Zebra 2.0.1

Zebra 2.0.1 - 2024-10-30

• Zebra now supports NU6 on Mainnet. This patch release updates dependencies required for NU6. The 2.0.0 release was pointing to the incorrect dependencies and would panic on NU6 activation.

Breaking Changes

• The JSON RPC endpoint has cookie-based authentication enabled by default. If you rely on Zebra RPC, wou will need to adjust your config. The simplest change is to disable authentication by adding enable_cookie_auth = false to the [rpc] section of the Zebra config file; refer to the docs. (This was added in 2.0.0 but we include here again for clarity)

Changed

• Use ECC deps with activation height for NU6 (#8960)

Zebra 2.0.0 - 2024-10-25 - [YANKED]

This release was intended to support NU6 but was pointing to the wrong version of dependencies which would make Zebra panic at NU6 activation. Use 2.0.1 instead.

Breaking Changes

• The JSON RPC endpoint has cookie-based authentication enabled by default. If you rely on Zebra RPC, wou will need to adjust your config. The simplest change is to disable authentication by adding enable_cookie_auth = false to the [rpc] section of the Zebra config file; refer to the docs. (This was added in 2.0.0 but we included here again for clarity)

Added

• NU6-related documentation (#8949)
• A cookie-based authentication system for the JSON RPC endpoint (#8900, #8965)

Changed

• Set the activation height of NU6 for Mainnet and bump Zebra's current network protocol version (#8960)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @gustavovalverde, @oxarbitrage and @upbqdn.

Zebra 2.0.0-rc.0

Zebra 2.0.0-rc.0 - 2024-10-11

This version is a release candidate for the Zcash NU6 network upgrade on the Mainnet. While this version does not yet include the NU6 Mainnet activation height or current protocol version, all required functionality and tests are in place.

Please note that support for this release candidate is expected to conclude prior to the NU6 activation heights.

Security

• Added Docker Scout vulnerabilities scanning (#8871)

Added

• Added Regtest-only generate and stop RPC methods (#8849, #8839, #8863)
• Added fields to getmininginfo RPC method response (#8860)
• Copied the Python RPC test framework from zcashd into Zebra (#8866)

Changed

• Regtest halving interval to match zcashd and added a configurable halving interval for custom testnets (#8888, #8928)
• Updates post-NU6 Major Grants funding stream address on Mainnet (#8914)

Fixed

• Remove debugging output by default in Docker image (#8870)
• Fixes a typo in configuration file path of the docker-compose file (#8893)
• Return verification errors from sendrawtransaction RPC method (#8788)
• Respond to getheaders requests with a maximum of 160 block headers (#8913)
• Avoids panicking during contextual validation when a parent block is missing (#8883)
• Write database format version to disk atomically to avoid a rare panic (#8795)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @dismad, @gustavovalverde, @oxarbitrage, @skyl and @upbqdn

Zebra 1.9.0

This release includes deployment of NU6 on Testnet, configurable funding streams on custom Testnets, and updates Zebra's end-of-support (EoS) from 16 weeks to 10 weeks so that it will panic before the expected activation height of NU6 on Mainnet.

It also replaces the shielded-scan compilation feature with a new zebra-scanner binary, adds a TrustedChainSync module for replicating Zebra's best chain state, and a gRPC server in zebra-rpc as steps towards zcashd deprecation.

Recovering after finalizing a block from a chain fork

Zebra doesn't enforce an end-of-support height on Testnet, and previous versions of Zebra could mine or follow a chain fork that does not
activate NU6 on Testnet at height 2976000. Once a block from a fork is finalized in Zebra's state cache, updating to a version of Zebra that
does expect NU6 activation at that height will result in Zebra getting stuck, as it cannot rollback its finalized state. This can be resolved
by syncing Zebra from scratch, or by using the copy-state command to create a new state cache up to height 2975999. To use the copy-state
command, first make a copy Zebra's Testnet configuration with a different cache directory path, for example, if Zebra's configuration is at the
default path, by running cp ~/.config/zebrad.toml ./zebrad-copy-target.toml, then opening the new configuration file and editing the
cache_dir path in the state section. Once there's a copy of Zebra's configuration with the new state cache directory path, run:
zebrad copy-state --target-config-path "./zebrad-copy-target.toml" --max-source-height "2975999", and then update the original
Zebra configuration to use the new state cache directory.

