$ZEC Drops 60%, Loses $4 Billion After Security Researcher Finds Four-Year-Old Orchard Circuit Flaw Using Claude AI

A critical soundness bug in Zcash's Orchard shielded pool — one that could have allowed silent, undetectable inflation of $ZEC supply — was discovered by security researcher Taylor Hornby of Shielded Labs on May 29, 2026, triggering a sell-off that erased more than $4 billion in market capitalization and sent the token down roughly 60%. The flaw had been live since Orchard launched in May 2022, leaving roughly four years of exposure before a patch was deployed.

What the Bug Actually Did

The vulnerability was a missing constraint in Zcash's Orchard circuit, the cryptographic component underpinning private transactions in the protocol. Without that constraint, a malicious prover could spend the same shielded note more than once while generating a different nullifier each time — effectively counterfeiting ZEC inside the Orchard pool with no on-chain fingerprint to trace. Nullifiers are the mechanism Zcash uses to prevent double-spends; defeating them silently is about as serious as protocol bugs get.

Hornby confirmed the flaw's viability by building a full proof-of-concept in Zcash's local regtest environment. In that test, an Orchard note was doubled repeatedly until a test wallet balance exceeded 10 million ZEC. Those transactions were never broadcast to mainnet or testnet, but regtest applies identical validation rules — meaning the same exploit path was available on the live network for the entire four-year window.

How an AI Agent Found It First

The mechanism of discovery is the part of this story that will draw the most attention in security circles. Hornby built a custom agent framework he called "zcash-full-stack-auditor," powered by Anthropic's Claude Opus 4.8, released just one day earlier on May 28. The agent was configured for maximum effort and pointed directly at the halo2 implementation and Orchard circuit, tasked with hunting soundness and zero-knowledge security flaws.

At approximately 6 p.m. on May 29, one of the audit agents flagged a potential double-spend in Orchard notes. Hornby then used Claude to help write initial proof-of-concept code against a similar circuit before verifying it against the real Orchard circuit. The full PoC, per the official disclosure, took roughly six hours to complete — with the model requiring minimal guidance beyond a few directional hints.

What This Does and Does Not Mean

The framing worth resisting is that AI independently compromised a blockchain protocol. Hornby is a specialist security researcher; the audit was purpose-built and narrowly targeted. What the case does demonstrate is that frontier models are beginning to compress materially the time required to move from hypothesis to working exploit in complex cryptographic systems. For $ZEC holders, the relevant question is a simpler one: who was in a position to run that same audit during the four years the bug sat quietly in the circuit.