulnerability was a flaw in the circuit's handwritten rules rather than in the underlying cryptography.
Wei Dai, a research partner at blockchain venture firm 1kx, said the Orchard circuit bug appeared "obvious in retrospect" but had been missed by protocol designers, cryptographers, and auditors. He said expanding formal verification coverage is "probably the only long-term solution."
NU7 Upgrade Targeted for End of July
Josh Swihart said separately that a second Orchard pool could, in principle, be targeted for Zcash's NU7 upgrade at the end of July. He said he was not taking a fixed stance on whether the community should build that second pool. Shielded Labs said a follow-up post is planned next week to explain how the upgrade would work.
FAQ
What vulnerability did Zcash patch in Orchard?
Shielded Labs said the vulnerability could have allowed a bad actor to create an unlimited amount of counterfeit ZEC within the Orchard pool. The flaw was addressed through an emergency Zcash upgrade.
How much did ZEC fall after the vulnerability was disclosed?
ZEC dropped about 50% on Friday, falling from a daily high of $550.30 to as low as $264.80 according to CoinGecko data. It later recovered to $308.07 but remained far below its Friday high.
When is Zcash's NU7 upgrade scheduled?
Zcash Open Development Lab founder Josh Swihart said the NU7 upgrade is targeted for the end of July, which could in principle include a second Orchard pool if the community supports the proposal.
