Zcash developers laid out a plan to replace the network's main privacy pool after auditors found a flaw that could have let an attacker mint counterfeit ZEC without detection. The proposed replacement, called Ironwood, would close the existing Orchard shielded pool and force every coin to pass through an accounting checkpoint before it can move again. Cointelegraph reported the proposal on June 8, 2026.
The plan comes from the Zcash Open Development Lab, working with Tachyon, Valar Group, the Zcash Foundation, and Shielded Labs. It is the first concrete fix since the Orchard bug surfaced, and it tries to answer the question that has hung over ZEC since disclosure: whether the network's supply can still be trusted.
The bug behind the rebuild
Orchard is the shielded pool that hides sender, receiver, and amount on Zcash transactions. That privacy comes from zero-knowledge proofs, and the strength of the whole system rests on those proofs being sound. Auditors found they were not. The flaw could have allowed an attacker to create an unlimited amount of fake ZEC inside the shielded pool, where the counterfeit coins would be indistinguishable from real ones.
No evidence has surfaced that anyone exploited it or that the circulating supply changed. The risk was structural rather than confirmed, but for a coin whose pitch is verifiable scarcity behind a privacy screen, the mere possibility was enough. ZEC fell from above $600 to as low as $303 after the disclosure and traded around $429 at the time Cointelegraph published.
The turnstile is the whole point
Ironwood's central feature is a turnstile, an accounting gate that all Orchard funds must pass through before entering the new pool. The turnstile checks that the value coming out of Orchard matches what should be there, so any counterfeit coins minted under the old flaw cannot cross into Ironwood.
There is a second benefit the teams flagged. Forcing every coin through a measured checkpoint creates a public reckoning of how much actually exits Orchard. Shielded Labs said Ironwood "may produce evidence about whether the Orchard bug was ever exploited." If more value tries to leave than was legitimately deposited, that gap becomes visible. It turns a migration into an audit.
The old Orchard pool would close to new deposits and internal transactions once Ironwood is live. Holders who keep funds in Orchard would need to migrate them through the turnstile to keep spending, which means the cleanup is not optional for active users.
Formal verification this time
The teams said Ironwood would ship with formal verification and independent audits, the steps meant to catch exactly the class of error that slipped through in Orchard. Formal verification uses mathematical proof to show that the circuit behaves as specified, rather than relying on testing alone to surface bugs. That is a direct response to how the original flaw went unnoticed long enough to become a network-wide concern.
Activation is targeted for late July 2026, pending testing and coordination across wallets, exchanges, and node operators. That timeline is tight for a change that touches the core of how Zcash keeps balances private, and slippage would not be surprising given how many parties have to update at once.
For holders, supply trust is the asset
A counterfeiting bug in a privacy pool is a different kind of risk than an exchange hack or a depeg. There is no single attacker to point at and no public ledger entry to undo, because the whole design hides the amounts. The defense has to be built into the protocol, which is why the response is a new pool rather than a patch and a refund.
For anyone holding ZEC in self-custody, the practical takeaway is that the value of a privacy coin depends on trust that its supply is what the protocol claims. That trust is now being rebuilt in public, with a checkpoint that doubles as a forensic tool. It is also a reminder that audits are not a one-time box to tick. The flaw was found by auditors after the fact, and the fix leans on more of them.
The episode tracks a broader theme this year of code review catching deep cryptographic bugs that humans missed for years, which raises the bar for what counts as a secure protocol launch. For users who spend crypto rather than just hold it, the lesson carries across assets: understand who can change the rules of an asset, and how visible those changes are, before relying on it.
Overview
Zcash developers proposed Ironwood, a new shielded pool that would replace the flawed Orchard pool and force all funds through a turnstile checkpoint to restore supply verification. The Orchard bug could have minted counterfeit ZEC undetected, though no exploit has been confirmed; ZEC fell from above $600 to as low as $303 after disclosure and traded near $429 when the proposal was reported. Ironwood would add formal verification and independent audits, close Orchard to new activity, and target a late July 2026 activation. The turnstile may also reveal whether the bug was ever used.
