The Zcash Foundation has released Zebra 4.5.1, an emergency update to address a critical consensus-level security vulnerability. The flaw, identified as GHSA-2prc-cj5x-4443, involves an incorrect signature operation count in P2SH transactions, which could lead to a consensus fork. Node operators are strongly urged to upgrade immediately to prevent potential chain splits.
This update corrects an incomplete fix from version 4.5.0, released just a day prior. The issue arose from discrepancies in sigop counting logic across implementations, risking inconsistent validation results. The fix reverts and adjusts the Rust implementation to align with protocol expectations, ensuring chain consensus consistency. The Zcash Foundation has stated that upgrading to 4.5.1 is essential, as no workaround exists for this vulnerability.
Zcash Foundation Issues Emergency Update to Fix Critical Vulnerability
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.