Zcash builders are proposing a brand new shielded pool known as Ironwood after a not too long ago patched bug raised considerations about whether or not counterfeit ZEC may have entered circulation unnoticed.
The Zcash Open Growth Lab (ZODL) stated Saturday that it’s working with Tachyon, Valar Group, the Zcash Basis and Shielded Labs on the proposed community improve, which might add formal verification and impartial audits to the Orchard protocol, a privateness system that lets customers transfer ZEC with out revealing transaction particulars.
The proposal would shut the present Orchard pool to new deposits and inner transactions, requiring funds to move by way of a “turnstile,” which serves as an accounting checkpoint, earlier than coming into Ironwood.
The Zcash Basis stated Wednesday that auditors found a vulnerability within the Orchard shielded pool. Builders stated there was no proof that consumer funds had been affected or that Zcash’s whole provide modified.
Auditors at Shielded Labs stated the vulnerability may have allowed attackers to create an infinite quantity of counterfeit ZEC inside Orchard with out detection.
Supply: ZODL
Ironwood may present whether or not counterfeit ZEC existed
In a separate X put up, Shielded Labs stated Ironwood might produce proof about whether or not the Orchard bug was ever exploited, although the proposal doesn’t rely on proving the difficulty retroactively.
If customers migrate from Orchard to Ironwood and no extra ZEC tries to go away the outdated pool, that might be sturdy proof that the vulnerability was by no means exploited, Shielded Labs stated. If extra ZEC tries to go away, the turnstile would reject it, successfully stopping counterfeit cash from coming into the provision.
Associated: Why ZEC fell 40% even after Zcash patched a shielded pool bug
The excellence has been a supply of debate amongst group members. Some questioned whether or not Zcash can show the bug was not exploited with out implying some type of backdoor. Others argued that if Orchard is deprecated and funds can solely go away by way of a turnstile, any extra cash could be trapped even when they existed.
David Schwartz, Ripple’s former chief know-how officer, stated on X that if there have been no exploits, customers would stay secure whether or not or not they transfer their cash. He stated customers who keep within the pool could also be “lonely” there, however their funds would stay secure and accessible.
Zcash 24-hour value chart. Supply: CoinGecko
ZEC traded at $429 on the time of writing. It fell as little as $303 from above $600 when merchants reacted to the vulnerability disclosure on Friday, in line with CoinGecko.
ZODL stated it plans to focus on Ironwood activation for late July 2026, pending testing, evaluate and coordination throughout the Zcash ecosystem.
Journal: Bitcoin miners are pivoting to AI, so why is the hashrate close to ATHs?
