6/5/26 Roundup: Zcash's Infinite Inflation Bug
Brian Cubellis | Chief Strategy Officer
Jun 5, 2026
For the better part of four years, a flaw buried in Zcash's main privacy pool would have let anyone who found it mint unlimited ZEC out of thin air, with nothing on the chain to give it away. The bug is now patched. Whether it was ever used is something no one can prove, because the privacy that defines the pool also hides the evidence.
ZEC has fallen close to 50% since the news broke, and the deeper lesson is about why a money you can audit is worth more than one you have to trust. Followed by our standard Chart, Quote, and Podcasts of the Week.
Zcash's Infinite Inflation Bug
Thursday evening, Zcash disclosed that its flagship privacy pool had carried a flaw for the better part of four years, one that would have let anyone who found it create ZEC out of nothing, silently, with nothing on the chain to give it away. A security researcher built a working version of the attack and minted counterfeit coins in a test environment to prove it was real.
The hole has since been closed through an emergency upgrade, and ZEC has fallen close to 50% from its high earlier in the week. What cannot be closed is the doubt it leaves behind, because of the way the pool is built, no one can prove whether anyone exploited it before it was fixed. The uncertainty is the real story here, more than the bug.
The pool in question is Orchard, the shielded layer Zcash introduced in 2022, the part of the protocol that hides the sender, the receiver, and the amount of every private transaction. Its security rests on a piece of cryptography called a circuit, which is meant to guarantee that a transaction follows the rules without revealing any of its details. The circuit had a missing constraint. In two places it let a prover slip false values into a check that was supposed to be airtight, so someone could spend the same coins more than once and have the network accept each spend as legitimate, creating ZEC where none had existed and hiding it inside the pool.
The privacy works against its owner here. On an open ledger, fabricated coins leave a mark, an output that does not add up, a balance that suddenly looks wrong, something a node can catch and refuse. Inside Orchard the amounts are encrypted and the proof conceals exactly the information that would expose the fraud. A counterfeit coin and an honest one look identical from the outside. There is no balance to flag and no trail to follow.
The flaw was caught by a researcher named Taylor Hornby, whom Shielded Labs had hired in April to hunt for this kind of problem. Working with a newly released AI model, he found it on May 29, wrote a complete exploit, and generated unlimited counterfeit ZEC in an isolated test before reporting it that night. Over the following days a small group of engineers coordinated quietly with miners and exchanges, froze the pool with an emergency soft fork, and then pushed a hard fork that turned it back on with the circuit repaired.
Step back from Zcash for a moment, because the way this bug came to light casts the longest shadow over the rest of crypto. It was found with the help of one of Anthropic's newest models, and it belongs to a growing run of discoveries like it. Earlier this year Anthropic pointed one of its models at open-source code with no instructions and watched it surface roughly five hundred high-severity vulnerabilities on its own.
In April the company described a still-unreleased model it calls Mythos that autonomously found thousands of zero-day flaws across every major operating system and web browser, among them a seventeen-year-old remote-access hole in FreeBSD and a sixteen-year-old one in a widely used video library that every human reviewer and automated tool had walked past for more than a decade. Anthropic judged the model too dangerous to release and has kept it inside a restricted program. By the company's own description, the same capability that lets these models repair software is what lets them break it, and that capability is climbing quickly.
For crypto the implication runs in one direction. Most of the altcoin world is built on young and intricate cryptography, new proof systems, custom circuits, sprawling smart contracts, the large and novel attack surface these tools take apart most easily. Orchard survived four years and several expert audits, then gave way in a focused review of a few days once a capable model was aimed at it. Zcash had been here once before, with a separate counterfeiting bug in an earlier shielded design that was quietly fixed in 2018 and, like this one, left no way to know whether it had been used. As the models keep improving, more of this buried, long-lived fragility will come to the surface, and the next person holding the exploit will not always be friendly.
This is where bitcoin's conservatism stops reading as a weakness. Its base layer does very little on purpose. There are no shielded pools and no exotic cryptography, only a small and rigid set of operations that has been refined for more than fifteen years under the most hostile, well-funded scrutiny any software has ever faced, with billions of dollars standing as a permanent bounty for anyone who can break it. The pieces that remain have earned their place by surviving attack, and the attack surface is kept deliberately small. Transparency does the rest.
