Zcash Contemplates Fresh Shielded Pool Following Counterfeiting Vulnerability
Following the Orchard bug that created supply verification concerns, Zcash developers are considering the implementation of a new shielded pool alongside turnstile accounting measures.
Following a recently remedied Orchard security flaw, researchers and developers working on Zcash are engaged in conversations about whether implementing a fresh shielded pool might help rebuild confidence in supply verification mechanisms.
In a security bulletin released on Friday, Shielded Labs, a Swiss-based independent organization supporting Zcash, indicated it is examining a potential network upgrade proposal. This upgrade would introduce a new shielded pool while enforcing "turnstile accounting" measures for coins transitioning from Orchard. Such an implementation would provide users with enhanced transparency when verifying the legitimacy of assets exiting the pool.
According to the organization, the proposal remains under consideration and requires additional clarification alongside community input. Shielded Labs announced its intention to release a subsequent post in the coming week, detailing the technical implementation of the upgrade and outlining potential compromises that might be necessary.
In a distinct post on X, Josh Swihart, founder of Zcash Open Development Lab (ZODL), indicated that theoretically, a secondary Orchard pool could be incorporated into Zcash's NU7 upgrade scheduled for late July. Nevertheless, he clarified that he was refraining from committing to a definitive stance regarding whether the community ought to proceed with constructing a second Orchard pool.
These conversations emerged following an urgent Zcash upgrade that addressed an Orchard security flaw. According to Shielded Labs, this vulnerability potentially enabled the creation of fraudulent ZEC tokens within the pool, although the organization assessed that prior exploitation was improbable.
Cointelegraph contacted ZODL, the Zcash development team and Shielded Labs seeking additional commentary but had not received responses at the time of publication.
ZEC experiences decline following vulnerability announcement
Within the security bulletin, Shielded Labs explained that the Orchard security weakness could have permitted a malicious actor to generate unlimited quantities of counterfeit ZEC tokens within the Orchard pool. The organization noted that no cryptographic method exists to definitively prove whether exploitation occurred prior to the fix's implementation, though their assessment suggests prior exploitation remains unlikely.
As documented in Cointelegraph's Wednesday coverage, Zcash developers briefly halted Orchard transactions upon discovering the security flaw and subsequently reinstated functionality via an emergency network upgrade.
Following the team's public announcement of the vulnerability on Friday, ZEC experienced a dramatic decline of approximately 50%, dropping from a daily peak of $550.30 to a low point of $264.80, based on data from CoinGecko. At the moment of writing, the token had rebounded to $308.07, though this remained substantially below its Friday peak.
Despite the market downturn, certain community participants voiced support for the team's handling of the situation. Justin Bons, who serves as founder and chief investment officer at CyberCapital, characterized the market's response as excessive, noting that the vulnerability had been resolved and "the good guys caught it first."
Cameron Winklevoss, co-founder of Gemini, suggested the discovery demonstrated Zcash's commitment to investing in security research rather than serving as cause for concern. He contended that bugs are an unavoidable aspect of layer-1 networks, emphasizing that the critical question is whether development teams can identify and remediate vulnerabilities before malicious actors exploit them.
Formal verification becomes focal point in security conversation
The episode sparked renewed dialogue surrounding formal verification, a methodology that employs mathematical proofs to validate whether software or cryptographic circuits conform to their designated specifications.
Sean Bowe, a Zcash developer and cryptography researcher, explained that shielded protocols deliver privacy through reliance on cryptographic assumptions to maintain supply integrity. He argued that the sustainable solution involves making shielded protocols and their technical implementations formally verifiable.
Swihart expressed alignment with this perspective, characterizing the Orchard vulnerability as a defect in the circuit's manually written rules rather than a fundamental flaw in the underlying cryptography. He suggested that formal verification methodologies could streamline human review down to a precise specification and enable computational systems to verify whether the circuit adheres to those established rules.
Wei Dai, who holds a research partner position at blockchain venture firm 1kx, also commented via an X post that the Orchard circuit bug seemed "obvious in retrospect" despite being overlooked by conscientious protocol designers, cryptographers and security auditors. He concluded that broadening formal verification coverage represents "probably the only long-term solution."