Zcash Security Program

Protect Privacy.Earn ZEC.

Find vulnerabilities in Zcash privacy-critical infrastructure.
OWASP Risk Rating · Coordinated disclosure · Shielded Z-address required.

Max Paid to Date200 ZECSCALAR · MAR 2026
Response SLA5 daysBUSINESS DAYS
Embargo90 daysCOORDINATED
Status● ACTIVEONGOING
Submit a Report Why This Program
The Case For This Program

Turns luck into structure.

In March 2026, a critical bug was found and fixed in 3 days with no exploitation. It worked — because one person happened to have good character. This program makes sure the next time doesn't depend on luck.

01
A Formal Channel Exists Now
Before this, responsible disclosure depended entirely on individual goodwill. Serious security researchers need an address to go to when they find something. Now one exists — with clear rules, a guaranteed reward, and a 5-day response SLA.
02
Breaks the Bad-Timing Cycle
The Zcash community knows the pattern: the market shows interest, then a vulnerability headline appears. An active bounty program changes who finds bugs first — researchers who want to be paid to help, not exploits leaking at the worst possible moment.
03
Solves the PR Problem
Uncoordinated disclosure on social media turns "25k ZEC at risk in a deprecated pool" into "ZCASH VULNERABLE." This program creates an alternative: a formal path that pays well, moves fast, and coordinates public announcements with proper technical context — not Twitter's algorithm.
04
Credibility Infrastructure
Every bug found and resolved here is verifiable proof that the ecosystem works. This is the same standard that makes the world trust OpenSSL and the Linux kernel. Bug bounty programs are not admissions of weakness — they are how serious protocols are maintained.
05
AI-Assisted Research Is Here
Scalar found the Sprout bug with AI. That capability is democratizing fast. Hundreds of researchers with automated analysis tools will scan public protocols in the next 12–24 months. This program defines the incentive for what happens when they find something.
06
Multi-Org Accountability
No single organization controls severity classification or disclosure timing. The multi-org triage model prevents both downplaying and sensationalizing — the two failure modes that destroy community trust.
Hall of Fame · First Case

Sprout Pool Vulnerability — March 2026

The first officially recognized bounty. AI-assisted discovery, responsible private disclosure, 3-day coordinated patch across all major mining pools. Proof the system works.

AS
Alex "Scalar" Sol
Critical AI-Assisted Discovery Mar 23, 2026

Scalar identified a critical vulnerability in zcashd v3.1.0 through v6.11.x — nodes were silently skipping Sprout proof verification when connecting new blocks to the chain. The bug had existed for nearly 6 years, introduced by a fChecked flag optimization inherited from Bitcoin Core that interacted incorrectly with Zcash's two-pass validation logic.

A malicious miner could have exploited this to drain the approximately 25,424 ZEC held in the deprecated Sprout pool. Zcash's turnstile mechanism would have prevented any supply inflation, and user privacy was never at risk — but funds were exposed. The patch was deployed across all major mining pools within 72 hours of disclosure.

Zebra, the Zcash Foundation's full node implementation, was never affected. Had exploitation been attempted, Zebra would have triggered a detectable chain fork — a critical layer of defense that worked exactly as designed.

Disclosure Timeline
  • Jul 2020Bug silently introduced in zcashd v3.1.0fChecked flag optimization causes Sprout proof verification to be skipped during block connection.
  • Jun 2023Zebra 1.0.0 goes live on mainnet, correctly verifying all transactions — becoming a critical safety net.
  • Mar 23Scalar privately reports the vulnerability to Shielded Labs. No public disclosure, no mention of reward.
  • Mar 24Shielded Labs convenes with ZODL engineers. Patch authored by str4d, reviewed by Daira-Emma Hopwood and Kris Nuttycombe. ViaBTC, Luxor, F2Pool contacted.
  • Mar 25–26All 4 major pools (ViaBTC, Luxor, F2Pool, AntPool) confirm patch deployment. Zero exploitation window.
  • Mar 31zcashd v6.12.0 released publicly. Coordinated disclosure posted by Zooko on Zcash Community Forum.
Total Reward
200 ZEC
Full report on Forum ↗
Community response · Zcash Forum
"I get the feeling that Zcash has a thousand unexpected surprises up its sleeve, which pop up every time the market starts showing interest in it... noble people simply cannot help but disclose this information if it actually happened. On the other hand, there will always be people who will exploit this information to spoil our mood... by the time this information passes through three people, it will be so distorted that no sane investor will want to get involved."
— Community member, Zcash Forum
26 likes · 144 views → Read the full thread

Program launched March 2026 — submit a valid report to join the Hall of Fame.

Reward Tiers

Payout Structure

All rewards paid in ZEC to a shielded Orchard address. Amounts scored using the OWASP Risk Rating Methodology. Highest reward paid to date: 200 ZEC.

Critical
100 – 200 ZEC

RCE, consensus failure, catastrophic privacy breach, shielded pool drain, or ZKP forgery. Full-chain threat with maximum impact and high exploitability.

Likelihood 7–9Impact 7–9OWASP CRITICAL
High
20 – 100 ZEC

Significant privacy or security vulnerability with broad impact. Orchard/Sapling protocol issues or wallet key exposure under exploitable conditions.

Likelihood 5–7Impact 5–7OWASP HIGH
Medium
2 – 20 ZEC

Limited privacy impact, DoS, or transaction malleability that doesn't break consensus. Partial anonymity set reduction.

Likelihood 3–5Impact 3–5OWASP MEDIUM
Low
0 – 2 ZEC

Minor issues with negligible security impact. Best-practice violations or informational disclosures with very limited attack surface.

