In short
- A major bug in Zcash’s Orchard private pool was discovered that could have caused double damage, although no leaks were made.
- The developers planned two emergency procedures: first to close the Orchard event through a temporary soft fork, and then to restore it permanently through a network update.
- ZEC has risen more than 50% in the last 30 days and seems unaffected by the revelations of the crisis.
Zcash Foundation revealed on Wednesday that quietly patched a serious mistake in the secret of the cryptocurrency of the core of the financial process, doing emergency emergency network Loudly after a security researcher discovered an error that would have allowed bad actors to waste money they did not have.
The threat, which was discovered on May 29 by independent security researcher Taylor Hornby, resides in the Orchard Action domain – the secret machine it supports. Zcashsuper private pool. Orchard Pool, which was introduced in 2022, is considered the jewel of the Zcash infrastructure, which does not need a reliable implementation and has a large share of ZEC tokens.
Hornby revealed the bug to Zcash Open Development Lab (ZODL) engineers that night. Within a few hours, a group of protocol developers confirmed the issue and began responding in a private, confidential manner to prevent exploitation before it happened.
The joint preparation took place over five days. The developers first issued an emergency soft fork – essentially a short-term change – that shuts down Orchard services completely while the patch is being completed. Private cooperation with miners and exchanges began on the evening of May 31. The first launch attempt went through the transmission lines, but the second attempt succeeded early Monday morning, stopping all Orchard operations on block 3,363,426.
The permanent fix arrived on Wednesday, when a full network update—dubbed NU6.2—restored Orchard service using a fixed circuit. Such a hard fork was necessary because fixing a zero-knowledge authentication system requires resetting the cryptographic authentication key, a change that cannot be made through ordinary software patches.
Officials say ZEC’s stock is not at risk. Zcash’s “turnstile” system, which tracks the value of all transactions, has confirmed that no illegal currency has been generated. There is no evidence that the virus was ever used.
“Based on the timing and the number of parties involved (devs at ZODL and the Zcash Foundation, miners, exchanges, others), this was the most ambitious network upgrade in Zcash history,” ZODL founder Josh Swihart said. wrote on X.
The foundation encouraged all node users to quickly upgrade to Zebra 5.0.0, the software release that introduces the network management rules.
Following the upgrade, researchers appeared to indicate that the network had not generated blocks in hours, leading to speculation about the downtime. However, experts and researchers have reported that the network is running as normal, but researchers were temporarily affected when they upgraded their nodes.
“Let explorers be just readers. They pull data from the node, capture it, and display it. If a node is uploading or connecting, the explorer is already gone,” block explorer CipherScan wrote on X. “The same chain kept making blocks the whole time. The miners didn’t stop.
The price of Zcash (ZEC) seems to be unaffected by the revelation of the sudden upgrade, while the cryptocurrency continues its recent highs. ZEC is currently up more than 10% over the past 24 hours at a recent price near $629, pushing its 30-day high to over 53%.
ZEC is now up 1,084% over the past year, rising from a recent low of around $700—a price it has come close to matching in recent weeks. Despite this, ZEC remains at its all-time high of $3,191 set in 2016.
Daily Debrief A letter
Start each day with top stories right here, including originals, podcasts, videos and more.