You do not have to take bitcoin's 21 million limit on anyone's word. Every node recomputes the supply from the first block forward and would reject a single coin minted outside the schedule the moment it appeared. A privacy coin offers no version of that. The best it can give you is the word of its developers that the cryptography was built correctly and the audits were thorough, and this week showed what that word is worth when one assumption fails. It collapsed into "we cannot prove it either way," with the network's own team saying so.
The fix itself is worth a second look. It was fast and competent, and it was also the work of a handful of people. A few engineers confirmed the bug in private, spent a weekend coordinating with miners and exchanges, froze an entire pool, and changed the consensus rules, all before the public knew a thing. The Zcash Foundation said as much in its own account of the response. Three people went straight to the small group of mining pools that run the chain and forced a hard fork through without telling anyone. A small circle was able to quietly halt a major network and rewrite its rules in a matter of days. A system that can be steered that quietly by that few is not as decentralized as it claims to be.
Bitcoin resists exactly that kind of steering, and by design. Its rules are hard to change, so hard that the last serious fight over them dragged on for years because no founder or foundation or group of miners could force the outcome. That stubbornness gets mocked as gridlock, and it is the reason anyone can trust that the supply schedule will hold. The harder the money is to change, the more it can be relied on not to.
For anyone holding a monetary asset, the test is simple. Can you verify what you own? Bitcoin lets you confirm both the total supply and your own coins from first principles, depending on no one, and it does so on a codebase hardened by more than a decade of people trying and failing to break it. A shielded ledger asks you to take its supply on faith, and asks it of a system whose complexity is exactly what the newest tools are learning to pull apart.
This week was a clean, public demonstration of what that faith is worth on the day it turns out to be misplaced, and you do not get a warning before that day. Bitcoin's supply is the most auditable in the history of money, and its code is among the most battle-tested. It is easy to treat both as technicalities, right up until a altcoin network reminds everyone what their absence costs.
CHART OF THE WEEK
Bitcoin vs. the Top 100 "Cryptocurrencies"
— Fab on X
QUOTE OF THE WEEK
"For traders and investors looking to take advantage of this type of environment, the key is to watch for when price starts to diverge positively from depressed sentiment. For assets in long-term uptrends, that's when huge percentage gains can happen. This was certainly true for eventual winners like AMZN in the years after the tech bust a quarter-century ago; sentiment was terrible, but price gradually started to diverge upwards, quietly regaining levels that were previously lost and reflecting the long-term underlying growth story."
PODCASTS OF THE WEEK
Inside Fidelity's 'Get Off Zero' Bitcoin Report | Chris Kuiper
The Last Trade: Chris Kuiper, VP of Research at Fidelity Digital Assets, returns to make the case that this is the worst sentiment he has seen in his decade-plus following Bitcoin even though nothing fundamental has actually broken, why Bitcoin is finally decoupling from the AI-led "everything-but-Bitcoin" rally, how Fidelity's updated "Getting Off Zero" report uses mean variance optimization to show a 90/0/10 stocks-bonds-Bitcoin allocation maximizing the Sharpe ratio at a conservative 25% Bitcoin CAGR assumption, why bondholders have spent decades underwater on a real-return basis, and why the Czech National Bank's small but symbolic Bitcoin position may be the start of central bank adoption.
MSTR Sold Bitcoin as Dimon Declared War on Coinbase
Final Settlement: This week Brian, Michael, and Liam cover MicroStrategy's first Bitcoin sale and the broader DAT unwind, Jamie Dimon's Clarity Act outburst against Coinbase, the AI IPO wave that Michael Burry compares to the 2000 dot-com peak, the CFTC approving Coinbase's first onshore BTC perpetuals, Falcon X's confidential IPO filing, Cash App and SoFi rolling out stablecoins to retail, MasterCard's NY BitLicense, and Binance launching tokenized shares.
CLOSING NOTE
Onramp provides bitcoin financial services built on multi-institution custody. To learn more about our products for individuals and institutions, schedule a consultation to chat with us about your situation and needs.
Until next week,
Brian Cubellis