Following an emergency security fix by Zcash, market sentiment clearly improved. The Zcash Foundation subsequently released Zebra 4.5.3 and 5.0.0, addressing critical vulnerabilities in Orchard zero-knowledge proof circuits and restoring related network functionality. After the upgrade announcement, ZEC rose by more than 10%.
Pause Orchard first, then restore functionality.
The foundation adopted a two-step approach. The first step was to release Zebra 4.5.3, temporarily disabling Orchard operations through an emergency soft fork to prevent further risk escalation. The second step was to bring Zebra 5.0.0 online and activate NU6.2, reconnecting the corrected circuitry to the mainnet.
The foundation stated that node operators should upgrade to Zebra 5.0.0 as soon as possible. If the upgrade cannot be completed before NU6.2 activation, Zebra 4.5.3 should be used first to ensure that they remain on the correct chain during the transition period.
The vulnerability could lead to internal double-spending in Orchard.
The issue was first discovered by independent security researcher Taylor Hornby on May 29. During a protocol audit supported by Shielded Labs, he located a soundness vulnerability in the halo2_gadgets component of Orchard circuitry.
According to the foundation, such vulnerabilities could allow the system to accept invalid transactions or invalid state changes. In this case, if exploited, an attacker could theoretically initiate double-spending within the Orchard pool. However, Zcash's turnstile mechanism still protects the total supply of ZEC, preventing any additional issuance.
Soft forks and hard forks occurred one after the other.
The development team began private coordination with miners and exchanges on May 31. After an early activation attempt encountered deployment issues, engineers released a patch and set the target block height to 3,363,426. The soft fork finally took effect around 02:00 UTC on June 2.
During the soft fork phase, Zebra 4.5.3 will temporarily reject blocks and transactions containing Orchard operations. This is done to buy time for a complete fix without disclosing too many vulnerability details. Sapling and transparent transactions will continue to function during the event.
At 00:05 EDT on June 3, NU6.2 was officially activated. This hard fork re-enabled Orchard operations and updated the required verification keys. Due to changes in the proof circuitry itself, this fix could not be achieved with a regular software patch and therefore required a hard fork.
Zebra 5.0.0 activates NU6.2 at block height 3,364,600 on the mainnet, and at block height 4,052,000 on the testnet. After the upgrade, the network also adds a new consensus rule that rejects Orchard bundles containing non-canonical proof sizes starting from the activation height, thus completely patching previous vulnerabilities.
The foundation stated that it found no signs of exploitation.
The Zcash Foundation stated that the vulnerability was patched before any known exploits occurred, and there is currently no evidence of unauthorized value creation. The Foundation also stated that user privacy was not affected throughout the response process.
The foundation also specifically thanked researcher Taylor Hornby, Shielded Labs, the ZODL engineering team, Zebra contributors, as well as miners, node operators, exchanges, wallet service providers, and infrastructure teams, stating that the network recovery relied on the collaboration of multiple parties.
