Single-Day Plunge of 30%, Arthur Hayes Suddenly Liquidates: Why Did ZEC Get Exploded by Security Issues?

foresightnews_apiPublicado a 2026-06-05Actualizado a 2026-06-05

Resumen

On June 5th, Zcash founder Zooko Wilcox disclosed a critical soundness vulnerability in the project's latest Orchard privacy pool. This flaw, found in the elliptic curve multiplication constraints, could allow an attacker to create unlimited counterfeit ZEC within the shielded pool, with transactions appearing valid. The vulnerability was discovered in late May by security researcher Taylor Hornby, who utilized Anthropic's new Opus 4.8 AI model for a targeted audit. The Zcash ecosystem had already performed an emergency network upgrade to patch the issue. However, the detailed disclosure triggered severe market panic, causing ZEC's price to plummet over 30% in a single day. Notably, prominent investor Arthur Hayes announced he had sold his entire ZEC position following the news. The incident starkly challenges the "technological trust" narrative central to privacy coins. Despite years of top-tier cryptographic audits, the bug persisted until uncovered with advanced AI-assisted research. This highlights the growing gap between theoretical perfection and practical implementation in privacy technology. The event serves as a industry-wide warning: in an AI-driven security landscape, the assumption that "undiscovered equals safe" is obsolete. It underscores the urgent need for continuous, proactive security practices combining AI audits, formal verification, and rapid response mechanisms.


Author: Ma He, Foresight News


On June 5th, Zcash founder Zooko Wilcox, along with Jason McGee and Taylor Hornby, published a detailed article disclosing a critical soundness vulnerability in the project's latest privacy layer, the Orchard pool, which could be exploited to create an unlimited amount of counterfeit ZEC in a covert environment.




Although the Zcash ecosystem had already urgently completed a network upgrade to fix the issue, after the detailed impact was disclosed, ZEC's price experienced severe volatility, with a single-day drop exceeding 30% at one point, touching lows around $411.



Zcash has been the absolute star in the privacy coin track over the past six months, surging from around $200 in March this year to a peak of $688. Figures including AllianceDAO co-founder Wang Qiao, Bankless founder David Hoffman, and the "shilling king" Arthur Hayes have all expressed high optimism about its performance.


However, after the vulnerability was discovered, Arthur Hayes tweeted that he had sold his entire ZEC holdings. He stated that after reading the vulnerability details and observing ZEC's 30% pullback, he decided to completely close his position for profit. He mentioned he would continuously re-evaluate and, if subsequent evidence proved his assumptions wrong, would consider buying back at lower prices.


So, what exactly happened with Zcash?


In simple terms, Orchard is a privacy vault within Zcash that is "completely opaque" to the outside; after people deposit funds, neither the outside world nor the blockchain itself knows how much money is inside or who owns it. The vulnerability this time lies in the vault's "verification lock"—this lock was supposed to be extremely rigorous, allowing only legitimate transactions to pass verification. However, due to a loosely written mathematical constraint (akin to a loose gear in the lock), an attacker could forge a key that appears completely legitimate, trick the system, and create new ZEC out of thin air within the vault.


This incident directly challenges the narrative of the privacy coin track that "technological trust is core value."


As the earliest public chain to scale the application of zk-SNARKs for private transactions, Zcash's Orchard pool, activated with the NU5 upgrade in May 2022, has been regarded as a more efficient evolution of the Sapling pool, hosting a large amount of private funds. Now, vulnerabilities discovered by security researchers using the latest AI models are forcing the entire industry to re-examine the gap between privacy technology theory and practice.


Vulnerability Discovery Originated from AI-Assisted Audit


The discovery process of the vulnerability was dramatic.


In April 2026, Shielded Labs hired senior security engineer Taylor Hornby to conduct ongoing security research targeting the Zcash protocol, aiming to discover issues before malicious actors.


On May 28th, Anthropic released the Opus 4.8 model. The next day, Taylor used this model combined with traditional methods to conduct a highly targeted review of the Orchard circuit, discovering the issue: an insufficient constraint in elliptic curve multiplication within the halo2_gadgets crate, allowing attackers to input arbitrary false values into the multiplication operation while verification would still pass. This meant it was possible to construct seemingly fully valid Orchard actions—that is, generate counterfeit ZEC within the Orchard pool, and due to privacy features, on-chain differentiation between real and fake was impossible.


Taylor immediately disclosed the issue to ZODL core engineers, who confirmed the severity of the vulnerability within hours and initiated an emergency response.


The foundation's initial security announcement tried to downplay the severity, describing it as a "double-spend risk," and assured that the "rotation mechanism protected the total supply from inflation," attempting to use "total supply security" to stabilize market sentiment and conceal the harsh reality that the Orchard pool might have already been flooded with counterfeit coins, diluting honest users' assets.


