Arthur Hayes didn’t wait for the dust to settle. Hours after Zcash disclosed a newly found vulnerability in its Orchard privacy pool, the BitMEX co-founder exited his entire Zcash (ZEC) position, according to his post on X.
The Orchard issue matters because it targets a part of Zcash that is designed to hide transaction details. The Zcash team said that a hacker could have abused the weakness to create endless fake ZEC inside Orchard. Developers moved fast and fixed the issue by June 1, but the core worry stayed.
What changed after the Orchard vulnerability
Zcash founder Zooko Wilcox and members of the Shielded Labs disclosed the flaw’s discovery, saying security researcher Taylor Hornby found it on May 29.
The team’s explanation leaves a blunt gap in certainty. Because Orchard is private by design, Zcash cannot use a cryptographic method to prove whether the bug was exploited before the patch. In Hayes’ words on X, “While I think it’s extremely unlikely of any minting, it cannot be formally cryptographically proved impossible.” He added that privacy-focused assets require “perfection not improbability.”
That distinction is doing real work here. If a system can’t prove a negative, holders must trust that exploitation did not occur. Hayes’ selloff signals he was not willing to sit in that uncertainty.
The market hit and why traders got jumpy
The market reacted quickly. CoinGecko data cited in the CryptoPotato report shows ZEC dropped more than 35% in the last 24 hours to around $386 after trading as high as $611 during the same period.
Over longer windows, ZEC is also down nearly 27% over the last week and more than 40% across two weeks, per the same CoinGecko data.
CryptoPotato also points to a surge in activity. Trading activity spiked by nearly 46% as investors rushed to reassess risk, and daily spot volume topped $1.7 billion.
CoinGlass data adds the derivative pressure. The report says volatility triggered nearly $49 million in liquidations in the past day, with long positions responsible for more than $41 million of those losses.
| Metric | Reported impact | Source in coverage |
|---|---|---|
| ZEC move (24h) | Down 35%+ to ~ $386, after ~ $611 intraday | CoinGecko |
| ZEC move (1 week) | Down ~27% | CoinGecko |
| ZEC move (2 weeks) | Down 40%+ | CoinGecko |
| Spot volume | Top of $1.7B daily | CoinGecko |
| Liquidations (past day) | Nearly $49M total, longs > $41M | CoinGlass |
The privacy coin debate is back on the table
CryptoPotato says the disclosure reignited an old argument about privacy-focused cryptocurrencies. The question is not just “is there a bug.” It’s whether a privacy system can detect supply-related misuse quickly enough, and whether it can later prove no misuse occurred.
Investor Udi Wertheimer, quoted in the report, argues that privacy coins face a different category of risk than transparent chains because counterfeit issuance may stay hidden longer. He also points to a previous Zcash inflation bug that was disclosed years after it existed.
Helius CEO Mert Mumtaz offered a counterpoint. He told CryptoPotato the immediate concern is whether exploitation happened before the patch, and he noted that major software bugs can appear anywhere in crypto, including Bitcoin.
Barry Silbert pushed back on the broader negative framing. In his post, also cited in the report, he argued that the disclosure reflects how Zcash’s security process works, not a collapse of it.
A pattern Hayes can’t ignore
This is not Hayes’ first rapid exit after making bullish comments, according to CryptoPotato. The report says he sold HYPE and NEAR holdings just yesterday, after previously suggesting HYPE could reach $150.
In the ZEC case, the specific trigger was Orchard’s privacy design plus the inability to formally rule out pre-patch exploitation. For assets with risk that can hide inside their own confidentiality, market participants often demand stronger guarantees than “extremely unlikely.”
Zcash developers, the coverage notes, are already working on a future network upgrade meant to verify supply integrity via migration to a new shielded pool. Until then, Orchard’s private design leaves a question that can’t be cryptographically closed, only acted on.