Zcash protocol finds no further serious bugs after AI audit

Key facts

• Anthropic's Mythos AI model found no additional serious bugs in the Zcash protocol.
• A critical forgery bug in the Orchard shielded pool was previously discovered and patched.
• The Zcash Foundation stated there was no evidence of the vulnerability being exploited.
• AI models are raising security concerns in the crypto industry despite their use in finding vulnerabilities.
• Anthropic suspended access to its Fable 5 and Mythos 5 AI models due to U.S. export control directives.

Zcash founder Zooko Wilcox announced that Anthropic's Mythos AI model has completed a security audit of the privacy-preserving cryptocurrency's protocol, finding no further serious bugs. This follows the recent patching of a critical forgery bug in the Orchard shielded pool, which was discovered with the assistance of Anthropic's Claude Opus 4.8 model.

Wilcox shared the findings via an X post on Saturday, stating that the audit, commissioned by the Swiss non-profit Shielded Labs, did not uncover any additional significant vulnerabilities. Earlier in June, Zcash developers had temporarily halted Orchard transactions after identifying the forgery bug. An emergency upgrade was deployed later the same day to restore functionality. The Zcash Foundation clarified that there was no indication the vulnerability had been exploited and that user privacy remained unaffected.

Despite the use of AI models like Mythos to identify security flaws, the technology itself is raising broader concerns within the crypto industry. Anthropic recently released the first public version of its Mythos model, Fable 5, after stating it had uncovered over 10,000 high or critical-severity vulnerabilities in important software. However, access to Fable 5 and Mythos 5 was later suspended due to a U.S. government export control directive citing national security reasons.

Mitchell Amador, CEO of bug bounty platform Immunefi, noted that the proliferation of advanced AI models could shift the cybersecurity landscape in favor of threat actors, potentially fueling a rise in DeFi hacks. Data from DefiLlama indicates that crypto hacks reached $634 million in April, marking the highest monthly total since February 2025.