Zcash Proposes Ironwood, A New Shielded Pool to Restore Supply Verification After Orchard Vulnerability

Zcash’s core development teams are not waiting around.

Following the discovery and emergency remediation of a critical counterfeiting vulnerability in the Orchard shielded pool, ZODL, working alongside Tachyon, Valar Group, the Zcash Foundation, and Shielded Labs, has formally proposed Ironwood, a new shielded pool designed to restore every user’s ability to independently verify that Zcash’s circulating supply is sound.

The proposal landed via ZODL’s official X account and targets activation for late July 2026, following the zcash end-of-support at block height 3,417,100. The proposal is backed by formal verification, independent audits, and AI-assisted security review, a significantly more rigorous assurance framework than what underpinned the existing Orchard pool.

The timing is deliberate. The Orchard vulnerability was discovered through ongoing security research, responsibly disclosed, and fixed through a coordinated emergency network upgrade completed on June 2. But fixing the bug alone was not enough. The privacy properties of Orchard mean users currently cannot verify for themselves whether the vulnerability was ever exploited, and Ironwood is specifically designed to solve that problem.

What Happened With Orchard And Why It Matters

Last week, a critical counterfeiting vulnerability was discovered inside Zcash’s Orchard shielded pool. The nature of the flaw meant that, in theory, an attacker could have created ZEC out of thin air without detection, a worst-case scenario for any asset that depends on a fixed, verifiable supply as a core part of its value proposition.

The coordinated response was fast. ZODL and other ecosystem participants remediated the vulnerability through an emergency network upgrade that went live on June 2. There is no evidence the vulnerability was exploited, no evidence of impact to user funds, and no evidence of any change to the total ZEC supply. The issue did not affect the privacy of funds in any pool, and Orchard is currently live and operating normally.

The problem that remains, however, is one of verification. Because of Orchard’s privacy architecture, users have no way to independently confirm that the vulnerability was never used. They are being asked to trust the conclusions of the teams who investigated it, which, however credible those teams are, is not the same as being able to verify it themselves. Ironwood exists to close that gap.

How Ironwood Actually Works

Ironwood creates a new shielded pool using the Orchard circuit with the counterfeiting vulnerability fixed. The existing Orchard pool gets closed to new deposits and internal transactions, meaning funds sitting in that pool can only move forward, through a turnstile, before entering Ironwood.

The turnstile is the mechanism that makes the whole thing trustless. Turnstiles are Zcash’s on-chain accounting system for transfers between pools.

They track exactly how much ZEC has entered and exited each pool and reject any transaction that attempts to move out more ZEC than legitimately went in. Because of this, users gain an immediate, trustless guarantee that no more than the correct amount of ZEC can be circulating, without needing to wait for anyone else to migrate their funds.

The key insight is that this guarantee activates immediately when Ironwood goes live, not gradually as users move their funds across. As soon as the upgrade activates, anyone running a node can verify from the consensus rules alone that the circulating supply is sound. Excess ZEC cannot secretly circulate between users of the old Orchard pool, and it cannot escape into another pool. The math is enforced at the protocol level, not by trust.

What Ironwood Reveals About Whether The Vulnerability Was Exploited

Beyond restoring supply verifiability, Ironwood creates a mechanism that may generate public evidence about whether the Orchard vulnerability was ever actually used. The logic here is straightforward and worth understanding.

As users migrate their funds from the old Orchard pool into Ironwood, any hypothetical counterfeiter faces an uncomfortable choice. They can attempt to move counterfeit funds, which risks exposing that those funds exist, or they can leave them behind and risk losing the ability to move them at all once migration is complete. There is no clean exit.

This creates two possible outcomes. In Outcome A, no excess ZEC attempts to leave the old Orchard pool. That would be strong evidence the vulnerability was never exploited, since anyone holding counterfeit ZEC would have every incentive to try moving it before legitimate users finished migrating.

In Outcome B, excess ZEC attempts to leave, and gets rejected by the turnstile, effectively destroying it, while creating publicly verifiable on-chain evidence that counterfeiting occurred. The development teams believe Outcome A is far more likely. But either way, the answer eventually becomes visible to everyone.

The User Experience Is Designed To Be Simple

For regular Zcash users, the migration process is not complicated. Today, users can send and receive Orchard funds exactly as normal, nothing changes in the immediate term. Following the Ironwood upgrade, wallets that support Orchard will be able to prompt users to migrate their funds with a single click.

Critically, existing Orchard addresses remain valid and do not need to be changed. ZEC sent to Orchard receivers that were created before Ironwood activation will automatically be received as ZEC in the new pool. The new pool uses the user’s existing Orchard receiver, so there is no address rotation required and no disruption to how people currently interact with their wallets.

ZODL is also completing work on Zallet, a new command-line wallet that replaces the wallet built into zcashd as part of the broader zcashd deprecation process. In parallel, Valar Group is building a wrapper so that current zcashd wallet users can keep using it until they are ready to migrate to Zallet. The goal across all of this is to make the upgrade path as smooth as possible for every type of user in the ecosystem.

Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.

Follow us on Twitter @themerklehash to stay updated with the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!

The post Zcash Proposes Ironwood, A New Shielded Pool to Restore Supply Verification After Orchard Vulnerability appeared first on The Merkle News.