"Vô hạn in tiền" lỗ hổng tiềm ẩn bốn năm, đồng privacy ZEC giảm một nửa chỉ trong một ngày
- Quan điểm cốt lõi: Người sáng lập Zcash tiết lộ rằng nhóm quyền riêng tư Orchard của họ từng tồn tại một lỗ hổng giả mạo nghiêm trọng. Mặc dù đã được sửa chữa, nhưng thị trường hoảng loạn bán tháo do lo ngại về sự tồn tại lịch sử của "tiền giả không giới hạn, không thể phát hiện", khiến token ZEC giảm hơn 50% trong ngày, và gây ra một cuộc khủng hoảng niềm tin an toàn toàn diện đối với dự án.
- Các yếu tố then chốt:
- Một nhà nghiên cứu bảo mật vào ngày 29 tháng 5 đã phát hiện một lỗ hổng ràng buộc không đầy đủ trong mạch Orchard, và đã thành công trong việc tạo ra ZEC giả ở phiên bản thử nghiệm tại địa phương, xác nhận đường tấn công.
- Lỗ hổng này được mô tả là "giả mạo ZEC không giới hạn, không thể phát hiện", cho phép tạo ra tài sản từ hư không mà không vi phạm logic giao dịch thông thường.
- Do tính chất riêng tư của Orchard, không thể định lượng hoặc truy vết liệu có ZEC giả từ lịch sử đã chảy vào hay không, và cũng cực kỳ khó chứng minh về mặt mật mã rằng nó đã không xảy ra, dẫn đến sự sụp đổ niềm tin thị trường.
- Đồng sáng lập BitMEX, Arthur Hayes, đã thanh lý toàn bộ vị thế ZEC sau khi lỗ hổng bị phát hiện. Sự rút lui của ông, với tư cách là người thúc đẩy câu chuyện chính, đã làm gia tăng sự hoảng loạn thị trường và sự suy giảm của câu chuyện.
- Cộng đồng cho rằng lỗ hổng đã tiềm ẩn gần bốn năm kể từ khi được kích hoạt vào năm 2022 trước khi được phát hiện với sự trợ giúp của AI, làm lung lay các giả định cốt lõi của Zcash về nguồn cung và an ninh quyền riêng tư, cuộc khủng hoảng niềm tin vượt xa bản thân sự điều chỉnh giá.
Original by Odaily (@OdailyChina)
Author: Asher (@Asher_0210)
Early on June 5, Zcash founder Zooko Wilcox announced that a critical counterfeiting vulnerability had been confirmed in Orchard, the new-generation privacy pool launched by Zcash in 2022. Although Zcash officials emphasized that the vulnerability has been patched and assessed the probability of exploitation as low, it failed to stem the spread of market panic.
Following the news, Zcash's token ZEC experienced a rapid decline, dropping over 30% in a short period; by the afternoon, selling pressure continued unabated, with panic spreading further, pushing the price to around $250 at one point, expanding the intraday drop to over 50%.
After security researcher Taylor Hornby discovered the issue on May 29, he completed vulnerability verification in a local environment and generated a test version of counterfeit ZEC, further confirming the exploit path was executable. Currently, the two biggest points of contention surrounding Zcash are: first, whether counterfeit ZEC has ever existed in the privacy pool over the past four years; second, how the official team can prove that no counterfeit ZEC has flowed into the privacy pool, which is extremely difficult to verify.
Where Does the "Unlimited Minting" of ZEC Come From?
Orchard (Zcash's privacy-protecting "shielded pool") relies on zero-knowledge proof circuits for security, with the core rule being asset conservation: each transaction's output must come from legitimate inputs, and ZEC cannot be created out of thin air. Users can hide balances and transaction amounts, but the system must verify that transactions are valid.
Security researcher Taylor Hornby discovered an under-constrained condition in the Orchard circuit, allowing an attacker to input data that should not pass verification, yet the system might still return a success. In other words, no administrator privileges or node control is needed, and it is not a backdoor vulnerability; as long as the system mistakenly deems the transaction valid, non-existent ZEC could be recorded as legitimate assets within Orchard.
