@mdr0id mdr0id released this Feb 11, 2019 · 8 commits to master since this release

This release is intended to address security issues in libraries used by Zcash and other outstanding tickets that were in our Spring cleaning sprints.

Notable Changes in this Release

[CVE-2019-6250] Update libzmq version

A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. This update addresses the vulnerability when ZeroMQ is enabled, which is not enabled by default.

Bitcoin 0.12 Performance Improvements

This change makes sigcache faster, more efficient, and larger. It also reduces the number of database lookups when processing new transactions.

Summary of the Changes Included in this Release

  1. Update ZMQ to 4.3.1 (#3789)
  2. Fix Tx expiring soon test (#3784)
  3. ZMQ: add flag to publish all checked blocks (#3737)
  4. wallet: Skip transactions with no shielded data in CWallet::SetBestChain() (#3711)
  5. Update z_mergetoaddress documentation (#3699)
  6. Allow user to ask server to save the Sprout R1CS to a file during startup (#3691)
  7. On shutdown, wait for miner threads to exit (join them) (#3647)
  8. Update for Mac OS local rpc-tests
  9. Bitcoin 0.12 performance improvements (#3263)

For a more complete list of changes, please see the 2.0.3 milestone.

For information on specific Sapling RPC parameter changes, please see the Network Upgrade Developer guide.

Assets 2

@mdr0id mdr0id released this Nov 30, 2018 · 60 commits to master since this release

This release adds further support for Sapling in the zcashd wallet RPC and mitigates an issue identified by an external auditor. Information on the Sapling network upgrade (which activated on Oct 28th 2018) can be found below:

Notable Changes in this Release

RPC z_getnewaddress now returns a Sapling address by default

Previously when calling z_getnewaddress a Sprout shielded address would be returned by default. With this release, a Sapling shielded address will be returned by default.

Transactions expiring soon will not be propagated

To address auditor issue ZEC-013 which identified a potential denial-of-service vector related to expiry height, nodes will no longer propagate transactions which are expiring soon, defined as within the next 3 blocks. For example, if the current block height is 99, and the next block to be mined is 100, a transaction with an expiry height of 100, 101, 102 will be considered "expiring soon" and will be rejected by the mempool. A transaction with an expiry height of 103 will be accepted. This does not impact transactions which have disabled expiry height (by setting to 0).

Summary of the Changes Included in this Release

  1. Add Sapling support to RPC z_mergetoaddress (#3619)
  2. Mitigate ZEC-013 transaction expiry height related DoS vector (#3689)
  3. Return Sapling addresses by default when calling RPC z_getnewaddress (#3680)
  4. Add Sapling spend and output description benchmarks to RPC zcbenchmark (#3611)
  5. Fix bug with Sapling chain value tracking (#3684)
  6. Fix language encoding bug with parameter paths on Windows (#3633)
  7. Backport from upstream the relaying of blocks when pruning (#2815)
  8. Don't ban peers when loading pre-Sapling blocks during syncing (#3670)
  9. Fix bug with contents of default memo in Sapling (#3605)
  10. Update tests for Sapling (#3585, #3588)

For a more complete list of changes, please see the 2.0.2 milestone.

For information on specific Sapling RPC parameter changes, please see the Network Upgrade Developer guide.

Assets 2
Nov 20, 2018
Auto merge of #3694 - mdr0id:release-v2.0.2-rc1, r=ianamunoz
Release v2.0.2 rc1

@mdr0id mdr0id released this Oct 15, 2018 · 150 commits to master since this release

This release is the first Sapling RPC supported version of the Zcash node software!

Sapling Activation

Mainnet

This release is consensus-compatible with the Sapling network upgrade and adds significant support in the zcashd wallet RPC. We’re encouraging all users and miners to upgrade as soon as possible. The first block of Sapling will be block 419200, which is expected to be mined on the 28th of October 2018, the second anniversary of Zcash’s official launch. More information on the upcoming Sapling network upgrade can be found below:

Testnet

Sapling has activated on the testnet at block 280000. If you are running a v2.0.1 node, you no longer need to specify -experimentalfeatures and -developersapling to use Sapling functionality on testnet. If you are running an older v2.0.0 node, please upgrade to version v2.0.1 which introduced a consensus rule change to allow min difficulty blocks to be mined from block 299188, thereby splitting the chain.

