The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org).
Zebra's latest beta continues implementing zero-knowledge proof and note commitment tree validation. In this release, we have finished implementing transaction header, transaction amount, and Zebra-specific NU5 validation. (NU5 mainnet validation is waiting on an `orchard` crate update, and some consensus parameter updates.)
We also fix a number of security issues that could pose a local denial of service risk, or make it easier for an attacker to make a node follow a false chain.
As of this release, Zebra will automatically download and cache the Sprout and Sapling Groth16 circuit parameters. The cache uses around 1 GB of disk space. These cached parameters are shared across all Zebra and `zcashd` instances run by the same user.
## Added
### Network Upgrade 5
- Validate orchard anchors (#3084)
### Groth16 Circuit Parameters
- Automatically download and cache Zcash Sapling and Sprout parameters (#3057, #3085)
- Stop linking the Sapling parameters into the `zebrad` and Zebra test executables (#3057)
### Proof & Anchor Verification
- Use prepared verifying key for non-batch Sapling Groth16 verification (#3092)
Zebra's latest beta implements a number of consensus rules which will be needed for Zebra to fully validate all of the Zcash network consensus rules, including those which will activate with NU5.
With this release we are also fixing a number of security issues that could pose a DDoS risk or otherwise negatively impact other nodes on the network.
Finally, this release includes an upgrade to the latest version of tokio (1.14.0).
### Added
- Check Shielded Input and Output Limits (#3069, #3076)
- Sprout note commitment trees (#3051)
- Check per-block limits on transparent signature operations (#3049)
- Calculate Block Subsidy and Funding Streams (#3017, #3040)
- Check for duplicate crate dependencies in CI (#2986)
- Add unused seed peers to the Address Book (#2974, #3019)
#### Network Upgrade 5
- Verify Halo2 proofs as part of V5 transaction verification (#2645, #3039)
This is the first beta release of Zebra. Today the mempool work is fully finished and compatible with [ZIP-401](https://zips.z.cash/zip-0401) and several security issues in the network stack are fixed. In addition to that we improved our documentation specially in the `zebrad` crate while we increased our test coverage. Finally, we get started with the task of upgrading Tokio to version 1.
### Added
#### Mempool
- ZIP-401: weighted random mempool eviction (#2889, #2932)
- Reject a mempool transaction if it has internal spend conflicts (#2843)
- Limit transaction size in the mempool (#2917)
#### Cleanup and performance
- Remove unused mempool errors (#2941)
- Simplify calling add_initial_peers (#2945)
- Disable the new clippy::question_mark lint (#2946)
- Downgrade startup logs to debug to speed up CI (#2938)
- Speed up alternative state and zebrad tests in CI (#2929)
#### Tests
- Restore and update mempool tests (#2966)
- Test multiple chain resets (#2897)
### Security
- Track the number of active inbound and outbound peer connections so we can implement limits (#2912)
Zebra's latest alpha contains the last of the changes to zebra chain state ahead of NU5 testnet activation and before concentrating on mempool work. The remaining NU5 validation will be completed prior to NU5 mainnet activation.
### Added
- Reject connections from outdated peers after network upgrade activation (#2519)
#### Network Upgrade 5
- ZIP-209: Prohibit Negative Shielded Chain Value Pool Balances Partial Implementation (#2546, #2554, #2561, #2569, #2576, #2577, #2578, #2596)
Zebra's latest alpha continues our work on NU5, including Orchard and Transaction V5. It also includes documentation updates and security fixes. In particular, Zebra no longer gossips unreachable addresses to other nodes and users should update and restart any running Zebra nodes.
