Zcash Flaw Finder Hornby Turns Audit Sights to Monero

Taylor Hornby, the security engineer who surfaced a critical vulnerability in Zcash, has announced plans to expand his audit efforts. Hornby said he will add Monero (XMR) and other privacy-focused networks to his list of projects under investigation as part of ongoing research into privacy-oriented cryptocurrencies.

On May 29, Hornby — while working on a security engagement commissioned by the non-profit development organization Shielded Labs — discovered a critical vulnerability in Zcash's Orchard privacy repository. The flaw had been lurking on the network since May 2022 and could theoretically have allowed for unlimited counterfeiting of ZEC. Somewhere, a hypothetical attacker is probably sweating.

Related News: Keep a Close Eye on Tuesday for Cryptocurrencies: U.S. to Consider Cryptocurrency Taxation.

Another detail worth noting: Hornby leaned on the Claude Opus 4.8 AI model developed by Anthropic during his research. The vulnerability surfaced via AI-assisted auditing, which kicked off an urgent patching process across the Zcash ecosystem. Developers shipped a fix quickly.

Solana developer Mert Mumtaz also recently stated that vulnerabilities similar to the one in Zcash could potentially exist across all privacy tokens. A cheerful thought for everyone holding bags.

*This is not investment advice.