Shielded Labs referred to this as an "unlimited, undetectable counterfeit ZEC."
Vulnerability Patched, but Historical Issues Remain Unresolved
The biggest fear with typical security incidents is the scale of losses, but the most troubling aspect of the Zcash crisis is that the losses cannot be directly quantified.
If the attack occurred on a transparent chain, the market could at least see the attacker's address, fund flows, and affected assets. However, Orchard's transaction amounts, balances, and fund paths are inherently hidden. Once counterfeit ZEC appears within the pool, it is difficult for outsiders to determine whether it remains trapped in Orchard or has gradually leaked out through normal transactions.
More critically, Orchard is not a completely isolated black box. Users can move assets between different pools, allowing real ZEC and potential counterfeit ZEC to mix within the pool.
The Zcash ecosystem can emphasize that there is currently no evidence of the vulnerability being exploited, and can argue that the probability of malicious exploitation is low. But for traders, "no anomalies detected" and "proven to be incident-free" are not the same thing.
This is the core reason for ZEC's expanding decline. Until the question of whether counterfeit ZEC has ever appeared in Orchard is resolved, the credibility of ZEC's supply will remain under a cloud.
Arthur Hayes Liquidates, Triggering Market Confidence Crisis
After the ZEC vulnerability was exposed, BitMEX co-founder Arthur Hayes publicly liquidated his holdings, further amplifying market panic.
Arthur Hayes stated on X platform that he has sold all his ZEC holdings. Hayes said he learned about the attack yesterday but did not realize the conflict with his narrative framework; the 30% drop in ZEC prompted him to rethink and decide to take profits on the entire position. He added that while he believes the possibility of additional minting is extremely low, it cannot be formally proven impossible at the cryptographic level; he will continue to reassess his judgment, and if his assumption is disproven, he will repurchase, hoping to build a position at a lower price; privacy is priceless, and he would not mind buying back at a higher price.
This had a significant impact on ZEC. Over the past period, Arthur Hayes has been a key driver of the ZEC narrative. He was bullish on the long-term logic of privacy assets regaining value amid the expansion of AI, government surveillance, and big tech companies. Therefore, his liquidation is not just a profit-taking move by a major holder, but more like a public downgrade of the current ZEC narrative.
When a leading narrative supporter chooses to exit first, long positions that were supported by faith and expectations become more prone to collective profit-taking and risk aversion.
Community Sentiment Spins Out of Control; ZEC's Price Correction Turns into a Trust Crisis
Possibly influenced by Arthur Hayes' liquidation, community discussions about ZEC quickly shifted from "should I buy the dip" to "can it still be trusted."
On one hand, the community repeatedly emphasized the severity of the vulnerability itself. Compared to the short-term price decline, many users were more concerned that a vulnerability capable of theoretically creating unlimited counterfeit coins had lurked within Orchard for nearly four years. For them, the price drop is just a surface symptom; what truly shook their confidence was that Zcash's core security assumption had been called into question.
On the other hand, the process of using AI to discover the vulnerability further exacerbated distrust. Taylor Hornby, assisted by AI tools, conducted a targeted review of the Orchard circuit, ultimately discovering the vulnerability, writing an exploit program, and generating counterfeit ZEC in a local environment. Although the AI did not complete the audit independently, the community more easily latched onto the narrative that "a critical vulnerability existing for years was identified with the aid of AI in a short time," which quickly spread.
This turned public criticism towards Zcash's development and audit systems. The community questioned why a vulnerability existing since 2022 could go undetected while the mainnet operated for years. If constraints can be missed even in the core privacy pool, how can users trust Zcash's commitments to supply and privacy security?
Therefore, this decline is not merely about profit-taking. Until Zcash provides more convincing proof, no one is truly willing to hold ZEC for the long term.
