Zcash’s core development teams can’t wait.
Following the discovery and emergency remediation of a critical counterfeiting vulnerability in the Orchard shielded pool, ZODL, working alongside Tachyon, Valar Group, the Zcash Foundation, and Shielded Labs, has officially proposed Ironwood, a new shielded pool designed to restore every user’s ability to independently verify that their circulating Zcash supply is intact.
The proposal arrived via ZODL’s official X account and targets activation in late July 2026, after zcash support ends at block height 3,417,100. The proposal is supported by formal verification, independent audits and an AI-assisted security review, a much more stringent assurance framework than has been supporting the current Orchard group.
The timing is deliberate. The garden The vulnerability has been discovered Through ongoing security research, which was responsibly disclosed, and repaired through a coordinated emergency network upgrade which was completed on June 2nd. But fixing the bug alone was not enough. Orchard’s privacy features mean that users cannot currently verify for themselves whether a vulnerability has been exploited, and Ironwood is specifically designed to solve this problem.
What happened with Orchard and why it matters
Last week, a serious counterfeiting vulnerability was discovered within Zcash’s Orchard protected pool. The nature of the flaw means that, in theory, an attacker could have created ZEC from scratch without being detected, which is a worst-case scenario for any asset that relies on a stable, verifiable supply as a core part of its value proposition.
The coordinated response was rapid. ZODL and other ecosystem participants addressed the vulnerability through an emergency network upgrade launched on June 2. There is no evidence of exploitation of the vulnerability, no evidence of impact on user funds, and no evidence of any change in the total ZEC supply. The issue did not affect the privacy of funds in any pool, and Orchard is currently up and running normally.
But the problem that still remains is the verification problem. Because of Orchard’s privacy architecture, users have no way to independently confirm that the vulnerability will never be used. They are being asked to trust the conclusions of the teams that investigated the matter, which, however credible those teams may be, is not the same as being able to verify it themselves. Ironwood exists to fill this gap.
How Ironwood actually works
Ironwood creates a new protected group using Orchard Circle with the forgery vulnerability fixed. The current Orchard pool is closed to new deposits and internal transactions, meaning that funds in this pool can only move forward through a revolving door, before entering Ironwood.
The revolving door is the mechanism that makes the whole thing unreliable. Turnstiles are Zcash’s on-chain accounting system for transfers between pools.
They track exactly how much ZEC has entered and exited each pool and reject any transaction that attempts to take out more ZEC than was legitimately entered. For this reason, users get an instant and reliable guarantee that no more than the correct amount of ZEC can be traded, without having to wait for anyone else to roll over their funds.
The basic idea is that this guarantee is activated immediately when Ironwood is turned on, and not gradually when users move their funds. Once the upgrade is activated, anyone running the node can verify by consensus rules alone that the circulating supply is intact. Surplus ZEC cannot secretly spread among users of the old Orchard pool, nor can it escape to another pool. Accounts are enforced at the protocol level, not by trust.
What Ironwood reveals about whether the vulnerability has been exploited
In addition to restoring verifiability to supplies, Ironwood has created a mechanism that may generate public clues about whether the Orchard vulnerability has already been used. The logic here is clear and straightforward and worth understanding.
As users migrate their funds from the old Orchard complex to Ironwood, any virtual counterfeiter faces an uncomfortable choice. They can try to move the counterfeit money, which risks exposing the existence of that money, or they can leave it behind and risk losing the ability to move it at all once the migration is complete. There is no clean way out.
This creates two possible outcomes. In result A, there are no excess ZEC attempts to leave the old Orchard group. This would be strong evidence that the vulnerability was never exploited, since anyone carrying the fake ZEC would have every incentive to try to transfer it before legitimate users finish the migration.
In Outcome B, the excess ZEC attempts to leave, and is rejected by the revolving door, effectively destroying it, while creating publicly verifiable on-chain proof that counterfeiting has occurred. The development teams believe that outcome (a) is much more likely. But in either case, the answer eventually becomes clear to everyone.
The user experience is designed to be simple
For regular Zcash users, the migration process is not complicated. Today, users can send and receive Orchard funds just like normal, and nothing changes in the near term. After the Ironwood upgrade, Orchard-enabled wallets will be able to ask users to migrate their funds with one click.
Most importantly, existing Orchard addresses remain valid and do not need to be changed. ZECs sent to Orchard receivers created before Ironwood activation will automatically be received as ZEC in the new group. The new pool uses the user’s existing Orchard receiver, so there is no need to rotate the address and there is no disruption to how people currently interact with their wallets.
ZODL is also completing work on Zallet, a new command line wallet that replaces zcashd’s built-in wallet as part of the broader zcashd decommissioning process. In parallel, Valar Group is creating a wrapper so that existing zcashd wallet users can continue to use it until they are ready to move to Zallet. The goal of all this is to make the upgrade path as smooth as possible for every type of user in the ecosystem.
Disclosure: This is not trading or investment advice. Always do your research before purchasing any cryptocurrency or investing in any services.
Follow us on Twitter @themerklehash To stay up to date on the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!
