Zcash Drops Over 50% After Critical Security Flaw Sparks Market Panic

Zcash suffered one of its sharpest declines in recent years after developers disclosed a critical vulnerability in the network’s Orchard privacy pool. The cryptocurrency plunged from around $630 to nearly $250 before recovering slightly, leaving it down more than 50% within two days. The selloff triggered more than $116 million in liquidations across 19,000 traders, making it one of the largest liquidation events in the crypto market this week.

Security Researchers Uncover Counterfeiting Risk

The flaw was discovered by security researcher Taylor Hornby on May 29 while conducting an AI-assisted audit of the Zcash protocol. According to developers, the vulnerability existed since Orchard launched in May 2022 and could have allowed an attacker to create unlimited counterfeit ZEC tokens within the private transaction pool without detection.

Hornby quickly reported the issue to the Zcash Open Development Lab, which deployed a fix through a soft fork before releasing a full network upgrade on June 2.

Uncertainty Remains Despite Rapid Fix

A major concern for investors is that Zcash’s privacy technology makes it impossible to prove whether the flaw was exploited before it was patched. Zcash co-founder Zooko Wilcox acknowledged that there is no cryptographic way to verify whether counterfeit coins were ever created.

The uncertainty prompted some high-profile investors, including BitMEX co-founder Arthur Hayes, to exit their ZEC positions. However, supporters such as Craig Salm and Cameron Winklevoss argued that there is no evidence of exploitation and praised the rapid response from developers.

Focus Shifts to Future Security

Developers are now considering additional upgrades, including a new shielded pool and formal verification systems designed to strengthen security and restore confidence in the network.