Blockchain investigator finds traceability issue in Zashi wallet cross-chain feature

Blockchain investigator ZachXBT has uncovered a privacy vulnerability in the Zashi wallet’s integration with cross-chain transaction protocol NEAR Intents. The independent researcher wrote an X thread on Tuesday saying he tested the system to find “design flaws he could abuse,” during his investigations for fraudulent actors.

Zashi is a self-custody crypto wallet developed by Electric Coin Co., the team behind Zcash (ZEC), a privacy-oriented cryptocurrency launched in 2016. The wallet allows users to send, receive, and spend ZEC while keeping their financial activity hidden from intermediaries, corporations, or government surveillance.

ZachXBT wrote about how he tested Zashi’s integration with NEAR Intents because of the “recent hype,” wondering if it kept the same level of anonymity Zcash users expect from shielded transactions.

Investigator identifies privacy flaw in moving SOL to Zcash

In his experiment, ZachXBT bridged 1 SOL from Solana to Zcash using NEAR Intents to Zashi wallet. He then shielded the funds for privacy after confirming both the source and destination transactions. 

The blockchain security sleuth then used Zashi’s “CrossPay” feature, which lets users spend shielded ZEC and send equivalent value in another crypto, to fund an Ethereum address with 0.005 ETH.

3/ Now let’s say I want to anonymously fund an ETH address from my Zashi wallet with my shielded ZEC so I use the “Crosspay” feature via Near Intents to receive 0.005 ETH to the following address:

0x6dda3649f19191a9df465f4010019f2f59c34bc4 pic.twitter.com/5cMDG83MN9

— ZachXBT (@zachxbt) October 21, 2025

While the main transfer completed after several minutes, ZachXBT discovered an unexpected refund transaction of 0.001598 ZEC sent to the same transparent address from which he had originally shielded the funds. 

According to the well-followed crypto security investigator, the automatic refund created a visible link between his shielded and unshielded addresses, undermining the privacy that Zcash’s shielded system is meant to protect.

The refund transaction was publicly traceable on the Zcash blockchain and could have allowed anyone to match timing and amounts between the NEAR Intents system and the refund itself. 

“Someone can simply match up timing/amounts from the Near Intents address and identify ZEC refund txns, allowing someone to deanonymize your t-address you initially shielded ZEC from since it is static and refunds are not shielded,” ZachXBT surmised.

Zashi Wallet promises updates to solve the traceability issue

The Web3 security researcher revealed that the flaw came from how NEAR Intents handles refunds for cross-chain transactions. In his example, the Near Intents Zcash address used was publicly visible, meaning refund transactions were processed transparently rather than within Zcash’s shielded pool. 

Since Zashi’s integration reuses the same transparent address for refunds, the linkage becomes obvious to on-chain analysts.

After identifying the flaw, ZachXBT said he contacted the Zashi development team, who acknowledged the issue and confirmed plans to introduce ephemeral addresses. 

These temporary wallet addresses will disappear after each transaction to reduce traceability, if the update is implemented as intended. They also told him shielded refunds will be included within NEAR Intents in a future update.

Despite the flaw, ZachXBT coined Zashi an “enjoyable wallet experience for privacy,” noting that it fixes several user interface and experience issues he had encountered with Monero, another privacy coin. 

“I am considering offering a service for individual traders or boutique funds looking to anonymize their activity,” he said, adding that interested parties could contact him directly for a collaboration.

When a follower told him his idea is similar to how cybersecurity consultants who are hired to breach secure systems to identify weaknesses, ZachXBT agreed. 

NEAR Intents protocol all-time volume reaches $2 billion

NEAR Intents is experiencing an uptick in user activity and transaction volume that has now crossed $2 billion, according to data from Dune Analytics. 

Daily blockchain volume by month on the intent-based system has increased by 379%, with user counts surpassing 457,000 since September 21. 

NEAR Intents is a multichain transaction protocol that automates cross-chain actions through an intent-based mechanism. Instead of manually bridging or swapping tokens, users or AI agents acting on their behalf broadcast their desired outcome, such as swapping one token for another.

In the last 24 hours, users have made $65 million worth of token transactions, with ZEC making up 10% of the grand total. The wallet currently supports two live features, Zashi Swaps and CrossPay, which went live earlier this month. 

Get $50 free to trade crypto when you sign up to Bybit now