The Zcash network executed an emergency soft fork on Sunday night after developers discovered a critical security vulnerability in the Orchard shielded pool, the protocol’s most advanced privacy layer.
The coordinated upgrade activated at mainnet block height 3,363,426 at approximately 02:00 UTC on June 2, 2026, and required miners across the network to temporarily stop mining all Orchard-related transactions while the protocol-level fix was rolled out.
The Zcash Open Development Lab (ZODL) confirmed the incident in an official announcement posted on the Zcash Community Forum, stating that the issue was discovered over the weekend during routine auditing and security reviews.
The vulnerability was caught before any known exploitation took place. ZODL emphasized that privacy protections remain intact and that all user funds are safe.
The protocol-level change first took effect at 22:30 EDT on June 1, 2026. Orchard transactions are expected to be re-enabled at 14:00 EDT (18:00 UTC) on June 2, with ZODL promising a status update at 10:00 EDT.
At the time of writing, ZEC is trading at $587.35 with a 24-hour trading volume of $1.89 billion, according to CoinMarketCap data. The token’s market capitalization stands at approximately $9.8 billion, making it the 29th largest cryptocurrency by market cap. Despite the emergency soft fork, the price has shown resilience, up marginally in the last 24 hours after briefly dipping below the $520 range during the overnight disruption.
What exactly happened?
The emergency response was built around the release of zcashd v6.12.5, published on GitHub by ZODL with an explicit warning: “This is a time-critical upgrade.” The release notes state that the update addresses “several consensus and denial-of-service vulnerabilities in zcashd, all reachable by a remote peer or miner.”
Mining nodes that had not upgraded before the activation height would produce blocks that the upgraded majority would reject, leading to high orphan rates. Exchanges and other operators were urged to upgrade within the same window to remain in consensus. ZODL also warned that a second follow-up release will be required shortly after the soft fork activation and instructed node operators to keep their deployment teams on standby.
The vulnerability affects only the Orchard-shielded pool. The rest of the Zcash network continues to run normally. Transactions using the older Sapling shielded pool and transparent addresses are unaffected. ZEC held on exchanges can still be traded without any issues.
ZODL stated that it is notifying maintainers of other protocols that have deployed the Orchard protocol as part of responsible disclosure procedures.
Also Read: Zcash Developers Patch Four Vulnerabilities in Dual Node Implementations
The Fork was not seamless
According to a detailed post by Zcash community member Kenbak on the community forum, the transition produced visible instability during the switchover. Multiple competing forks were observed as miners upgraded at different speeds, including a 25-block fork spanning heights 3,363,431 to 3,363,455 and a total of 37 orphaned blocks from nodes still running on the old chain. Kenbak noted that the Cipherscan Zebra node was upgraded within 30 minutes of notification and that a fork watch page was set up to let the community track the event in real time.
When asked on the forum whether AI tooling had played a role in discovering the vulnerability, ZODL core developer Pacu responded: “We can’t say much at this very moment. Zcash core developers make responsible use of AI to enhance protocol development, strengthen our specifications, formalize our code and many other things that make us stronger.”
Cake Wallet confirms ZEC service down
The ripple effects hit third-party wallet providers almost immediately. Seth for Privacy, Vice President of Cake Wallet, acknowledged the disruption in a post on X, writing:
“No details yet, but a major issue has led to the Zcash network doing a rapid fork, and includes miners (temporarily) refusing to mine Orchard transactions. This means that Zcash in Cake won’t work ATM due to the broader network issues, and unfortunately, there isn’t anything we can do about that as it’s a network-wide issue. Will update when that changes.”
Cake Wallet, the popular open-source multi-chain privacy wallet founded by Vikrant Sharma in 2018, added shielded Zcash support only in January 2026, with Orchard transactions enabled by default. The wallet is widely used in the Monero and privacy coin community, and its ZEC integration has been a notable endorsement for the Zcash ecosystem. With Orchard now suspended network-wide, all ZEC functionality within Cake Wallet is effectively frozen until the upgrade completes.
Fourth major security event in 3 months
The emergency fork comes amid an unusually dense sequence of critical security patches across the Zcash ecosystem, raising questions about the structural complexity of maintaining two independent node implementations.
In April 2026, security researcher Alex “Scalar” Sol reported four separate vulnerabilities affecting both zcashd and the Zcash Foundation’s Rust-based Zebra client. The most dangerous was an Orchard transaction bug where a crafted zero-value key in the rk field could instantly crash any node processing the transaction.
