Zcash Ironwood announces the mainnet activation on July 28, launching the Orchard new privacy pool.

ZEC6.05%

Zcash core developer Sean Bowe announced on X on July 10 that the activation block height for the Zcash Ironwood mainnet has been confirmed and marked; all major organizations have committed to activate the NU6.3 upgrade at block height 3,428,143, expected on July 28. The Ironwood upgrade introduces a new privacy pool using the Orchard protocol.

Major organizations commit to activate NU6.3 at block height 3,428,143

According to Sean Bowe's announcement on X, all major organizations have pledged to activate the NU6.3 upgrade at block height 3,428,143, scheduled for 8 PM Beijing time on July 28.

Sean Bowe stated: "The rapid and secure activation of Ironwood on the Zcash mainnet is extremely important for our users. Additionally, we are simultaneously conducting formal verification work to ensure there are no supply integrity issues; sufficient hash rate indicates the network upgrade is technically ready."

He also pointed out that some wallets may not be able to prepare for the upgrade in time, but this does not justify delaying Ironwood, as there will be enough alternative solutions, and testnets have provided ample time for all users to upgrade.

New Orchard privacy pool replaces the old pool, zero-knowledge proof circuits gain control flags

According to official Zcash explanations, the two main technical features of the Ironwood upgrade are:

New Orchard privacy pool: Introducing a brand-new privacy pool using the Orchard protocol, gradually phasing out the old pool, allowing anyone to verify the network's circulating supply while protecting transaction privacy.

Zero-knowledge proof circuit control flags: Adding a control flag within the circuit that, when enabled, can disable the ability to transfer to other users within the pool, while still retaining change functionality.

These measures aim to eliminate uncertainties exposed by the Orchard vulnerability in May—specifically, the inability of developers to prove whether counterfeit ZEC had been minted.

Four-year-old vulnerability patched on June 1, with Claude Opus 4.8 assisting discovery

Reports indicate that a four-year-old vulnerability existed in the Zcash Orchard shielded pool, discovered by security researcher Taylor Hornby using Anthropic's Claude Opus 4.8. It could allow attackers to mint unlimited counterfeit ZEC without detection. The vulnerability was patched on June 1, 2026, but due to Zcash's privacy features, there is no cryptographic method to confirm if it was exploited, which is the fundamental reason for proposing the Ironwood upgrade.

Following the disclosure, ZEC plummeted over 40% in a day, briefly falling below $300, marking the lowest point since early April, with a market cap loss of billions of dollars.

Key components of the Z3 stack still in development

According to Jason McGee of Shielded Labs, development is focused on two parallel projects: the Ironwood (NU6.3) network upgrade and migrating the Zcash ecosystem from the traditional Zcashd software to the new Z3 stack, which includes Zebra full nodes, Zaino indexing service, and Zallet wallets. Key Z3 components, including Zallet and Zaino, are still under development, meaning exchanges, mining pools, and wallet providers have limited time to deploy and test these components.

McGee mentioned that risk mitigation options under consideration include delaying Ironwood deployment, conducting independent third-party security audits, or temporarily supporting Ironwood through Zcashd during partner migration.

Frequently Asked Questions

When will the Zcash Ironwood upgrade activate, and at which block height?

According to Sean Bowe's announcement, the Zcash Ironwood (NU6.3) upgrade is scheduled to activate at block height 3,428,143, expected at 8 PM Beijing time on July 28, 2026; all major organizations have committed to activate at this height.

What is the core purpose of the Ironwood upgrade?

According to official Zcash explanations, the Ironwood upgrade aims to eliminate uncertainties caused by the Orchard pool vulnerability: introducing a new Orchard privacy pool (phasing out the old one) and adding control flags to zero-knowledge proof circuits; enabling anyone to verify the network's circulating supply while protecting transaction privacy.

How was the Orchard pool vulnerability discovered, and how significant is the impact?

Reports indicate that security researcher Taylor Hornby used Anthropic's Claude Opus 4.8 to discover a four-year-old vulnerability that could allow unlimited minting of counterfeit ZEC. The vulnerability was patched on June 1, 2026, but due to Zcash's privacy features, it cannot be confirmed whether it was exploited. After disclosure, ZEC dropped over 40% in a single day.

Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments