Key Highlights
- Ironwood would allow users to independently verify Zcash’s circulating supply by summing balances across active pools.
- The proposal follows the emergency patch of a critical counterfeiting vulnerability in the Orchard shielded pool.
- A new shielded pool would be created, while the existing Orchard pool would be restricted from generating new outputs.
Shielded Labs, in collaboration with the Zcash Foundation, Tachyon Group, Valar Group, and the Zcash Open Development Lab (ZODL), today proposed a new network upgrade called Ironwood aimed at restoring users’ ability to independently verify the integrity of Zcash’s (ZEC) circulating supply.
According to the official announcement, the proposal comes shortly after the discovery of a critical counterfeiting vulnerability in Zcash’s Orchard shielded pool. The issue was addressed through an emergency network upgrade completed on June 2.
“Ironwood would allow users to verify that the circulating supply of Zcash is correct. Users would gain this ability immediately upon the activation of Ironwood by simply summing up the balances of the active pools,” the proposal stated.
How the proposal works
Under the proposal, Ironwood would introduce a new shielded pool using the Orchard circuit with the recently discovered counterfeiting vulnerability fixed, reject any transaction attempting to create new outputs in the old Orchard pool, and strengthen overall codebase assurance through AI-assisted security auditing and formal verification techniques.
Upon activation, funds in the existing Orchard pool would be restricted. New ZEC could no longer be created or freely circulate within that pool. Instead, funds could only exit through Zcash’s existing “turnstile” accounting mechanism, which enforces strict limits on transfers between shielded pools based on previously recorded inflows.
According to the proposal, this design would allow users to independently verify the total circulating supply by running a node and summing balances across active pools. As a result, users would no longer need to rely on external assessments regarding whether the vulnerability had been exploited.
Potential evidence of past exploitation
While not its primary goal, Ironwood could generate public evidence about whether the vulnerability was exploited. As users migrate funds to the new pool, any hypothetical counterfeiter would face a dilemma: attempt to move fake ZEC and risk detection, or leave it behind.
If no excess ZEC attempts to exit the old pool, it would serve as strong evidence that no counterfeiting occurred. If excess funds tried to move, they would be blocked by turnstiles and effectively destroyed to protect overall supply integrity, providing clear, on-chain proof of exploitation.
Existing addresses would remain valid
The proposal recommends that all wallets supporting Orchard add compatibility for the new pool. Existing Orchard addresses would remain valid, with new incoming funds automatically routed to the secure pool after activation. Migration will involve some privacy trade-offs by revealing transfer amounts and timing, though the impact is described as modest.
“We believe prior exploitation of the Orchard vulnerability is unlikely. But users should not have to trust our assessment, or anyone else’s, when it comes to the integrity of the Zcash supply,” the team stated.
Developers caution that Ironwood, like previous network upgrades, will require extensive development, testing, review, and ecosystem coordination. The ongoing deprecation of the legacy zcashd client in favor of Zebra may add further complexity and affect timing.
Also Read: Worldcoin Slides 21% in 24 Hours as Heavy Selling Pressure Hits Market
