The vulnerability in Orchard remained undetected for four years despite multiple audits.
Ironwood integrates the use of “turnstiles” to audit entries and exits in shielded pools.
Shielded Labs, in collaboration with the Zcash Foundation and other ecosystem players, submitted the Ironwood update proposal to restore the ability of users to independently verify the integrity of the ZEC supply following the discovery of a critical vulnerability in the Orchard pool.
The flaw, active since Orchard’s implementation in May 2022, allowed the creation of unlimited amounts of fake ZECs without leaving a trace. It was not until May 2026 that this was detected bugusing artificial intelligence (AI) tools by researcher Taylor Hornby and forced an emergency update on June 2. Although the team considers it unlikely that this vulnerability has been exploited by a hacker, the privacy properties of the pool prevent it from being verified externally.
ironwood seeks to solve this lack of verifiability. The proposal contemplates the creation of a new pool with the bug corrected, the prohibition of generating new outputs in the old pool and the use of “turnstiles”, an audit and defense mechanism that controls and counts the cryptocurrencies that enter and leave the different groups of private addresses, known as shielded pools. In this way, any user running a node will be able to check the total supply simply adding the balances of the active pools, without the need to wait for mass migrations or rely on third-party evaluations.
On-chain data analyzed by CipherScan reveal that, after the incident, approximately 380,000 ZEC left the Orchard pool. Of that amount, only 47,000 ZEC (0.28% of the total supply) reached exchanges, representing limited selling pressure. At the same time, nearly 118,000 ZECs were shielded during the same period, which suggests that a significant portion of holders did not panic.
However, the episode revives structural questions about Zcash. The high mining concentration (three pools control 79% of the hashrate) allowed the pause of the Orchard pool to be quickly coordinated, but also exposes that effective governance depends on a small number of actors. In this sense, CriptoNoticias reported that Bitcoin developer Peter Todd has repeatedly criticized the decision to integrate zk-SNARKs cryptography directly into the consensus, an attack surface that Bitcoin deliberately avoids by maintaining a simpler design.
The fact that a vulnerability of this magnitude remained undetected for four years, despite multiple audits, remains the main point of skepticism. Although Ironwood represents a necessary technical patch to recover the verifiability of the supply, does not resolve the underlying doubts about whether a protocol that depends on complex cryptography and requires frequent emergency updates can offer the robustness and trust it promises in the long term.