{"id":13470,"date":"2026-06-09T05:03:46","date_gmt":"2026-06-09T05:03:46","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/06\/09\/critical-zcash-vulnerability-found-and-fixed-html\/"},"modified":"2026-06-09T05:03:46","modified_gmt":"2026-06-09T05:03:46","slug":"critical-zcash-vulnerability-found-and-fixed-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/06\/09\/critical-zcash-vulnerability-found-and-fixed-html\/","title":{"rendered":"Critical Zcash Vulnerability Found and Fixed"},"content":{"rendered":"\n
Critical Zcash Vulnerability Found and Fixed<\/div>\n

\t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

If you\u2019re a user\u2014owner?\u2014of this cryptocurrency, this<\/a> is important:<\/p>\n

\n

On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash Orchard privacy pool using Claude Opus 4.8. The Zcash team hired Hornby specifically to look for this kind of issue. He found one fast enough to be embarrassing.<\/https:><\/p>\n

The Orchard pool is the newest and most advanced shielded transaction system in the cryptocurrency Zcash. Introduced in 2022, it allows users to send and receive ZEC while keeping transaction details private. It uses zero-knowledge proofs to validate transactions without revealing amounts or participants. The bug: a specific check that was supposed to validate transaction inputs wasn\u2019t actually enforcing the rules it appeared to enforce. An attacker could have exploited the flaw to feed false inputs into that check and generate ZEC from nothing, with the zero-knowledge proof system blessing the fraudulent transaction as valid.<\/p>\n<\/blockquote>\n

It\u2019s fixed; that\u2019s the good news. The bad news is that there\u2019s no way of knowing if anyone exploited the vulnerability to steal money. And this fragility is the fundamental problem that makes blockchain such a bad idea.<\/p>\n<\/div>\n

\t

\n
<\/BR>
\n Bruce Schneier
\n \t

\n
<\/BR>
\nGo to bruce schneier<\/a>
\n \t

\n
<\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"

Critical Zcash Vulnerability Found and Fixed If you\u2019re a user\u2014owner?\u2014of this cryptocurrency, this is important: On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash Orchard privacy pool using Claude Opus 4.8. The Zcash team hired Hornby specifically to look for this kind of issue. He found one fast enough to […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[167,2164,57,282,1,416],"tags":[87],"class_list":["post-13470","post","type-post","status-publish","format-standard","hentry","category-ai","category-blockchain","category-bruce-schneier","category-cryptocurrency","category-uncategorized","category-vulnerabilities","tag-bruce-schneier"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/13470"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=13470"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/13470\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=13470"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=13470"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=13470"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}