In 2010, someone created 184 billion Bitcoin out of thin air. The exploit was caught within hours. A miner noticed something strange, the community ran the numbers, and the blockchain was rolled back before the counterfeit coins could move anywhere meaningful. The whole event took less than a day to identify and fix.
The reason it was caught so fast is the same reason Bitcoin transactions feel uncomfortable to a lot of people who care about financial privacy. Everything is public. Every address, every amount, every movement of funds sits on a ledger that anyone can read. That transparency is a liability for privacy. It is an asset for security. When something goes wrong on a public blockchain, everyone can see it immediately.
Zcash was built on the opposite premise. The shielded pools at the core of Zcash use zero-knowledge proofs to hide transaction amounts and addresses completely. You can verify that a transaction happened without knowing who sent it, who received it, or how much moved. That is the point. That is the product.
Last month, developers disclosed a critical vulnerability in Zcash’s Orchard shielded pool that could have allowed an attacker to create counterfeit ZEC without anyone being able to detect it. The flaw was patched quickly. Developers said they believed it had never been exploited.
They could not prove it.
Why They Could Not Prove It
This is the part that deserves more attention than the price chart.
On a public blockchain, proving a bug was unexploited is straightforward. You look at the ledger. You check the supply. You verify the math. The 2010 Bitcoin inflation bug was caught because the public record showed 184 billion coins where there should have been far fewer. The evidence was sitting there for everyone to see.
Zcash’s shielded pools hide the evidence along with everything else. The zero-knowledge proofs that conceal transaction amounts also conceal whether those amounts were manufactured illegitimately. A bug that allows counterfeit coin creation inside a shielded pool leaves no publicly detectable trace by design, because the design exists specifically to leave no publicly detectable trace.
Developers patched the Orchard flaw and said they believed it was unexploited, and that belief is probably correct. But belief is not proof. In a system built around cryptographic certainty, having to rely on “we think it’s fine” for the most important security property, whether the supply is real, is an uncomfortable position to be in.

ZEC climbed steadily through the week before spiking sharply on July 7 after Zooko Wilcox said the project was on the verge of a mathematical proof against counterfeiting bugs. Source: CoinGecko
ZEC dropped more than 40% in two days when the disclosure landed. The market priced the uncertainty, not a confirmed exploit.
What Project Tachyon Is Trying to Do
Zcash founder Zooko Wilcox said this week that the project is “on the verge of producing a mathematical proof that there are no undetectable counterfeiting bugs in the latest Zcash shielded pools.” The effort is focused on Ironwood, Zcash’s replacement for the Orchard pool, and it is being carried out by Project Tachyon.
The goal is formal verification. Rather than testing the system for known attack vectors, formal verification uses mathematical proofs to demonstrate that certain classes of bugs cannot exist in the code at all. It is the difference between checking whether the locks on a door work and proving mathematically that the door cannot be opened without a key.
What makes this news beyond the Zcash-specific context is how they are getting there. Project Tachyon said advances in AI-assisted proof generation have reduced work that once took years to a matter of weeks. Formal verification has existed as a discipline for decades but has been largely impractical for complex cryptographic systems because of how long it takes. If AI tooling is genuinely compressing that timeline by an order of magnitude, the implications extend well beyond one privacy coin’s shielded pool.
The Tension That Does Not Go Away
The Orchard bug and the Project Tachyon response illustrate something that does not have a clean resolution. Privacy and auditability are in tension by definition. A system that perfectly hides transaction data from outside observers also hides it from the developers responsible for verifying the system’s integrity. The stronger the privacy guarantee, the harder it becomes to prove nothing is wrong.
Bitcoin resolved this tension by choosing transparency. The supply is auditable because everything is public. The privacy cost is real and significant. Zcash made the opposite choice, and is now working backward toward auditability using formal mathematics rather than public ledgers.
Neither approach is obviously wrong. They are different answers to a genuine tradeoff, and the people who need financial privacy the most, dissidents, journalists, anyone operating in a jurisdiction where financial surveillance is a tool of control, have real reasons to care which approach wins.
ZEC is at $498.20, up 24.5% on the week, with $438 million in 24-hour trading volume and a market cap of $8.36 billion. The market has already voted with conviction on Project Tachyon’s progress. Whether the math actually holds when the formal proof is published is the remaining question, and it is the kind of question that has a definitive answer rather than just a price signal.