A separate consensus enforcement gap between the two implementations could have triggered a visible chain fork. Mining pools, including ViaBTC, Luxor, F2Pool, AntPool, and Foundry, deployed fixes before the public disclosure on April 17. ZODL released zcashd v6.12.1, and the Zcash Foundation released Zebra v4.3.1, with the full disclosure published on the ZODL blog.
Before that, in March 2026, Sol had discovered a critical flaw that could have allowed malicious miners to drain more than 25,000 ZEC (worth roughly $6.5 million at the time) from the deprecated Sprout shielded pool. ZODL engineer Jack “str4d” Grigg authored the patch, and Sol received a 200 ZEC bounty, valued at above $51,000, contributed equally by Shielded Labs, ZODL, the Zcash Foundation, and Bootstrap.
And just one day before the current emergency, on June 1, the Zcash Foundation had released Zebra v4.5.1 as a hotfix for a consensus-critical signature operation (sigop) counting bug that the previous day’s v4.5.0 release had failed to fully fix. The flaw, tracked as GHSA-2prc-cj5x-4443, involved incorrect P2SH transaction sigop counting and could have triggered a chain split between Zebra and zcashd nodes.
Why the Orchard Pool matters
The Orchard shielded pool is not just another feature. It is the centerpiece of Zcash’s privacy architecture, introduced with the NU5 network upgrade in May 2022. Built on the Halo 2 proving system, Orchard eliminated the need for a trusted setup ceremony, a longstanding criticism of Zcash’s older Sprout and Sapling pools. Each Orchard transaction action is structured as both a spend and an output simultaneously, making it substantially harder to analyze transaction flows on the network.
The pool has grown rapidly, expanding from approximately 1 million ZEC to over 4.5 million ZEC over the course of 2025 and into 2026. ZODL, formerly known as Zashi, has been the primary driver of this growth, defaulting users to shielded Orchard transactions. The company raised $25 million in seed funding in March 2026 and has facilitated over $600 million in ZEC transactions to date.
Over 30% of the total circulating ZEC supply now sits in shielded pools, a level analysts have described as a structural shift in how the network is being used. The fact that the current vulnerability sits in this specific pool, which holds billions of dollars in value, underscores why the response was treated with such urgency.
ZEC’s remarkable 2026 run
The emergency fork arrives during what has been a transformative year for Zcash. The token has surged more than 1,200% from its pre-halving lows, driven by a confluence of catalysts that have reshaped the market’s perception of privacy coins entirely.
The SEC closed its nearly two-year investigation into the Zcash Foundation in January 2026 without any enforcement action, removing a major regulatory overhang. In the same period, Grayscale Investments filed to convert its existing Zcash Trust (ticker: ZCSH) into a U.S.-listed spot ETF, which would be the first such product for any privacy-focused cryptocurrency.
Multicoin Capital co-founder Tushar Jain disclosed that the firm had been building a significant ZEC position since February 2026. Gemini launched ZEC credit card rewards in May, and the token surged 110% in 30 days around that catalyst.
BitMEX co-founder Arthur Hayes has positioned ZEC as part of his core holdings, while Digital Currency Group founder Barry Silbert declared that “the ‘privacy’ era in crypto has officially begun.” ZEC touched six-month highs near $680 in late May before pulling back to its current level.
The upcoming Network Upgrade 7 (NU7) is targeting a 300% speed increase for shielded transactions by reducing block times from 75 to 25 seconds. A testnet went live on May 22, 2026, with mainnet activation planned for later in the year. NU7 will also introduce Zcash Shielded Assets (ZSAs) for private user-issued tokens and Orchard Quantum Recoverability, positioning Zcash as the first major cryptocurrency with a concrete post-quantum security roadmap.
What happens next
The Zcash community is now watching the clock for the 14:00 EDT re-enablement of Orchard transactions. A fuller technical disclosure is expected once the upgrade is confirmed complete. For users holding ZEC in wallets that default to Orchard, including ZODL, Cake Wallet, and others, the guidance is clear: funds are safe, but they cannot be moved until the network’s primary privacy layer comes back online.
The incident underscores a broader tension in the Zcash ecosystem. The design choice to maintain two independent node implementations, zcashd (C++) and Zebra (Rust), is meant to strengthen decentralization and resilience. But in practice, it has repeatedly introduced consensus divergence risks, coordination overhead, and an expanding attack surface that demands near-constant patching.
Whether this model can continue to hold as Zcash scales into a $9.8 billion network with institutional holders, an ETF pipeline, and an increasingly complex protocol stack is a question the ecosystem cannot afford to defer much longer.
Also Read: Kelp DAO Hacker Finishes Laundering $220M, Only $1.7M Left in Main Wallet
