Ripple CTO Emeritus David Schwartz weighed in on the Zcash situation on June 7, offering a cautious reassurance to ZEC holders after a critical vulnerability was revealed in the Orchard shielded pool.
His message was straightforward: users who do not move their funds are unlikely to lose them—assuming the flaw was never exploited. That assumption, however, is doing most of the heavy lifting.
At the center of the issue is a fundamental contradiction. The Orchard bug—patched through an emergency NU6.2 hard fork on June 2—may have enabled the undetectable creation of counterfeit ZEC for nearly four years.
Because of Zcash’s privacy-focused design, developers cannot definitively prove whether the exploit was ever used. The same cryptography that protects user anonymity also prevents a full audit of the token supply. Schwartz’s statement is technically correct, but it cannot offer certainty.
Markets reacted sharply to that ambiguity. Following the May 29 disclosure, ZEC dropped more than 30% in a single session, briefly hitting its lowest level in weeks.
Importantly, the sell-off was not driven by confirmed misuse, but by the inability to rule it out—a type of risk that is far more difficult to quantify.
The key question is what Schwartz’s comments actually mean for holders, and whether they change the broader risk outlook.
Discover: The Best Crypto to Diversify Your Portfolio
What the Orchard Vulnerability Means
The Orchard pool, introduced with Network Upgrade 5 (NU5) in May 2022, represents Zcash’s most advanced privacy layer, built using Halo 2-based zk-SNARKs that eliminated the need for trusted setups.
The flaw originated from an under-constrained component in the elliptic-curve multiplication logic within the halo2_gadgets library. In practical terms, this allowed specially crafted inputs to bypass verification checks and generate counterfeit ZEC that would still appear valid.
Zcash engineer Taylor Hornby identified the issue on May 29, 2026, reportedly with the help of AI-assisted formal verification. He confirmed a working exploit in a controlled test environment and noted that deploying it on mainnet could have produced unlimited, undetectable ZEC.
The vulnerability window stretched from May 2022 through June 1, 2026—nearly four years. Affected software included halo2_gadgets versions before v0.5.0, orchard before v0.14.0, and zcashd releases from v5.0.0 to v6.12.3.
Developers responded quickly. An emergency soft fork temporarily disabled Orchard transactions, followed by the NU6.2 hard fork on June 2 to fully resolve the issue.
While the vulnerability has now been fixed, it is impossible to retroactively confirm whether the ZEC supply was ever compromised during that period. That uncertainty remains.
Schwartz’s View: Reassuring, But Conditional
The discussion gained traction after crypto commentator Nate (@satorinakamoto) questioned whether Zcash could prove the exploit had never occurred.
Schwartz, co-creator of the XRP Ledger, argued that protocol rules ensure holders retain access to their funds. Even as Orchard is phased out, coins in legacy pools would remain valid and spendable.
However, that reassurance depends on an unprovable condition. If the exploit never happened, funds are safe—but there is no way to confirm that.
Shielded Labs acknowledged this directly, stating there is no cryptographic method to determine whether exploitation took place. Schwartz’s reasoning is sound, but it cannot eliminate that uncertainty.
In effect, two realities coexist: the system may be secure by design, yet unverifiable in hindsight. The market is reacting to that gap—and continuing to price it in.
Discover: The Best Token Presales
