Buy Crypto
Pay with
USD
USD
Buy & Sell
Hot
Supports Visa, Mastercard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
Markets
Trade
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
U.S. Stocks
CFD
U.S. stock CFD derivatives
Futures
High leverage, 24/7 trading
Tokenized Stocks
Backed by real stock assets
GUSD
Mint GUSD for Treasury RWA yields
Earn
Launch
CandyDrop
tag
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investment
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
More
Promotions
AI
Others
TradFi
Rewards
Square
Latest
Hot
News
Profile

Zcash Foundation Urgently Releases Zebra 4.5.0: Fixes Consensus-Level Vulnerability and Enforces Recommended Upgrade

CoinNetwork
robot
Abstract generation in progress
CoinWorld News: The Zcash Foundation has released version 4.5.0 of the Zebra node client, fixing multiple security vulnerabilities, including a consensus-critical flaw and several high-risk denial-of-service (DoS) issues. It is strongly recommended that all node operators upgrade immediately. Core fixes include an error in sigop counting during p2sh script parsing, a cache logic flaw in nu5 block validation, a risk of crash due to overflow in transparent address balances, and multiple vulnerabilities related to crashes and resource exhaustion in RPC interfaces and mempool handling. Some vulnerabilities can be exploited by malicious nodes, leading to node hangs, reboot loops, or even permanent shutdown. Additionally, this version adds support for zip-213 and optimizes network performance and security boundaries. The Zcash Foundation stated that this update fixes over 80 security reports from the ZCG vulnerability disclosure program. Upgrading is the only way to prevent chain splits and security risks.
ZEC-3.08%
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 6
  • 2
  • Share
Comment
Add a comment
Add a comment
GateUser-991fc58a
· 9h ago
The patches piled up from over 80 reports, the community's auditing effort is impressive.
View OriginalReply0
SilverCubeInsomnia
· 9h ago
The sigop counting bug in p2sh has surprisingly only been uncovered now; it's definitely a historical baggage.
View OriginalReply0
NeonHalf-MeltedIceCream
· 10h ago
Zebra 4.5.0's bug fix list is nerve-wracking to look at; p2sh sigop counting and nu5 caching are both consensus layer features, so node operators really need to upgrade overnight.
View OriginalReply0
TacoTreasury
· 10h ago
The nu5 verification cache optimization should help—node performance verification should finally get some breathing room.
View OriginalReply0
BorrowedSun
· 10h ago
Did you fix a bunch of DoS vectors? Were the RPC and memory pool crash points never fuzzed before?
View OriginalReply0
PatchNotePaladin
· 10h ago
ZIP-213 has finally been implemented, and the interaction logic between the shielded pool and transparent addresses has moved one step forward.
View OriginalReply0

  • Pinned

Sitemap