Likelihood 1–3Impact 1–3OWASP LOW
Scoring Framework

OWASP Risk Rating Methodology

Every submission is scored on two axes — Likelihood and Impact — each from 0 to 9. The product determines severity and reward tier.

Risk Score = Likelihood (0–9) × Impact (0–9)
Likelihood — Threat Agent
  • Skill Level0–9
  • Motive0–9
  • Opportunity0–9
  • Size of group0–9
Likelihood — Vulnerability
  • Ease of Discovery0–9
  • Ease of Exploit0–9
  • Awareness0–9
  • Intrusion Detection0–9
Impact — Technical
  • Loss of Confidentiality0–9
  • Loss of Integrity0–9
  • Loss of Availability0–9
  • Loss of Accountability0–9
Impact — Business
  • Financial Damage0–9
  • Reputation Damage0–9
  • Non-Compliance0–9
  • Privacy Violation0–9

Severity Matrix — Likelihood (rows) × Impact (columns)

⬡ IMPACT
◈ LIKELIHOOD LOW (0–3) MEDIUM (3–6) HIGH (6–9)
HIGH (6–9) MEDIUM HIGH CRITICAL
MEDIUM (3–6) LOW MEDIUM HIGH
LOW (0–3) NOTE LOW MEDIUM
Legend: NOTE — informational LOW — 0–2 ZEC MEDIUM — 2–20 ZEC HIGH — 20–100 ZEC CRITICAL — 100–200 ZEC

Real Example — Scalar's Sprout Bug (Mar 2026)

Ease of Exploit: 3· Intrusion Detection: 8· Loss of Integrity: 7· Financial Damage: 7 CRITICAL · 200 ZEC awarded

→ owasp.org/www-community/OWASP_Risk_Rating_Methodology

Coordinated Disclosure

Responsible Disclosure Policy

Noble disclosure requires controlled timing. Premature publication helps attackers, not users. We provide a structured path that protects both the researcher and the ecosystem.

PRINCIPLE_01
90-Day Coordinated Embargo
We coordinate with the reporter on a joint disclosure timeline — typically 90 days after triage. Infrastructure gets patched before any public statement. The Sprout case went from report to full patch deployment in 8 days — a model for how this works in practice.
Day 0Private report received → acknowledged within 24h
Day 5Triage complete, OWASP severity assigned
Day 30Patch developed and reviewed
Day 60Deployed across critical infrastructure
Day 90Coordinated public disclosure with full context
PRINCIPLE_02
Controlled Public Communication
A "25k ZEC at risk in deprecated pool" headline becomes "ZCASH VULNERABLE MILLIONS AT RISK" by the third repost. We issue technical advisories through official Zcash channels with full context — not social media first. The goal is accuracy, not virality.
PRINCIPLE_03
Multi-Org Triage Panel
All critical reports are reviewed by a multi-organization triage panel. No single party has unilateral authority over severity scoring or disclosure timing. This prevents both downplaying and sensationalizing.
PRINCIPLE_04
Reporter Privacy Protected
Researcher identity is never disclosed without explicit consent. Reports are PGP-encrypted at submission. We never share vulnerability details with third parties prior to the agreed disclosure date, regardless of external pressure.
Updates

Latest News

Security advisories and program updates.

2026-03-31
NEWzcashd v6.12.0 released — patches Sprout proof verification bypass (zcashd v3.1.0–v6.11.x). Reported by Alex "Scalar" Sol. → Full case study · → Zcash Forum
Guidelines

Program Rules

Follow responsible disclosure practices. Violations may disqualify your submission. AI-assisted discovery is explicitly welcome.

RULE_01
Responsible Disclosure
Do not disclose vulnerability details publicly until the 90-day embargo expires. Coordinate on timeline with the multi-org triage panel.
RULE_02
No Exploitation
Do not exploit vulnerabilities beyond what's necessary to demonstrate impact. Never access, modify, or exfiltrate production user data.
RULE_03
Good Faith Testing
Limit testing to your own accounts and isolated environments. Avoid actions that could affect availability or integrity of services for others.
RULE_04
First Submission Wins
Only the first valid report for a given vulnerability receives the reward. Partial credit may be granted for simultaneous independent discovery.
RULE_05
ZEC Payment Only
All rewards paid in ZEC to a valid Zcash Orchard Z-address (unified preferred). T-addresses not accepted. Reward amounts in ZEC at time of payout.
RULE_06
No Automated Scanning of Mainnet
Automated scanners against mainnet infrastructure are prohibited. Rate-limiting abuse, DoS, and brute-force attacks are strictly out of bounds.
Target Surface

Scope

Only vulnerabilities in the systems listed below are eligible for rewards.

In Scope
  • +zcashd v6.12.0+ — core node
  • +librustzcash — Rust cryptographic libraries
  • +Orchard shielded protocol & circuit
  • +Sapling shielded protocol
  • +Halo 2 proving system
  • +Zebra — Zcash Foundation full node
  • +bountyzcash.org, z.cash, zodl.com
  • +Zcash protocol specification
Out of Scope
  • Third-party wallets (ZecWallet, Nighthawk)
  • Exchanges listing ZEC
  • Social engineering / phishing attacks
  • Physical attacks on infrastructure
  • Previously known and reported issues
  • Sprout pool (deprecated, closed to deposits)
  • DoS / spam without security impact
  • Self-XSS without meaningful attack surface
Report Submission

Submit a Vulnerability

Encrypted and confidential. Reviewed by the triage panel within 5 business days. AI-assisted discovery explicitly welcome.

PGP-encrypted in transit · 90-day coordinated disclosure