Added

• A zebra-scanner binary replacing the shielded-scan compilation feature in zebrad (#8608)
• Adds a TrustedChainSync module for keeping up with Zebra's non-finalized best chain from a separate process (#8596)
• Add a tonic server in zebra-rpc with a chain_tip_change() method that notifies clients when Zebra's best chain tip changes (#8674)
• NU6 network upgrade variant, minimum protocol version, and Testnet activation height (#8693, 8733, #8804)
• Configurable NU6 activation height on Regtest (#8700)
• Configurable Testnet funding streams (#8718)
• Post-NU6 funding streams, including a lockbox funding stream (#8694)
• Add value pool balances to getblockchaininfo RPC method response (#8769)
• Add NU6 lockbox funding stream information to getblocksubsidy RPC method response (#8742)

Changed

• Reduce the end-of-support halt time from 16 weeks to 10 weeks (#8734)
• Bump the current protocol version from 170100 to 170110 (#8804)
• Track the balance of the deferred chain value pool (#8732, #8729)
• Require that coinbase transactions balance exactly after NU6 activation (#8727)
• Support in-place disk format upgrades for major database version bumps (#8748)

Fixed

• Return full network upgrade activation list in getblockchaininfo method (#8699)
• Update documentation for the new zebra-scanner binary (#8675)
• Update documentation for using Zebra with lightwalletd (#8714)
• Reduce debug output for Network on Regtest and default Testnet (#8760)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @conradoplg, @oxarbitrage, @therealyingtong and @upbqdn

Zebra 1.8.0

Zebra 1.8.0 - 2024-07-02

• Zebra now uses a default unpaid actions limit of 0, dropping transactions with
  any unpaid actions from the mempool and excluding them when selecting
  transactions from the mempool during block template construction.
• The zebrad binary no longer contains the scanner of shielded transactions.
  This means zebrad no longer contains users' viewing keys.
• Support for custom Testnets and Regtest is greatly enhanced.
• Windows is now back in the second tier of supported platforms.
• The end-of-support time interval is set to match zcashd's 16 weeks.
• The RPC serialization of empty treestates matches zcashd.

Added

• Add an init function for a standalone ReadStateService (#8595)
• Allow configuring more parameters on custom Testnets and an NU5 activation height on Regtest (#8477, #8518, #8524, #8528, #8636)
• Add default constructions for several RPC method responses (#8616, #8505)
• Support constructing Canopy proposal blocks from block templates (#8505)

Docs

• Document custom Testnets, Regtest and how they compare to Mainnet and the default Testnet in the Zebra book (#8526, #8636)

Changed

• Use a default unpaid action limit of 0 so that transactions with unpaid actions are excluded from the mempool and block templates by default (#8638)
• Lower the mandatory checkpoint height from immediately above the ZIP-212 grace period to immediately below Canopy activation (#8629)
• Use the new zcash_script callback API in zebra-script, allowing Zebra's ECC dependencies to be upgraded independently of zcash_script and zcashd (#8566)
• Put Windows in Tier 2 of supported platforms (#8637)
• Remove experimental support for starting the zebra-scan in the zebrad process as a step towards moving the scanner to its own process (#8594)
• Reduce the end of support time from 20 weeks to 16 weeks (#8530)
• Restore parts of the experimental internal-miner feature for use on Regtest (#8506)

Fixed

• Allow square brackets in network config listen addr and external addr without explicitly configuring a port in the listen addr (#8504)
• Fix general conditional compilation attributes (#8602)
• Update median_timespan() method to align with zcashd implementation (#8491)
  upbqdn marked this conversation as resolved.
• Allow custom Testnets to make peer connections (#8528)
• Refactor and simplify the serialization of empty treestates to fix an incorrect serialization of empty note commitment trees for RPCs (#8533)
• Fix port conflict issue in some tests and re-enable those tests on Windows where those issues were especially problematic (#8624)
• Fix a bug with trailing characters in the OpenAPI spec method descriptions (#8597)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @conradoplg, @gustavovalverde, @oxarbitrage and @upbqdn

Zebra 1.7.0

Zebra 1.7.0 - 2024-05-07

In this release we introduce Regtest functionality to Zebra and restored Windows support. Also adjusted our Zebra release interval from 2 weeks to 6 weeks approximately.

