A critical $ZEC vulnerability went undetected for nearly four years before it was finally uncovered through AI-assisted security research.
The flaw could have enabled counterfeit ZEC to be created within Zcash’s private Orchard pool. Although the issue has now been patched and there is no confirmed evidence of exploitation, Zcash’s privacy design also makes it extremely difficult to determine whether the bug was ever abused.
That uncertainty is exactly why the market reacted so sharply. The concern isn’t confirmed losses, but the possibility that the circulating supply may have been compromised, with no definitive way to verify it.
Another notable part of this story is how the vulnerability was found. After surviving years of audits and security reviews, it was ultimately identified with the help of AI-assisted analysis, showing how AI is becoming an increasingly valuable tool for detecting issues that traditional review processes can miss.