Zcash sets July 28 hard fork to seal Orchard after critical bug
Zcash founder Zooko Wilcox has explained how the network’s July 28 Ironwood hard fork will address uncertainty around a critical flaw in the Orchard shielded pool.
- Zcash will seal the old Orchard pool, limiting how much ZEC can leave after Ironwood.
- Ironwood cannot identify fake coins individually but can stop excess hidden supply from escaping Orchard.
- Temporary exchange and wallet disruptions may occur as providers prepare for Zcash’s July 28 upgrade.
The upgrade will not identify or freeze individual counterfeit coins. Instead, it will seal the old pool and limit how much ZEC can leave.
In a July 19 post on X, Wilcox explained how the planned upgrade would deal with any hidden excess supply if the flaw was exploited before developers patched it. Because Orchard hides transaction details, the network cannot prove that counterfeit ZEC was never created.
Ironwood will seal the vulnerable Orchard pool
Ironwood, also known as NU6.3, is scheduled to activate at block 3,428,143 on July 28. The upgrade will retire the current Orchard pool and introduce a new shielded pool based on the corrected circuit.
According to Zcash’s official Ironwood user update, users will no longer be able to send or receive ZEC inside the old Orchard pool after activation. Funds can leave only through the turnstile, which prevents more ZEC from exiting than legitimately entered.
The Zcash team said it believes the flaw was “unlikely to have been exploited,” but users cannot independently prove no counterfeit ZEC was created. Ironwood aims to trap any excess value inside the old pool rather than allow it to enter wider circulation.
Orchard bug left a supply question Zcash could not prove away
Security researcher Taylor Hornby discovered the Orchard flaw on May 29 while auditing the shielded system. The bug could have allowed an attacker to create counterfeit ZEC inside Orchard without leaving an obvious public record.
As reported by crypto.news, developers first disabled Orchard activity and then restored it through the NU6.2 hard fork with corrected cryptography. No evidence of unauthorized value creation was found, but Orchard’s privacy means past exploitation cannot be ruled out with complete certainty.
Crypto.news later reported that Ironwood would create a fresh shielded pool and use the turnstile to control value leaving the old one. Node operators can then verify that circulating ZEC does not exceed the amount permitted by the network’s monetary rules.
Wallets and exchanges may temporarily pause services
Zcash users do not need to take immediate action before the hard fork. However, wallets, exchanges and other providers may temporarily suspend deposits, withdrawals or related services while completing software upgrades.
The official network guidance says Orchard users will eventually need wallet support to move funds into the new pool. Funds may remain temporarily unavailable in wallets that have not added the required migration tools.
The July 28 activation also follows Zcash’s move away from the legacy zcashd client. Providers still completing that migration may need more time before fully supporting Ironwood.
Zcash adds more security checks after the flaw
The Orchard incident led to wider security work across the Zcash ecosystem. As reported by crypto.news, an AI-assisted review using Anthropic’s Mythos system found no additional serious vulnerabilities after the original flaw was disclosed.
Developers are also pursuing independent audits and formal verification for the updated cryptographic system. The work aims to reduce the risk of another hidden counterfeiting flaw and give users stronger ways to verify Zcash’s supply rules.
Ironwood addresses the unresolved supply question rather than the already-fixed bug itself. By sealing Orchard and controlling withdrawals through the turnstile, the hard fork aims to prevent any hypothetical counterfeit ZEC from entering circulation.