Arthur Hayes’ recent portfolio pivot got blunt and specific. In posts on X, he said Maelstrom sold its entire Zcash position after new disclosures around an Orchard Pool vulnerability raised the perceived risk to ZEC’s monetary integrity.
Hayes framed the decision as a mismatch between what can be known and what his thesis requires. “The Orchard Counterfeiting Vulnerability” was the headline, but the operative issue was the standard of proof. Zcash’s privacy design blocks cryptographic confirmation that the vulnerability was not used while it existed.
What changed: the “unlimited counterfeit” concern
The move follows a detailed statement from Zooko Wilcox, Jason McGee and Taylor Hornby describing the Orchard issue as “The Orchard Counterfeiting Vulnerability.” NewsBTC reports that Hornby discovered a critical vulnerability in Zcash’s Orchard pool on May 29, then disclosed it to Zcash Open Development Lab. The emergency response reportedly finished on June 2.
Their key claim, as quoted in the NewsBTC piece, was that the vulnerability “could have been exploited to undetectably create an unlimited amount of counterfeit ZEC within Orchard.” That is not an allegation that it happened. It is a description of what the vulnerability might have enabled.
The second, more thesis-breaking part comes from the privacy mechanics. Wilcox, McGee and Hornby added a caveat that NewsBTC highlights. Because of Orchard’s privacy properties, there is “no way to cryptographically prove whether the vulnerability was exploited while it existed.”
Why Hayes calls it a trade-break, not a verdict
Hayes’ posts turn that uncertainty into a decision rule. He wrote that while he thinks “it’s extremely unlikely” any minting happened, it cannot be “formally cryptographically proved impossible.” He also tied the point to the narrative he attached to ZEC. “The privacy from AI, govt, big tech narrative demands perfection not improbability,” Hayes wrote, according to NewsBTC.
NewsBTC also connects Hayes’ exit to what he described as a mental-model break after reading about the exploit.
The security logic is straightforward. Hayes is not saying the network created counterfeit ZEC. He is saying his asset thesis depended on a level of certainty that privacy prevents.
ZODL’s “soundness failure” explanation
Josh Swihart, founder and CEO of Zcash Open Development Lab, offered additional context in a post titled “Never Again.” NewsBTC reports Swihart described the Orchard bug as a rule-writing failure in the proof system. The rule was reportedly “written loosely enough” that it could accept false information and still pass.
Swihart’s framing, as summarized by NewsBTC, is that the issue was not a privacy leak. It was a soundness failure that could undermine confidence in whether invalid value creation was possible inside a shielded pool.
The mitigation: temporary disable and corrected circuit
The remediation required more than a wallet update. NewsBTC says Zcash Open Development Lab and the broader ecosystem disabled Orchard actions temporarily, then restored them with a corrected circuit.
That matters because Hayes’ concern is reputational as well as technical. Even if the fix closed the door, NewsBTC stresses the residual uncertainty that comes from the inability to cryptographically prove the vulnerability was not exploited during the window.
What Hayes sold and what he kept
Hayes said the decision ended his recent “Holy Trinity” trade that grouped ZEC with NEAR and HYPE. NewsBTC says he declared “The Holy Trinity is dead.” The ZEC exit came after he reportedly already dumped HYPE and NEAR positions a day earlier.
In NewsBTC’s account, Hayes linked the earlier exits to higher energy prices, looming major AI IPOs, and political risk around artificial intelligence.
ZEC’s selloff also appears to have played a practical role. NewsBTC reports Hayes wrote that a roughly 30% dump made him rethink and that he took profit by selling his entire position.
Still, Hayes left an escape hatch. He wrote that he will re-evaluate and rebuy if his assumptions prove incorrect.
The remaining bet: Worldcoin (WLD)
Worldcoin is now the remaining public expression of Hayes’ AI-linked rotation, per NewsBTC. Hayes reportedly said “We still hold WLD” and suggested bullish momentum tied to renewed AI-asset speculation and an OpenAI IPO.
At press time in the NewsBTC piece, ZEC was down more than 45% in 24 hours.
Key facts from the Orchard disclosure and response
| Item | What the NewsBTC report says | Why it mattered to Hayes |
|---|---|---|
| Vulnerability label | “The Orchard Counterfeiting Vulnerability” | Triggered monetary-integrity risk framing |
| Discovered and disclosed | Hornby found it May 29 and disclosed to ZODL | Defined the vulnerability window |
| Response completion | Emergency response finished June 2 | Shows mitigation timing |
| Potential impact | Could enable “undetectably” creating unlimited counterfeit ZEC within Orchard | Creates worst-case capability |
| Proof limitation | No way to cryptographically prove exploitation did or did not occur | Hayes’ thesis needs certainty, not probability |
| Fix approach | Disable Orchard actions, then restore with corrected circuit | Mitigation closed the issue, but not the uncertainty |
The unanswered question security readers will keep asking
The Zcash Orchard issue ends with a fix, not with proof. That is the crux NewsBTC spotlights and Hayes operationalizes.
In security terms, Hayes is treating “can’t prove impossibility” as a blocker for a privacy-linked narrative that, in his view, requires perfection. The network can remediate a soundness failure, but Zcash’s privacy properties prevent a cryptographic audit of what happened during the vulnerable period.
If Hayes rebuying happens, NewsBTC reports it would depend on later reassessments and on whether his assumptions end up “proven incorrect.” For now, his own posts make the decision less about a finding of exploitation and more about the limits of what can be demonstrated under privacy.