Added

• Preparing for upstream zcash_client_backend API changes (#8425)
• Regtest support (#8383, #8421, #8368, #8413, #8474, #8475)
• Allow Zebra users to contribute to the P2P network even if behind NAT or firewall (#8488)

Changed

• Adjust estimated release interval to once every 6 weeks and the end of support from 16 to 20 weeks (#8429)

Fixed

• Bump zcash script v0.1.15 and restore Windows support (#8393)
• Avoid possibly returning data from different blocks in z_get_treestate RPC method (#8460)
• Zebra panics with all features and no elasticsearch server available (#8409)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @oxarbitrage and @upbqdn

Zebra 1.6.1

This release adds an OpenAPI specification for Zebra's RPC methods and startup logs about Zebra's storage usage and other database information.

It also includes:

• Bug fixes and improved error messages for some zebra-scan gRPC methods
• A performance improvement in Zebra's getblock RPC method

Added

• Log database information such as storage usage on startup and shutdown (#8336, #8389)
• OpenAPI specification for Zebra's RPC methods (#8342)
• Add block times to output of getblock RPC method when called with verbosity = 2 (#8384)

Changed

• Removed Copy trait impl for Network (#8354)
• Refactored code for network consensus parameters to Network methods (#8340)

Fixed

• Improve zebra-scan gRPC method errors and add timeout to scan service to avoid hanging (#8318)
• Await state service requests in getblock method in parallel (#8376)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @elijahhampton, @gustavovalverde, @idky137, @mpguerra, @oxarbitrage, @upbqdn and @zancas

Zebra 1.6.0

This release exposes the shielded scanning functionality through an initial version of a gRPC server, documented in the Zebra Book.

Note

Building Zebra now depends on protoc. See the Build Instructions for more details.

Added

• Add docker-compose file to run CI locally (#8209)
• Allow users to use Zebra + LWD with persistent states (#8215)

Scanner

• Add a new zebra-grpc crate (#8167)
• Start scanner gRPC server with zebrad (#8241)
• Add gRPC server reflection and document how to use the gRPC server (#8288)
• Add the GetInfo gRPC method (#8178)
• Add the GetResults gRPC method (#8255)
• Add the Scan gRPC method (#8268, #8303)
• Add the RegisterKeys gRPC method (#8266)
• Add the ClearResults and DeleteKeys gRPC methods (#8237)
• Add snapshot tests for new gRPCs (#8277)
• Add unit tests for new gRPCs (#8293)
• Create a tower Service in zebra-scan (#8185)
• Implement the SubscribeResults scan service request (#8253)
• Implement the ClearResults scan service request (#8219)
• Implement the DeleteKeys scan service request (#8217)
• Implement the RegisterKeys scan service request (#8251)
• Implement the Results scan service request (#8224)
• Test the RegisterKeys scan service request (#8281)
• Add ViewingKey type in zebra-chain (#8198)
• Handle RegisterKeys messages in scan task (#8222)

Changed

• Remove rfc.md file (#8228)
• Update Debian from Bullseye to Bookworm in Docker (#8273)
• Remove Zebra RFCs from CONTRIBUTING.md (#8304)
• Publish fewer tags in Docker Hub (#8300)
• Add Zebra crate versions to dev-dependencies and remove circular dev-dependencies (#8171)
• Update docs for building Zebra (#8315)

Fixed

• Set log rotation to avoid docker bugs (#8269)
• Improve error message in non_blocking_logger test (#8276)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @bishopcheckmate, @chairulakmal, @gustavovalverde, @mpguerra, @oxarbitrage and @upbqdn.

Zebra 1.5.2

Zebra 1.5.2 - 2024 - 01 - 23

This release serves as a hotfix for version 1.5.1, addressing issues encountered after its initial release. For more information about version 1.5.1, refer to this link.

Following the release on GitHub, we identified difficulties in publishing the zebra-chain crate to crates.io. Detailed information is available in issue #8180 and its references.

Unfortunately, to resolve this challenge, which involves an unpublished dependency, we had to temporarily remove the internal miner support introduced in version 1.5.1.

