Security researchers have uncovered and resolved a critical vulnerability in Zcash nodes that could have enabled malicious miners to siphon over 25,000 ZEC approximately $6.5 million from the networks legacy Sprout shielded pool. The flaw was responsibly disclosed and patched before any exploitation occurred, leaving all user funds intact. Researcher Alex Scalar Sol identified the bug on March 23 with the help of AI-assisted analysis. The vulnerability caused zcashd nodes to bypass proof verification on Sprout pool transactions a serious oversight that persisted across releases dating back…
Source:: Zcash Patches Critical Vulnerability That Could Have Drained $6.5M From Shielded Pool