By June 4th, founder Zooko's statement supplemented the fatal details. He candidly admitted that "cryptographically, it is impossible to prove whether the vulnerability had been exploited before the fix," and publicly disclosed the "possibility of infinite ZEC forgery." It was this frank admission by the founder that directly punctured the "safety illusion" maintained by the foundation earlier, triggering the market's panic sell-off.


Zooko


Because if an attacker had, over the past few years, already used the vulnerability to mint 1 million fake ZEC inside the Orchard pool and cashed out by withdrawing to the transparent pool via the rotation mechanism before the fix, the total supply indeed didn't inflate, but the real assets of users within the Orchard pool had already been evaporated and harvested in a targeted manner. Once the rotation limits are announced next week, the Orchard pool will face the largest "bank run" in the history of privacy blockchains, with the assets of users who retreat later being permanently locked.


In the AI Era, "Unfound Vulnerability Equals Security" No Longer Holds True


Orchard, since its activation in 2022, underwent years of security audits by top cryptographers yet still contained bugs, only discovered through targeted research combined with the latest AI tools. This serves as a warning for many privacy solutions (including other ZK privacy projects): theoretically "perfect" mathematical constructs may still have omissions in engineering implementation.


Taylor Hornby's use of Anthropic Opus 4.8 to pinpoint the Orchard flaw in an extremely short time proves that AI can be a powerful aid for white-hat researchers, but also implies that attackers can similarly use similar tools to mine high-value targets faster.


If project teams fail to establish continuous, proactive security review mechanisms, the window from vulnerability discovery to malicious exploitation will shrink dramatically. While Zcash gained the upper hand this time by proactively investing in security research,


for the entire crypto industry, this is more like a collective warning: in the AI-driven security offense and defense race, any reliance on the侥幸心理 of "safe because undiscovered for years" is no longer valid. Only by internalizing AI auditing, formal verification, and rapid response capabilities as standard practices can privacy protocols truly withstand the pressure tests of the new era.

Lecturas Relacionadas

Is the Sharp Decline Over? Let the Data Speak

**Has the Sharp Decline Ended? Let Data Speak** Bitcoin's recent significant drop has placed short sellers in a precarious position. Three concurrent pressures—sustained outflows from ETFs, miners offloading coins to exchanges, and short-term holders capitulating—pushed the price near $63k. The asset fell 13% this week and 21% this month, roughly halving from its all-time high. A critical data point is the extremely crowded short positioning, with a short-to-long ratio reaching 8:1, representing nearly $100 billion in short interest overhead. This creates conditions for a potential short squeeze if selling pressure merely pauses, similar to the event in November 2022 which triggered a 24% rally. The selling pressures are real: spot Bitcoin ETFs have seen a record $5.4 billion outflow over 20 days. Short-term holders moved 53k loss-held BTC to exchanges in a day, and miners sent 24k BTC to Binance, a six-month high. Capital is also rotating towards AI and tech stocks like SpaceX, with $400 billion invested in AI infrastructure recently. However, on-chain data shows accumulation by long-term holders, who added 200k BTC in a month, and institutions/miners have absorbed 1.24 million BTC since 2023. This indicates strong buying beneath the surface. Key levels to watch are the $67k-$70k zone (2021 high & 2024 breakout point). A swift recovery above it suggests a leverage washout; failure could test $60k-$55k. The direction also hinges on ETF flow reversal. Currently, the S&P 500 hits new highs driven by AI, while Bitcoin and DeFi (TVL down from $173b to $73.9b) lag. The most probable path is a grinding basing process between $60k-$58k with continued ETF outflows. A less likely but explosive scenario involves a sudden flow reversal, a surge above $70k triggering a short squeeze, and a rally back above $76k. The immediate trigger depends on when the relentless selling pauses. A final cautionary note questions Bitcoin's correlation: if the high-flying U.S. stock market corrects, will Bitcoin once again miss the rally but not the decline?

foresightnews_apiHace 16 min(s)

Is the Sharp Decline Over? Let the Data Speak

foresightnews_apiHace 16 min(s)

Breaking the Curse of DeFi Cascading Liquidations, Vitalik Proposes a New Solution

