Dragonfly’s Haseeb Qureshi defends privacy coin Zcash after Orchard bug fears, confirming ZEC token holdings while highlighting transparency, risk control, and recovery.
Dragonfly partner Haseeb Qureshi spoke out to calm fears about Zcash’s recently patched Orchard bug. He argued the market was overstating the risk. He also said that Dragonfly still has privacy coin ZEC. Qureshi also revealed that he had a personal investment in ZODL.
Why Haseeb Qureshi Says the Zcash Bug Risk Is Overstated
Qureshi explained the bug mostly threatened shielded pool holders. It did not pose any threat to the overall ZEC market. But he pointed to a crucial obstacle for any attacker, he said. Those who were counterfeiting ZEC’s still had to sell them. To achieve this, they needed to first make it transparent ZEC. That step makes the fraud immediately visible.
Reading more: Unmasking Anonymity: A Deep Dive into the Top 10 Privacy Coins – Ledger Tribune
Additionally, the majority of the liquidity in the ZEC market is in the form of transparent tokens. Thus, it is very hard to make large amounts of fake money without being noticed. The detection would occur quickly.
Shielded Pool Data Shows No Signs of Mass Exit
On-chain data was also cited by Qureshi. The percentage of the total supply in the shielded pool decreased from 31% to 30%. The decline was in only 48 hours since the disclosure. However, Qureshi termed it “modest”. He stated that it did not indicate any panic and no mass exit from the pool.
Zcash Plans New Turnstile and Shielded Pool to Verify Supply
The Zcash team will be releasing a new turnstile and a new shielded pool. The upgrade will check if the pool has been inflated in the past. Qureshi likened it to marking attendance at the end of a field trip. That is, it validates no additional coins were added to the circulation.
Plus, AI will provide a more comprehensive long-term solution, Qureshi said. He called formal verification the path to harden all software. Cameron Winklevoss agreed. By construction, he said, cryptography that has been formally verified cannot be counterfeited.
Qureshi confirmed that Dragonfly still has ZEC. He also revealed that he personally invests in ZODL. Therefore, readers are advised to carefully consider those positions. His bullish remarks come with a direct financial interest.
How Taylor Hornby Found the Zcash Bug Using Claude Opus 4.8
Security engineer Taylor Hornby found the vulnerability on May 29. In April 2026, he was hired by Shielded Labs for this very reason. His role was to discover vulnerabilities in the protocol before malicious players could. He has reviewed the Orchard circuit using Anthropic’s Claude Opus 4.8. That circuit is the foundation of Zcash’s most advanced privacy pool.
To get ahead of scams, if you're interested in donating to me for finding the Zcash bug, my addresses are in this post or in my replies below (be careful to check the exact username for lookalike scammers). Nothing else has been approved by me.
Note: I intend to apply for a…
— Taylor Hornby 🛡❤️ (@DefuseSec) June 5, 2026
Hornby then wrote a complete exploit and tested it locally. It produced an infinite amount of undetected fake ZEC. Shielded Labs verified that the same tool would have worked on mainnet. Hornby promptly notified developers of the bug. The vulnerability was present since Orchard was activated in May 2022. It was finally patched by the developers on June 1, 2026.
Taylor Hornby Adds Monero to His Privacy Coin Audit Queue
Now, Hornby intends to continue his audit investigation. He plans to include Monero (XMR) and other privacy coins in his review list. The Zcash case demonstrates that AI-powered audits can uncover what years of manual audits failed to. As a result, the entire privacy coin market is now keeping an eye on the situation.