A major bug in the privacy-focused cryptocurrency Zcash, undetected for four years, was recently uncovered by Shielded Labs using Anthropic's Opus 4.8 AI model. The vulnerability could have allowed an attacker to mint unlimited counterfeit tokens. Zcash confirmed the flaw has been fixed, but not before the token's value plummeted nearly 38% in 24 hours.
Industry experts now warn that similar undiscovered vulnerabilities may be lurking in the software infrastructure of banks and other financial institutions. Ben Goertzel, CEO of SingularityNET, stated that while other cryptocurrencies are not susceptible to this specific bug, they likely contain analogous flaws that AI tools will find in the coming months. He added that banking software is also highly probable to host serious bugs.
The incident has reignited debate about security and the role of AI. Dragonfly Managing Partner Haseeb Qureshi sees AI's discovery as a positive, predicting it will push the industry toward 'formal verification'-a mathematical method to prove code is error-free. Vitalik Buterin has endorsed AI-assisted formal verification as a critical tool for cybersecurity.
However, CertiK CEO Ronghui Gu warns of an asymmetric security war, where profit-driven hackers can concentrate massive AI computing power on single targets, making it difficult for security firms defending multiple clients to keep pace. The consensus among experts is that formally verified software is the only path forward for mission-critical systems, but implementing it broadly remains a challenge.