In our efforts to reinstate this feature, we've opened a tracking ticket to monitor the progress of the required code that must be merged into the equihash dependency. You can follow the developments in issue #8183, which will only be closed once the feature is successfully restored.

Breaking Changes

• Temporally remove the internal miner functionality (#8184)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@oxarbitrage

Zebra 1.5.1

Zebra 1.5.1 - 2024-01-18

This release:

• Adds a utility for reading scanning results, and finalizes the MVP features of the scanner.
• Adds an experimental internal-miner feature, which mines blocks within zebrad. This feature is only supported on testnet. Use a more efficient GPU or ASIC for mainnet mining.
• Contains many documentation improvements.

Added

• Add an internal Zcash miner to Zebra (#8136, #8150)
• Blockchain scanner new features:
  • Don't scan and log if we are below sapling height (#8121)
  • Restart scanning where left (#8080)
  • Add scanning result reader utility (#8104, #8157)
• Note default path to config in docs (#8143)
• Document how to add a column family (#8149)

Changed

• Make sure scanner database is accessed using the correct types (#8112)
• Move history tree and value balance to typed column families (#8115)
• Refactor the user documentation for scanning (#8124)
• Refactor user & dev documentation (#8145)
• Improve feature flag docs (#8114)
• Allow opening the database in a read-only mode (#8079)
• Send all zebrad logs to the journal under systemd (#7965)

Fixed

• Point to a manually created list of Zebra crates in docs (#8160)
• Add shielded-scan.md to the index (#8095)
• Elasticsearch feature, make bulk size the same for testnet and mainnet (#8127)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @bishopcheckmate, @gustavovalverde, @oxarbitrage, @sandakersmann, @teor2345 and @upbqdn

Zebra 1.5.0

This release:

• fixes a panic that was introduced in Zebra v1.4.0, which happens in rare circumstances when reading cached sprout or history trees.
• further improves how Zebra recovers from network interruptions and prevents potential network hangs.
• limits the ability of synthetic nodes to spread throughout the network through Zebra to address some of the Ziggurat red team report.

As of this release, Zebra requires Rust 1.73 to build.

Finally, we've added an experimental "shielded-scan" feature and the zebra-scan crate as steps
towards supporting shielded scanning in Zebra. This feature has known security issues.
It is for experimental use only. Ongoing development is tracked in issue #7728.

Important Security Warning

Do not use regular or sensitive viewing keys with Zebra's experimental scanning feature. Do not use this
feature on a shared machine. We suggest generating new keys for experimental use.

Security

• security(net): Stop sending peer addresses from version messages directly to the address book (#7977)
• security(net): Limit how many addresses are sent directly to the address book for a single peer address message (#7952)
• security(net): Rate-limit GetAddr responses to avoid sharing the entire address book over a short period (#7955)

Added

• feat(config): Add config field for the viewing keys used by zebra-scan (#7949)
• feat(scan): Add on-disk database to store keys and scan results (#7942, #8036)
• feat(scan): Spawn zebra-scan task from zebrad with configured viewing keys (#7989)
• feat(scan): Create a scan_block function to use across scanning tasks (#7994)
• feat(scan): Scan blocks with Sapling keys and write the results to the database (#8040)
• poc(scan): Proof of concept for shielded scanning (#7758)
• add(docker): Add ldb RocksDB query tool to the Dockerfile (#8074)

Changed

• change(state): Expose ZebraDb methods that can create different kinds of databases (#8002)
• change(state): Make the types for finalized blocks consistent (#7923)
• change(scan): Create a scanner storage database (#8031)
• change(scan): Store scanned TXIDs in "display order" (#8057)
• change(scan): Create a function that scans one block by height, and stores the results in the database (#8045)
• change(scan): Store one transaction ID per database row, to make queries easier (#8062)
• change(log): Silence verbose failed connection logs (#8072)

Fixed

• fix(db): Fix a sprout/history tree read panic in Zebra v1.4.0, which only happens before the 25.3.0 state upgrade completes (#7972)
• fix(net): Fix potential network hangs, and reduce code complexity (#7859)
• fix(scan): Start scanning task only if there are keys to scan (#8059)
• fix(rpc): Make the verbose argument of the getrawtransaction RPC optional (#8076)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @oxarbitrage, @teor2345 and @upbqdn