Key facts
- A critical Zcash vulnerability, undetected for over four years, was discovered using Anthropic's Claude Opus 4.8 AI model.
- The flaw could have enabled the creation of an unlimited supply of Zcash tokens.
- Following the disclosure on June 4, the Zcash token price dropped by approximately 50%.
- Crypto investor Arthur Hayes sold his Zcash position due to concerns about the network's integrity.
- Anthropic has released new AI models, Claude Fable 5 and Claude Mythos 5, with enhanced reasoning and coding abilities, while implementing safety measures.
A critical vulnerability in the Zcash cryptocurrency, which could have allowed for the creation of an unlimited supply of tokens, was discovered using Anthropic's advanced AI model, Claude Opus 4.8. The flaw had remained undetected for over four years before being identified by a security researcher. Following Zcash's disclosure of the vulnerability on June 4, the token's price plummeted by approximately 50%, rattling investors and raising concerns about the security of prominent privacy networks.
Eli Ben-Sasson, a co-creator of Zcash, expressed worry that machine intelligence could expose flaws that human experts have missed for years. Crypto investor Arthur Hayes cited concerns about the network's integrity and sold his entire Zcash position after the disclosure. While Zcash was fortunate that a "white-hat" hacker found the flaw, Ben-Sasson warned that malicious actors could also leverage AI to discover and exploit vulnerabilities in other crypto protocols.
Anthropic recently released its latest AI models, Claude Fable 5 and a more restricted version, Claude Mythos 5, for vetted cybersecurity users. These models offer enhanced reasoning and coding capabilities. Security experts caution that while AI may not invent entirely new hacking methods, it can dramatically accelerate the process of finding misconfigurations and constructing exploits. This AI-driven acceleration is particularly concerning for decentralized finance (DeFi), where billions have already been lost to hacks, often stemming from human error and operational failures rather than smart-contract bugs. The Zcash incident underscores the potential for similar price crashes across other protocols as AI tools become more prevalent in both code auditing and exploitation.