PANews reported on June 9th that, according to The Block, Zcash developers have reached a consensus on rule changes for the upcoming Ironwood upgrade, aiming for activation in July. This upgrade stems from a previous Orchard pool vulnerability—a vulnerability that could have allowed attackers to mint an unlimited number of counterfeit ZECs. Due to the privacy nature of Orchard pools, the team could not determine whether any counterfeit ZECs had been minted before the vulnerability was patched.

The Ironwood upgrade will employ two core measures: First, it will introduce a new privacy pool using the Orchard protocol, gradually phasing out the old pool; second, it will add a control flag to the zero-knowledge proof circuit, which, when enabled, will disable transfers to other users within the pool while retaining change functionality. Once activated, this flag will be enabled for the old Orchard pool, and transfers initiated by users to old pool addresses will be automatically redirected to the new pool. Users can migrate funds from the old pool to the new pool, reducing risk exposure.