**Vitalik Buterin Proposes New DeFi Design to Eliminate Forced Liquidations** Ethereum co-founder Vitalik Buterin has published a proposal for a new decentralized finance (DeFi) architecture aimed at removing the automatic liquidation mechanisms prevalent in current lending protocols. The core idea involves creating synthetic assets using options as building blocks, fundamentally avoiding the抵押借贷结构 that triggers forced sell-offs. The proposal responds to a recurring flaw in DeFi: during sharp market downturns, mass自动清算 of under-collateralized positions can exacerbate price declines, creating systemic selling pressure and market instability, as evidenced by recent crypto market volatility. Buterin's model would split an asset like 1 ETH into two option-like derivatives, P and N, pegged to a price index with a set strike price and expiration. At expiry, an oracle determines the settlement price to allocate the underlying ETH between P and N holders. This design eliminates the "cliff" of instant liquidation. Instead, a position's value would gradually drift from its target peg if not actively rebalanced by the user, transferring the rebalancing decision from the protocol to the user or automated tools. A key advantage is the reduced reliance on high-frequency, real-time oracle price feeds, which are vulnerable to manipulation and errors in current systems. The delayed settlement in the options model allows for more robust, fault-tolerant oracle designs. However, significant challenges remain for practical adoption. High transaction costs (slippage) from frequent rebalancing on automated market makers (AMMs) could erode user funds. The model may not be suitable for stablecoins requiring a strict 1:1 dollar peg, as it inherently allows for value drift. Success would depend on developing new liquidity provisioning models and deep markets for these synthetic assets. The proposal represents a fundamental rethinking of DeFi risk management, challenging the industry to explore alternatives to被动集中平仓 rather than merely optimizing existing liquidation processes. It remains a theoretical framework awaiting implementation and testing by development teams.

foresightnews_apiHace 1 hora(s)

Breaking the Curse of DeFi Cascading Liquidations, Vitalik Proposes a New Solution

foresightnews_apiHace 1 hora(s)

Bitcoin's Decline Marks the Transformation of Crypto

Title: The Decline of Bitcoin Marks the Transformation of Crypto While Bitcoin's price recently fell below $70,000, down approximately 45% from its peak, the broader crypto industry is not following it into decline. Instead, crypto is maturing and evolving beyond its dependence on Bitcoin's price movements. Two of Bitcoin's core functions are being usurped. First, AI has captured its role as the primary speculative asset. AI, with its tangible revenue, explosive demand, and massive capital inflows ($700-830 billion in 2024), is siphoning off the speculative "hot money" that once drove Bitcoin. It also contributes to a sustained high-interest-rate environment, further tightening liquidity for assets like Bitcoin. Second, dollar-pegged stablecoins like USDC and USDT have replaced Bitcoin as the crypto market's foundational currency and primary on/off-ramp. Most trading pairs and on-chain transactions are now settled in stablecoins, severing the historical link where all capital inflows had to pass through Bitcoin first. This decoupling allows projects to thrive based on their own fundamentals rather than Bitcoin's price. Examples include Hyperliquid, an on-chain derivatives exchange with annual revenues of $8-13 billion, and prediction market platform Polymarket, valued at $200 billion with $3.65 billion in annual fees. These projects are evaluated on traditional metrics like revenue and user growth. New opportunities are emerging, particularly around privacy. Privacy coins like Zcash (ZEC) are seeing surging demand, while infrastructure like NEAR enables private, cross-chain asset transfers without requiring users to hold a specific token—privacy becomes a universal service layer. In this new paradigm, stablecoins are the universal cash, various project tokens represent equity, and privacy-enabled cross-chain coordination layers (like NEAR) act as the critical infrastructure connecting a fragmented, multi-chain ecosystem. Bitcoin is now just one asset among many. The era where the entire crypto market moved in lockstep with Bitcoin is over. The industry's health should now be judged by project fundamentals—real revenue, active users, and tokenomics that capture value—and the development of the underlying infrastructure enabling a mature, dollar-denominated crypto economy.

foresightnews_apiHace 1 hora(s)

Bitcoin's Decline Marks the Transformation of Crypto

foresightnews_apiHace 1 hora(s)

After being noticed by IBM, the token of three.ws surged 50 times

IBM's public acknowledgment and collaboration with Solana AI project three.ws sparked a massive 50x surge in its $THREE token. Three.ws is building a "3D Agent Layer" for the internet, aiming to move AI beyond chat interfaces into interactive 3D digital characters that can be embedded on websites. These agents possess bodies (3D models), brains (LLMs), memory, skills, and optional on-chain identities and wallets for payments. The platform's architecture consists of four layers: a Viewer layer for 3D rendering, an Agent layer for AI behavior and skills, an optional Identity layer for persistent profiles, and an Embedding layer for deployment. For monetization, developers can set per-use fees for agent interactions, paid in USDC via the x402 protocol. Key to its enterprise strategy are partnerships with IBM and AWS. Integration with AWS Marketplace provides enterprise billing and deployment channels, while the IBM collaboration aims to combine three.ws's 3D agents with IBM's enterprise AI, cloud services, and Granite models. The challenge remains whether businesses will adopt these embodied AI agents and what utility the $THREE token will ultimately hold within the ecosystem.

