An AI model, Anthropic's Opus 4.8, uncovered a critical vulnerability in the Zcash privacy network that existed for four years. The bug could have allowed attackers to mint unlimited counterfeit tokens. Zcash confirmed the issue has been fixed, but the token price dropped nearly 38% in 24 hours. Security experts, including Ben Goertzel of SingularityNET, warn that similar bugs likely exist in other cryptocurrencies and traditional banking software. The incident has sparked debate on AI's role in security: while it exposes vulnerabilities, it also enables solutions like formal verification. Dragonfly's Haseeb Qureshi is bullish on AI-assisted formal verification as the path to hardening all software. However, CertiK's Ronghui Gu highlights an asymmetric security war where hackers can concentrate AI resources on single targets, while defenders must scale protections across many systems. The consensus among experts is that formal verification—mathematical proofs of code correctness—may be the only reliable defense against increasingly sophisticated AI-driven attacks.

Key facts

• Anthropic's Opus 4.8 AI found a 4-year-old bug in Zcash allowing unlimited token minting.
• Zcash token dropped 38% in 24 hours after the vulnerability disclosure.
• Experts warn similar undiscovered flaws exist in other crypto and banking systems.
• Formal verification is recommended as the only robust defense against AI-discovered bugs.
• CertiK's CEO warns of an asymmetric AI token consumption war between hackers and defenders.