Zcash Locks In Ironwood Upgrade to Address Orchard Flaw, Launch Planned for July

Zcash developers have approved the consensus updates for the Ironwood upgrade, with activation targeted for late July at block height 3,417,100. The upgrade is designed to fix a serious flaw in the Orchard shielded pool that may have allowed unlimited counterfeit ZEC to be created.

Ironwood will roll out a new shielded pool, strengthen supply enforcement through the existing turnstile mechanism, and block new incoming transactions into the compromised Orchard pool. These changes are backed by formally verified zero-knowledge proof circuits and independent third-party security reviews.

The Orchard Flaw: What Ironwood Resolves

Introduced in May 2022 under the NU5 upgrade, the Orchard pool integrated the Halo 2 proof system and became Zcash’s most advanced privacy layer. It uses zero-knowledge proofs to hide transaction amounts and participant identities without requiring a trusted setup.

However, a vulnerability discovered in early 2026 exposed a flaw in the circuit design. If exploited, it could have enabled attackers to mint counterfeit ZEC without leaving any detectable on-chain evidence.

This meant the total supply within Orchard was not strictly enforced. The same privacy features that protect legitimate users also made unauthorized issuance effectively invisible—even to Zcash’s own developers.

The issue was uncovered through an AI-assisted external audit, prompting a quiet fix and coordinated disclosure ahead of the Ironwood rollout.

Turnstile Enforcement, New Pool, and Supply Integrity

Ironwood is being developed through a collaborative effort involving ZODL, Tachyon, Valar Group, the Zcash Foundation, and Shielded Labs, reflecting a multi-party governance approach.

At its core is a redesigned Orchard circuit that introduces a mechanism to restrict payments within a pool while still allowing change outputs, preserving user privacy.

Once activated, this restriction will be permanently applied to the legacy Orchard pool. New transactions will be automatically redirected to the replacement pool, while constraints on the valueBalance field help enforce supply limits.

The upgrade relies on the existing turnstile mechanism to ensure accurate supply accounting. Any ZEC exiting the old Orchard pool must pass through the turnstile before entering the new pool, ensuring that the amount leaving cannot exceed the amount originally deposited.

This framework guarantees that circulating supply remains within intended limits. After migration, full nodes will be able to independently verify that no counterfeit ZEC has entered the new pool, restoring trustless supply validation at the protocol level.

The planned activation aligns with the end-of-support for zcashd at block 3,417,100. Before mainnet deployment, the upgrade will undergo testnet trials, ecosystem coordination, and final security audits. Wallet providers are expected to offer simple migration tools, and the new pool is designed to maintain compatibility with existing Orchard addresses, avoiding the need for key rotation.