foresightnews_apiHace 1 hora(s)

After being noticed by IBM, the token of three.ws surged 50 times

foresightnews_apiHace 1 hora(s)

Lightspark CEO: In Ten Years, Bitcoin Will Be as Invisible as TCP/IP, Yet Power Trillions in Daily Transactions

A decade from now, Bitcoin will function like TCP/IP — invisible yet foundational, supporting trillions in daily transactions globally, according to Lightspark CEO David Marcus. In this future, a coffee shop in Lagos receives instant payment, a manufacturer in São Paulo settles an invoice with a supplier in Ho Chi Minh City, and a freelancer in Bangalore gets paid weekly from an Austin startup — all via Bitcoin's settlement layer, with none of the parties consciously interacting with it. This vision parallels the adoption of open protocols: first driven by necessity where existing systems fail, then scaling rapidly as tools mature and economic benefits become clear. The structural shift begins with wallets. Modern non-custodial wallets, like Spark, allow users to hold dollars, local currency, and Bitcoin in a single address, seamlessly switching between them. This eliminates friction and revolutionizes global custody, moving significant deposits to user-controlled keys not by ideology, but by superior utility. As a result, Bitcoin becomes the default savings layer for billions, as its fixed supply and appreciating value make it a rational choice for savers holding it alongside stablecoins in their everyday wallets. Businesses follow a similar path, from small companies in emerging markets to multinational corporations, holding Bitcoin alongside operational stablecoins. The latest trend is direct Bitcoin transactions for commerce. When both parties hold Bitcoin, transacting in it becomes the simplest option — no conversions, no intermediary currency. This starts in niche areas like high-value B2B settlements but grows as infrastructure makes sending Bitcoin as easy as stablecoins. An accelerating force is AI agents. By 2036, AI agents conducting commerce on behalf of individuals and firms will increasingly choose Bitcoin for settlement. Optimizing for speed, finality, and minimal counterparty risk across jurisdictions, they find Bitcoin's global, neutral, and programmable network ideal for netting and settling obligations. Thus, Bitcoin is becoming the native currency for machine commerce, just as it has become a native savings asset for humans. The global monetary system is being rebuilt from the protocol layer: open infrastructure, default self-custody, Bitcoin settling everything underneath, with stablecoins as the interface. Most users won't think about Bitcoin when they transact — and they won't need to.

foresightnews_apiHace 1 hora(s)

Lightspark CEO: In Ten Years, Bitcoin Will Be as Invisible as TCP/IP, Yet Power Trillions in Daily Transactions

foresightnews_apiHace 1 hora(s)

Trading

Spot
Futuros

Artículos destacados

Cómo comprar ZEC

¡Bienvenido a HTX.com! Hemos hecho que comprar Zcash (ZEC) sea simple y conveniente. Sigue nuestra guía paso a paso para iniciar tu viaje de criptos.Paso 1: crea tu cuenta HTXUtiliza tu correo electrónico o número de teléfono para registrarte y obtener una cuenta gratuita en HTX. Experimenta un proceso de registro sin complicaciones y desbloquea todas las funciones.Obtener mi cuentaPaso 2: ve a Comprar cripto y elige tu método de pagoTarjeta de crédito/débito: usa tu Visa o Mastercard para comprar Zcash (ZEC) al instante.Saldo: utiliza fondos del saldo de tu cuenta HTX para tradear sin problemas.Terceros: hemos agregado métodos de pago populares como Google Pay y Apple Pay para mejorar la comodidad.P2P: tradear directamente con otros usuarios en HTX.Over-the-Counter (OTC): ofrecemos servicios personalizados y tipos de cambio competitivos para los traders.Paso 3: guarda tu Zcash (ZEC)Después de comprar tu Zcash (ZEC), guárdalo en tu cuenta HTX. Alternativamente, puedes enviarlo a otro lugar mediante transferencia blockchain o utilizarlo para tradear otras criptomonedas.Paso 4: tradear Zcash (ZEC)Tradear fácilmente con Zcash (ZEC) en HTX's mercado spot. Simplemente accede a tu cuenta, selecciona tu par de trading, ejecuta tus trades y monitorea en tiempo real. Ofrecemos una experiencia fácil de usar tanto para principiantes como para traders experimentados.

345 Vistas totalesPublicado en 2024.12.12Actualizado en 2026.06.02

Cómo comprar ZEC

Discusiones

Bienvenido a la comunidad de HTX. Aquí puedes mantenerte informado sobre los últimos desarrollos de la plataforma y acceder a análisis profesionales del mercado. A continuación se presentan las opiniones de los usuarios sobre el precio de ZEC (ZEC).

活动图片