A critical flaw in Zcash's Orchard privacy pool, the system that lets people send the ZEC cryptocurrency while hiding amounts and parties, could have let an attacker mint unlimited counterfeit coins without detection. Security researcher Taylor Hornby, hired by developer Shielded Labs to probe the code, found it on May 29 using Anthropic's Claude Opus 4.8 model paired with a custom auditing tool, and wrote a working exploit within a day. The bug had survived four years and multiple expert reviews. An emergency fix shipped by June 1. Because the pool hides balances, there is no way to prove whether anyone exploited it earlier.