logo

Zcash fixes critical vulnerability: previously threatened the security of over 25,000 ZEC, worth approximately 6.5 million dollars

By: rootdata|2026/04/01 13:42:02
0
Share
copy

The privacy coin Zcash recently disclosed and fixed a critical security vulnerability that could have been exploited by malicious miners to transfer over 25,000 ZEC (approximately 6.5 million USD) from the deprecated Sprout privacy pool. Security researcher Alex "Scalar" Sol disclosed on March 23 that the vulnerability stemmed from the zcashd node skipping proof verification when processing transactions involving the Sprout pool.

The official statement indicated that the vulnerability had existed since July 2020 but had not been actively exploited, and user funds remained safe at all times. The development team has released version 6.12.0 to complete the fix, and mainstream mining pools have completed the upgrade deployment within a few days. Additionally, the unaffected Zebra full node implementation has the capability to trigger a chain fork, providing extra protection in the event of exploitation.

It was disclosed that although the Sprout pool closed to new deposits in November 2020, approximately 25,424 ZEC remained untransferred. Even if the vulnerability were exploited, Zcash's "turnstile" mechanism would prevent inflationary issuance, ensuring that the total supply would not be breached. This vulnerability was discovered with the assistance of AI, and the researcher will receive a total bounty of 200 ZEC (approximately 51,000 USD). It is worth noting that this is not the first time Zcash has encountered a significant vulnerability; as early as 2019, it had fixed a serious flaw that could lead to unlimited issuance.

-- Price

--

You may also like

The Exit Signal is Pricier Than the Entry Signal | Rewire News Morning Brief

The S&P 500 is up 1.5%, the Nasdaq is up 2%, the market is betting not on victory, but on exit

Claude Code 500K Lines Code Leak Fully Organized, What's the True Core of the AI Agent?

The code directly responsible for calling the AI model's API accounts for only 1.6% of the total.

Bitcoin Enters Bond Market, Moody's Provides First-Ever Rating for Global Cryptocurrency-Backed Bond

A Ba2 "Junk Bond" provisional rating marks Bitcoin's first official inclusion in a traditional credit system's debt instrument collateral framework.

A Country Wagering 9% of Its GDP on Bitcoin

A relatively closed Buddhist country located between China and India has bet its destiny on Bitcoin

Analyzing Claude Code Source Code: Why is It Better Than Other AI Programming Tools?

Anthropic chose the harder path, getting stuff done with your terminal, your environment, your config, instead of "writing some code in a clean room and then copy-pasting it over."

Is the "Quantum Threat" Imminent, and How Much Time Does Bitcoin Have Left?

After the timeframe compression, can the system be upgraded in a timely manner?

Popular coins

Latest Crypto News

13:42

TD Cowen: The probability of the cryptocurrency market structure bill passing this year is only one in three

According to The Block, Jaret Seiberg, Managing Director of TD Cowen's Washington Research Group, expressed that the outlook for the passage of the U.S. crypto market structure bill, the "CLARITY Act," is "increasingly pessimistic," with only a one-third chance of passing this year. He pointed out t...
13:42

Insiders: SpaceX teams up with 21 banks to prepare for IPO

Insiders revealed on Tuesday that SpaceX is collaborating with at least 21 banks to prepare for its blockbuster IPO, one of the largest underwriting groups in recent years. This IPO is internally codenamed "Apex," expected to take place in June, with a valuation reaching $1.75 trillion, poised to be...
13:42

Magic Eden wallet will only allow data export starting from April 1, and will be completely shut down on May 1

The NFT market Magic Eden announced that its native wallet will enter export-only mode on April 1 and will completely cease operations on May 1. Users must export their private keys or mnemonic phrases before this date, or they will not be able to recover their assets. The wallet has been removed fr...
13:42

Bitcoin narrowly escaped six consecutive monthly declines, with a 1.62% increase in March

Last night, the US and Iran simultaneously released signals of reconciliation, and the market reacted noticeably. Bitcoin quickly rebounded above $68,000, which also allowed it to narrowly escape a six consecutive monthly decline, ultimately closing March up 1.62%. Looking ahead to April, Bitcoin ha...
13:42

The launch of the first batch of compliant stablecoin licenses in Hong Kong has been postponed, and the Monetary Authority responded that it is making every effort to advance the process

The first batch of issuer licenses in Hong Kong was originally scheduled to be issued in March 2026, but it has not materialized as planned. A spokesperson for the Hong Kong Monetary Authority (HKMA) responded that the HKMA is fully committed to advancing the licensing process and will make announce...
Read more
Community
iconiconiconiconiconiconicon

Customer Support Bot@WEEX_support_smart_Bot

VIP Servicessupport@weex.com