Price:

BITCOIN

Zcash developers hide inflation bug, freeze pool in secret soft fork

Monday, June 8, 2026 · from 2 podcasts
Bitcoin AndRabbit Hole Recap
  • A secret soft fork patched a Zcash bug that allowed infinite, undetectable counterfeiting.
  • Developers froze an entire privacy pool, locking user funds without transparent disclosure.
  • The move proves central control, collapsing trust in the network's privacy and decentralization claims.

The Zcash crisis isn’t just about a bug - it’s about the cover-up. Security engineer Taylor Hornby discovered a flaw in the Orchard shielded pool that allowed for the infinite minting of counterfeit tokens. Because the privacy protocol obscures transaction details, there’s no cryptographic way to prove the bug wasn’t exploited before the June 3 hard fork.

Instead of a public alert, the development team coordinated with a handful of dominant miners to execute a quiet soft fork, freezing the entire privacy pool. This locked users' funds and prevented them from exiting via the protocol's required turnstile mechanism, potentially leaving the last users in the pool with worthless tokens.

"If three people can freeze billions in a midnight meeting with miners, the privacy claims are a facade."

- Marty Bent & Matt Odell, Rabbit Hole Recap

Arthur Hayes dumped his entire Zcash position following the disclosure. The market cap collapsed by $3 billion as investors grappled with the reality that a currency’s supply integrity had shifted from a matter of math to a matter of faith. The bug confirms a long-standing critique from Bitcoin advocates: if you can't audit the supply, you don't actually own anything.

On Rabbit Hole Recap, hosts argue the team’s subsequent pivot to calling the flaw a “soundness bug” is semantic gaslighting. The incident demonstrates the project’s fragility and single point of failure, turning its core privacy feature into an existential risk.

"Because of the protocol's inherent opacity, there is no cryptographic way to prove the bug wasn't exploited."

- Taylor Hornby, Bitcoin And

The question now is whether any privacy coin can survive a fundamental breach of trust when its very design prevents verification.

#Privacy#Adoption#Markets
BitcoinZcash

Source Intelligence

- Deep dive into what was said in the episodes

Bitcoin And | Bitcoin & Economic News
Bitcoin And | Bitcoin & Economic News

Zcrash | Bitcoin NewsJun 5

  • BitMEX co-founder Arthur Hayes sold his entire Zcash position due to the exploit, stating the Holy Trinity is dead, referencing ZEC, Hyperliquid, and NEAR Protocol. He remains a Bitcoin holder.
  • Saylor's firm, MicroStrategy, sold 32 Bitcoin in early June, breaking a no-sale streak since late 2022. The firm also repurchased $1.5 billion of its convertible notes at an 8% discount, reducing its outstanding debt.
  • Bernstein projects aggregate AI revenue for covered mining firms will rise from $1.2 billion in 2026 to $10.7 billion by 2030. TeraWulf is forecast to hit $1.7 billion in AI revenue with 84% EBITDA margins.
  • Major equity indices faced steep declines, with the NASDAQ down 4.3% and the S&P 500 down 2.3%. Bitcoin traded near $59,330 with a market cap of $1.19 trillion and a network hash rate of 905 exahashes per second.
  • Oil and metals saw broad declines, with West Texas Intermediate crude down 2.5% to $90.66, gold down 3.6%, and silver down 7.8%. Rough rice was a rare commodity in the green, up 0.48%.
Also from this episode: (5)

Big Tech (1)

  • Zcash's price fell 30% after security engineer Taylor Hornby disclosed a critical vulnerability in its Orchard pool that allowed unlimited counterfeit ZEC creation. The bug existed since May 2022 and was patched via a hard fork on June 3.

BTC Markets (1)

  • Michael Saylor framed Bitcoin's 22.7% drop as capital rotation into AI infrastructure, not a fundamental impairment. He cited $400 billion in AI buildout funding over six months and $4 billion in Bitcoin ETF outflows since May 14.

Banking (1)

  • JP Morgan, Bank of America, and Citi plan to launch a shared tokenized deposit network called the Bridge or the Chain by 2027. The Clearinghouse will operate it to counter stablecoin competition and retain deposits within the banking system.

Mining (1)

  • Bernstein analysts argue Bitcoin miners are becoming power landlords for the AI boom, having signed 17 deals worth over $110 billion to provide six gigawatts of power to companies like Google and Microsoft.

Coding (1)

  • Anthropic reported its AI model Claude now authors over 80% of code merged into its codebase, increasing engineer output eightfold since 2024. The firm notes this trend points toward possible recursive self-improvement where AI designs its successors.
#BTC Markets#Banking#AI Infrastructure#Privacy#Stablecoins
Rabbit Hole Recap
Rabbit Hole Recap

RABBIT HOLE RECAP #412: STAY HUMBLE AND STACK SATSJun 4

  • A Zcash developer team found an undetectable infinite inflation bug in its newest privacy pool, froze the pool via a soft fork, and forced a hard fork to fix it without full transparency, creating a potential bank run scenario.
  • The hosts view Zcash's centralized response - where three people could freeze a pool holding billions of dollars - as proof of its inferior censorship resistance compared to Bitcoin.
  • Marty claims it was an open secret in New York circa 2016-2017 that an inflation bug on Monero was being exploited to buy more Bitcoin, though it can't be proven.
  • Treasure disclosed a laser fault injection attack vulnerability in its open-source Tropic 01 secure element chip but asserts user funds in the Treasure Safe 7 are safe because it requires compromising a second, closed-source secure element.
  • The Blockchain Association's letter supporting the Digital Asset Market Clarity Act is signed by over 60 former national security and law enforcement officials, which the hosts see as a negative signal that the bill expands financial surveillance.
  • Marty argues KYC/AML regulations are primarily a facade for tax enforcement, not crime prevention, citing the $600 Venmo reporting threshold as a tool to ensure plebs pay taxes.
  • Cala announced a trust-minimized Cashu mint using a trusted execution environment, where mint keys are generated within a secure enclave, preventing operator inflation or access to Bitcoin reserves.
  • Strike added phishing protection via in-app code words, a practical update given email leaks from other services like Ledger.
Also from this episode: (7)

BTC Markets (4)

  • Marty notes Bitcoin's price has dropped to early February levels, with WTI oil prices 50% higher now than when Bitcoin was at similar prices back then.
  • MicroStrategy sold 32 BTC for $2.5 million, which hosts speculate was a round-number decision to cover dividend obligations, not a significant meme amount.
  • The hosts argue Stretch and SATA bonds are not risk-free, pointing out they recently traded at discounts to par ($95.52 and $96.54) and carry significant counterparty risk dependent on Michael Saylor's priorities.
  • Prediction markets like Polymarket have an unsolvable oracle problem, highlighted when it ruled a 'yes' bet on a MicroStrategy Bitcoin sale as 'no' because the sale was announced after the contract deadline.

Custody (1)

  • Marty argues on-chain data dashboards are increasingly irrelevant because a huge portion of the Bitcoin market is now held in custodial accounts, not self-custody wallets.

Payments (1)

  • The hosts speculate recent US sanctions seizures targeting Iranian crypto exchanges likely involved freezing stablecoins like Tether through backdoor portals, not seizing Bitcoin.

AI & Tech (1)

  • Anthropic's fundraising claims that AI development is accelerating, with Claude now writing code at parity with humans and achieving a 52x speed-up on a model optimization task in May.
#Privacy#Regulation#Macro#BTC Markets

Related Stories