Other Notable Changes

Sapling RPC Support

This release contains support for Sapling RPC functionality on mainnet, enabling the sending of Sapling shielded funds.

Hierarchical Deterministic Key Generation

All Sapling addresses will use hierarchical deterministic key generation according to ZIP 32 (keypath m/32'/133'/k' on mainnet). Transparent and Sprout addresses will still use traditional key generation.

Backups of HD wallets, regardless of when they have been created, can therefore be used to re-generate all possible Sapling private keys, even the ones which haven't already been generated during the time of the backup. Regular backups are still necessary, however, in order to ensure that transparent and Sprout addresses are not lost.

A future release will support the importing and restoration of HD wallets.

Fix Signing Raw Transactions with Unsynced Offline Nodes

In signrawtransaction we determine the consensus branch ID (which we then later use to construct the transaction) using the chain height. We now also consider the APPROX_RELEASE_HEIGHT , as this is a better estimation than 0 for the height of the chain if we are unsynced. We have also added an additional parameter to signrawtransaction to allow manually overriding the consensus branch ID that zcashd determines we are on.

Summary of the Changes Included in this Release

  1. Allow minimum-difficulty blocks on testnet (#3559)
  2. Enable Sapling features on mainnet (#3537)
  3. Use ZIP 32 for all Sapling spending keys (#3492)
  4. Fix signing raw transaction with unsynced offline node (#3520)
  5. Sapling support for persisting wallet to disk (#3517)
  6. Add Sapling RPC support to z_shieldcoinbase (#3518)
  7. Add Sapling RPC support to z_listunspent (#3510)
  8. Add Sapling RPC support to z_listreceivedbyaddress (#3499)
  9. Add Sapling RPC support to z_importwallet and z_exportwallet (#3491)
  10. Add Sapling RPC support to z_sendmany (#3489)
  11. Add Sapling RPC support to z_getbalance and z_gettotalbalance (#3436)
  12. Track Sapling notes and nullifiers in the wallet (in-memory only, no persistence to disk) (#3422)
  13. Make NU peer management logic upgrade-agnostic (#3512)
  14. Generate an ovk to encrypt outCiphertext for Sapling t-addr senders (#3516)
  15. Windows cross-compile support (#3172)

For a more complete list of changes, please see the 2.0.1 milestone.

For information on specific Sapling RPC parameter changes, please see the Network Upgrade Developer guide on using zcashd unmodified .

Assets 2
Oct 8, 2018
Auto merge of #3578 - mdr0id:release-v2.0.1-rc1, r=bitcartel
Release v2.0.1-rc1

@str4d str4d released this Aug 17, 2018 · 406 commits to master since this release

This release is the first Sapling-compatible version of the Zcash node software!

Sapling Activation

Mainnet

This release is consensus-compatible with the Sapling network upgrade, and so we’re encouraging all users and miners to upgrade as soon as possible. The first block of Sapling will be block 419200, which is expected to be mined on the 28th of October 2018, the second anniversary of Zcash’s official launch. You can read more about the Sapling network upgrade here or on the Sapling Network Upgrade page.

Testnet

Sapling will activate on the testnet at block 280000, which is expected about a week after this release. Sapling had previously activated on testnet, but because changes were made to the consensus rules your node will automatically roll back and proceed on the Overwinter testnet branch until Sapling activates again at the new height.

Other Notable Changes

Experimental Sapling RPC Support

This release contains only experimental support for Sapling RPC functionality. Full support for Sapling RPC functionality will appear in the 2.0.1 release.

Developers must specify -experimentalfeatures and -developersapling to use the existing functionality on testnet after activation. Alternatively, developers can use these features in regtest mode.

Fix Peer Banning Bug Introduced In Overwinter

After Overwinter activation, nodes syncing from a block height prior to the activation height (347500) experienced slow syncing due to a peer banning mechanism that was introduced to mitigate against a class of DoS attacks from Sprout nodes. This fix replaces the use of peer banning with behavior to ignore invalid transactions.

