Zcash's Infinite Inflation Bug
Before we get started…if you want to learn more about bitcoin – connect with the Onramp MENA team.
And now, for the weekly roundup…
Last week, Zcash disclosed that its flagship privacy pool had carried a flaw for the better part of four years, one that would have let anyone who found it create ZEC out of nothing, silently, with nothing on the chain to give it away. A security researcher built a working version of the attack and minted counterfeit coins in a test environment to prove it was real.
The hole has since been closed through an emergency upgrade, and ZEC has fallen close to 50% from its high earlier in the week. What cannot be closed is the doubt it leaves behind, because of the way the pool is built, no one can prove whether anyone exploited it before it was fixed. The uncertainty is the real story here, more than the bug.
The pool in question is Orchard, the shielded layer Zcash introduced in 2022, the part of the protocol that hides the sender, the receiver, and the amount of every private transaction. Its security rests on a piece of cryptography called a circuit, which is meant to guarantee that a transaction follows the rules without revealing any of its details. The circuit had a missing constraint. In two places it let a prover slip false values into a check that was supposed to be airtight, so someone could spend the same coins more than once and have the network accept each spend as legitimate, creating ZEC where none had existed and hiding it inside the pool.
The privacy works against its owner here. On an open ledger, fabricated coins leave a mark, an output that does not add up, a balance that suddenly looks wrong, something a node can catch and refuse. Inside Orchard the amounts are encrypted and the proof conceals exactly the information that would expose the fraud. A counterfeit coin and an honest one look identical from the outside. There is no balance to flag and no trail to follow.
The flaw was caught by a researcher named Taylor Hornby, whom Shielded Labs had hired in April to hunt for this kind of problem. Working with a newly released AI model, he found it on May 29, wrote a complete exploit, and generated unlimited counterfeit ZEC in an isolated test before reporting it that night. Over the following days a small group of engineers coordinated quietly with miners and exchanges, froze the pool with an emergency soft fork, and then pushed a hard fork that turned it back on with the circuit repaired.
Step back from Zcash for a moment, because the way this bug came to light casts the longest shadow over the rest of crypto. It was found with the help of one of Anthropic's newest models, and it belongs to a growing run of discoveries like it. Earlier this year Anthropic pointed one of its models at open-source code with no instructions and watched it surface roughly five hundred high-severity vulnerabilities on its own.
In April the company described a still-unreleased model it calls Mythos that autonomously found thousands of zero-day flaws across every major operating system and web browser, among them a seventeen-year-old remote-access hole in FreeBSD and a sixteen-year-old one in a widely used video library that every human reviewer and automated tool had walked past for more than a decade. Anthropic judged the model too dangerous to release and has kept it inside a restricted program. By the company's own description, the same capability that lets these models repair software is what lets them break it, and that capability is climbing quickly.
For crypto the implication runs in one direction. Most of the altcoin world is built on young and intricate cryptography, new proof systems, custom circuits, sprawling smart contracts, the large and novel attack surface these tools take apart most easily. Orchard survived four years and several expert audits, then gave way in a focused review of a few days once a capable model was aimed at it. Zcash had been here once before, with a separate counterfeiting bug in an earlier shielded design that was quietly fixed in 2018 and, like this one, left no way to know whether it had been used. As the models keep improving, more of this buried, long-lived fragility will come to the surface, and the next person holding the exploit will not always be friendly.
This is where bitcoin's conservatism stops reading as a weakness. Its base layer does very little on purpose. There are no shielded pools and no exotic cryptography, only a small and rigid set of operations that has been refined for more than fifteen years under the most hostile, well-funded scrutiny any software has ever faced, with billions of dollars standing as a permanent bounty for anyone who can break it. The pieces that remain have earned their place by surviving attack, and the attack surface is kept deliberately small. Transparency does the rest.
You do not have to take bitcoin's 21 million limit on anyone's word. Every node recomputes the supply from the first block forward and would reject a single coin minted outside the schedule the moment it appeared. A privacy coin offers no version of that. The best it can give you is the word of its developers that the cryptography was built correctly and the audits were thorough, and this week showed what that word is worth when one assumption fails. It collapsed into "we cannot prove it either way," with the network's own team saying so.
The fix itself is worth a second look. It was fast and competent, and it was also the work of a handful of people. A few engineers confirmed the bug in private, spent a weekend coordinating with miners and exchanges, froze an entire pool, and changed the consensus rules, all before the public knew a thing. The Zcash Foundation said as much in its own account of the response. Three people went straight to the small group of mining pools that run the chain and forced a hard fork through without telling anyone. A small circle was able to quietly halt a major network and rewrite its rules in a matter of days. A system that can be steered that quietly by that few is not as decentralized as it claims to be.
Bitcoin resists exactly that kind of steering, and by design. Its rules are hard to change, so hard that the last serious fight over them dragged on for years because no founder or foundation or group of miners could force the outcome. That stubbornness gets mocked as gridlock, and it is the reason anyone can trust that the supply schedule will hold. The harder the money is to change, the more it can be relied on not to.
For anyone holding a monetary asset, the test is simple. Can you verify what you own? Bitcoin lets you confirm both the total supply and your own coins from first principles, depending on no one, and it does so on a codebase hardened by more than a decade of people trying and failing to break it. A shielded ledger asks you to take its supply on faith, and asks it of a system whose complexity is exactly what the newest tools are learning to pull apart.
Last week was a clean, public demonstration of what that faith is worth on the day it turns out to be misplaced, and you do not get a warning before that day. Bitcoin's supply is the most auditable in the history of money, and its code is among the most battle-tested. It is easy to treat both as technicalities, right up until a altcoin network reminds everyone what their absence costs.
Chart Of The Week
Bitcoin vs. the Top 100 "Cryptocurrencies"
— Fab on X
Quote Of The Week
"For traders and investors looking to take advantage of this type of environment, the key is to watch for when price starts to diverge positively from depressed sentiment. For assets in long-term uptrends, that's when huge percentage gains can happen. This was certainly true for eventual winners like AMZN in the years after the tech bust a quarter-century ago; sentiment was terrible, but price gradually started to diverge upwards, quietly regaining levels that were previously lost and reflecting the long-term underlying growth story."
Podcast Of The Week
Bitcoin For Professionals: What AI, Inflation, and Debt Are Doing To Small Businesses
Running a small business today? AI, inflation, and debt are changing the rules.
Subscribe to Onramp MENA’s YouTube channel to catch new episodes of the Bitcoin For Professionals podcast!
Onramp MENA is an advisory and educational platform dedicated exclusively to Bitcoin.
If Onramp MENA’s offerings align with your needs, or those of someone you know, feel free to schedule a consultation with us here.