### Added
- Check if a previous version of Zebra followed a different consensus branch (#2366)
- API for a minimum protocol version during initial block download (#2395)
- Add a verification height to mempool transaction verification requests (#2400)
- Improved error messages by adding database path method to the Finalized State (#2349)
- Add property test strategies for V5 transactions (#2347)
- Re-use a shared Tokio runtime for some Zebra tests (#2397)
#### Documentation
- Add CHANGELOG.md file to the zebra git repo (#2346)
- Client RFC updates (#2367, #2341)
- Explain how Zebra validates shielded coinbase outputs like other shielded outputs (#2382)
- Document required request timeouts due to data dependencies (#2337)
- Update known issues and add inbound network ports to the README (#2373)
- Document shared to per-spend anchor conversion (#2363)
- Document note commitment trees storage (#2259)
#### Network Upgrade 5
- Orchard note commitment tree test vectors (#2384)
- Enable V5 transaction test vectors in the groth16 tests (#2383)
- Validate transparent inputs and outputs in V5 transactions (#2302)
- Batch math & variable-time multiscalar multiplication for RedPallas (#2288)
- Implement asynchronous verifier service for RedPallas (#2318)
- ZIP-211: Validate Disabling Addition of New Value to the Sprout Value Pool (#2399)
### Changed
- Various transaction verifier refactors (#2371, #2432)
- Remove unicode in Zebra's user agent (#2376)
- Update multiple crates to ensure bitvec 0.22.3 is being used (#2351)
- Move transaction consensus branch ID check function to zebra-chain (#2354)
- Replace primitives_types with uint (#2350)
- Refactor to return errors from state update methods to prepare for contextual validation (#2417)
- Refactor of the validation of Sapling shielded data (#2419)
#### Network Upgrade 5
- Update spend and output checks for new Orchard consensus rules (#2398)
### Fixed
- Failed tests in the cached state CI workflow are no longer ignored (#2403)
- Stop skipping the cached sync tests in CI (#2402)
- Fix intermittent errors in the groth16 verifier tests (#2412)
- Skip IPv6 tests when ZEBRA_SKIP_IPV6_TESTS environmental variable is set (#2405)
- Stop failing after the mandatory Canopy checkpoint due to incorrect coinbase script verification (#2404)
- Improved docs and panic messages for zebra_test::command (#2406)
- Gossip dynamic local listener ports to peers (#2277)
- Stop allowing JoinSplits for Halo (#2428)
- Fix failing legacy chain tests (#2427)
### Security
- Zebra no longer gossips unreachable addresses to other nodes (#2392)
- User Action Required: Update and restart any running Zebra nodes
- Avoid duplicate peer connections (#2276)
- Send local listener address to peers (#2276)
- Limit reconnection rate to individual peers (#2275)
Zebra's latest alpha continues our work on NU5, including Orchard and Transaction V5, and includes several security fixes.
### Added
- Added a new `zcash_serialize_bytes` utility function (#2150)
- Added new Arbitrary impls for a number of types in zebra-chain and zebra-network (#2179)
- Zebra support for leap seconds (#2195)
#### Network Upgrade 5
- Zebra can now serialize and deserialize orchard shielded data (#2116)
- We now have some Action methods for orchard shielded data (#2199)
#### Testing and Bug Reports
- Added extra instrumentation for initialize and handshakes (#2122)
### Changed
- Collect and send more accurate peer addresses (#2123)
- Enable cargo env vars when there is no .git during a build, fix tag lookup, add build profile, add modified flag (#2065)
#### Testing
- Stop generating V1-V3 transactions for non-finalized state proptests (#2159)
- Added some logging to troubleshoot failing tests for redpallas signature (#2169)
### Fixed
- Fix clippy::cmp_owned for (sapling, orchard)::keys with ConstantTimeEq (#2184)
#### Documentation
- Fixed some typos and links in the documentation(#2157, #2174, #2180)
### Security
- Reject compact sizes greater than the protocol message limit (#2155)
- Handle small numbers of initial peers better (#2154)
- This security issue was reported by Equilibrium
- Stop panicking on out-of-range version timestamps (#2148)
- This security issue was reported by Equilibrium
- Stop gossiping temporary inbound remote addresses to peers (#2120)
- If Zebra was configured with a valid (not unspecified) listener address, it would gossip the ephemeral ports of inbound connections to its peers. This fix stops Zebra sending these useless addresses to its mainnet and testnet peers.
- Avoid silently corrupting invalid times during serialization (#2149)
- Do version checks first, then send a verack response (#2121)
- Remove checkout credentials from GitHub actions (#2158)
- Make CandidateSet timeout and initial fanout more reliable (#2172)
- Remove CandidateSet state and add last seen time limit to validate_addrs (#2177)
Zebra's latest alpha includes more validation of pre-NU5 consensus rules, continues our work on NU5/Orchard, and fixes some security and protocol correctness issues.
The Zebra project now has a [Code of Conduct](https://github.com/ZcashFoundation/zebra/blob/main/CODE_OF_CONDUCT.md).
### Added
- Design for Transaction V5 (#1886)
- Make shielded data and spends generic over Transaction V4 and V5 (#1946, #1989)
- Async batching for:
- Sprout `JoinSplit` signatures (#1952)
- Sapling `Spend` and `Output` Groth16 proofs (#1713)
- Enable `Joinsplit` and `Spend` spend auth sighash verification (#1940)
- Randomised property tests for `InventoryHash` and `MetaAddr` (#1985)
#### Documentation
- Update the RFC process to include draft RFCs (#1962)
- Merge some open RFCs as drafts (#1006, #1007, #1063, #1129)
- Add a fast start option to the Zebra Client RFC (#1969)
- Document that Zebra's mandatory checkpoint can change (#1935)
### Changed
- Refactor the Block Commitment field based on ZIP-244 (#1957, #1978, #1988)
### Fixed
- Stop ignoring inbound message errors and handshake timeouts (#1950)
- Don't send a useless heartbeat when the peer connection is already closing (#1950)
### Security
- Reduce deserialized memory usage for malicious blocks (#1920, #1977)
- Ensure that new MetaAddr fields are sanitized (#1942)
- Fix a deadlock between the peer address crawler and peer dialer when all connections fail (#1950)
- Avoid starvation of handshakes and crawling under heavy syncer load (#1950)
- Avoid starvation of request cancellations and timeouts under heavy peer response load (#1950)