Bearish bets on privacy-focused zcash (ZEC) surged to a record as the token fell as much as 50% in 24 hours after a now-plugged vulnerability in its Orchard pool was revealed.
ZEC recorded about $118 million in forced liquidations during the period, CoinGlass data shows.
That’s remarkably small for a token whose price has halved, suggesting that the sale came mostly from spot-held tokens rather than a futures-driven move. Only about 14% of zcash’s leveraged positions were wiped out; the number would have been far greater if a leverage cascade had driven the slide.
By comparison, about $335 million in bitcoin -tracked futures were liquidated over the same window, although the largest cryptocurrency fell only a few percent. Ether slipped a similar amount, liquidating $278 million.
Open interest – the total value of outstanding futures bets – rose to a record high in ZEC terms, suggesting traders were opening new positions rather than closing them.
The long/short ratio, the number of traders betting on a rise versus a fall, shows these positions skewed bearish. On Binance, the ratio was below 1 across retail investors at 0.77, whale accounts at 0.80 and whale positions at 0.85. Traders on the OKX were more bearish, with retail at 0.67 and whale accounts at 0.72. Only Bybit’s retailers leaned far to 1.49.
Short investors sell securities they do not actually own, betting that the price will fall before they have to close out their positions, and they will profit from the difference. Long investors own the securities to benefit from any increase.
The ratio indicates that zcash is heavily shorted after a spot-led decline. If selling slows and price stabilizes, these shorts may be forced to buy to cover their positions, fueling a strong rally.
It is worth remembering that even after losing more than half of its value in two weeks, ZEC is still up around 490% over the past year.
No way to know
The catalyst for the price drop was the disclosure by nonprofit Zcash developer Shielded Labs of a vulnerability in Zcash’s Orchard privacy pool that, if exploited, could have let an attacker create fake ZEC that no one could detect.
The Orchard fault had been live since the pool debuted in May 2022, and has gone unnoticed for four years. It was first discovered last week by security engineer Taylor Hornby using Anthropic’s Opus 4.8 model and patched into a hotfix by June 1st.
The damage is less about the bug itself, which is now closed, than what Shielded Labs admitted alongside it. Because of the way Orchard’s privacy works, there is no cryptographic way to prove if someone exploited the flaw before it was fixed.
The firm said it probably wasn’t, but it can’t be certain, and that uncertainty hangs over the token’s entire supply.
Arthur Hayes, Chief Investment Officer of Maelstrom, said he sold his entire zcash position as a result.