Summary of the Changes Included in this Release

  1. Set the Sapling activation height for mainnet and testnet. (#3469)
  2. Adopted the official Sapling system parameters. (#3448)
  3. Added support for rollbacks of testnet. (#3443)
  4. Added experimental wallet support for Sapling z-addresses. (#3273, #3353, #3392, #3429, #3396, #3458)
  5. Added experimental support for building Sapling transactions. (#3417)
  6. Added experimental support for Sapling note encryption and decryption. (#3324, #3391)
  7. Accept the transaction expiry height as a parameter to RPC call createrawtransaction. (#3336)
  8. Prepared the codebase for ZIP 32 integration, including bumping the Rust compiler version to 1.28. (#3447)
  9. Begin checking the zk-SNARK parameter hash when loaded into memory. (#3441)
  10. Always record the best Sapling anchor on disk even if it is for the empty tree, because rollbacks may occur. (#3463)
  11. Fixed a bug where nodes may ban peers during synchronization before network upgrade activation. (#3410)
  12. Backport upstream improvements to InitialBlockDownload. (#3263)
  13. Update the mainnet checkpoints to improve the speed of initial synchronization. (#3246)

For a more complete list of changes, see the 2.0.0 milestone.

Assets 2
Aug 9, 2018
Zcash v2.0.0-rc1 release

@bitcartel bitcartel released this Jul 2, 2018 · 584 commits to master since this release

Hot on the heels of Zcon0 comes a new release of the Zcash node software (Overwinter-compatible). This release focused on implementing internal changes necessary for Sapling, with development progressing in tandem with the librustzcash and sapling-crypto libraries.

Developer tips for Overwinter network upgrade

Overwinter activated successfully at block 347500 with most of the ecosystem upgrading smoothly. Some common issues we helped third parties with both before and after activation, were:

  1. When using an offline node to sign raw transactions, the offline node needs to be synced past the Overwinter activation block height, so that the correct consensus branch id is used.

  2. With the new Overwinter signature hashing scheme, when passing in the prevtxs parameter to signrawtransaction, the amount field must be specified. Previously this was not mandatory.

  3. When developing custom code to perform the Overwinter signature hashing scheme, a common issue has been mixing up the endianness of fields.

See our previous blog post and the Overwinter Network Upgrade page for more information.

Other notable changes

Removal of option -disabledeprecation

In release 1.0.9 we implemented end-of-support (EOS) halt for zcashd software
versions made by the Zcash Company. The configuration option
-disabledeprecation was added as a way for users to specifically choose to
stay on a particular software version. However, it incorrectly implied that
deprecated releases would still be supported.

This release removes the -disabledeprecation option, so that zcashd software
versions made by the Zcash Company will always shut down in accordance with the
defined EOS policy (currently 16 weeks after release). Users who wish to
use a different policy must now specifically choose to either:

  • edit and compile the source code themselves, or
  • obtain a software version from someone else who has done so (and obtain
    support from them).

Either way, it is much clearer that the software they are running is not
supported by the Zcash Company.

Summary of the changes included in this release

  1. Removed configuration option for turning off EOS halt, previously known as auto-senescence. (#3137)
  2. Data field hashFinalSaplingRoot has been added to RPC call getblocktemplate. (#3299)
  3. Data field finalsaplingroot has been added to RPC calls getblockheader and getblock. (#3337)
  4. We added encodings for Sapling addresses. (#3326)
  5. We added a class for Sapling notes. (#3272)
  6. We created tests for Sapling anchors. (#3258)
  7. Test vectors were created for components of Sapling keys. (#3332)
  8. The help message of RPC call signmessage has been clarified. (#3259)
  9. Some tests were updated with fixes. (#3303, #3320).
  10. We performed some refactoring for code clean up. (#3237, #3321, #3322)

For a more complete list of changes, see our 1.1.2 milestone.

Assets 2
Jun 23, 2018
Zcash v1.1.2-rc1 release