Skip to content

Zebra 1.0.1
Compare
Choose a tag to compare
@github-actions github-actions released this 03 Jul 01:56
· 734 commits to main since this release
v1.0.1
2add0e5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Zebra 1.0.1 - 2023-07-03

Zebra's first patch release fixes multiple peer connection security issues and panics. It also significantly reduces Zebra's CPU usage. We recommend that all users upgrade to Zebra 1.0.1 or later.

As of this release, Zebra requires Rust 1.70 to build. macOS builds are no longer officially supported by the Zebra team.

If you're running zebrad in a terminal, you'll see a new Zebra welcome message.

Please report bugs to the Zebra GitHub repository

Breaking Changes

This release has the following breaking changes:

  • Zebra limits each IP address to 1 peer connection, to prevent denial of service attacks. This can be changed using the network.max_connections_per_ip config. (#6980, #6993, #7013).
    Thank you to @dimxy from komodo for reporting this bug, and the Ziggurat team for demonstrating
    its impact on testnet.
  • Zebra uses new APIs in Rust 1.70 to prevent concurrency bugs that could cause hangs or panics
    (#7032).

Support Changes

These platforms are no longer supported by the Zebra team:

Security

  • Use Arc::into_inner() to avoid potential hangs or panics (#7032)
  • Replace openssl with rustls in tests and experimental features (#7047)

Network Security

  • Fix long delays in accepting inbound handshakes, and delays in async operations throughout Zebra. (#7103). Thank you to the Ziggurat Team for reporting this bug.
  • Limit each IP address to 1 peer connection, to prevent denial of service attacks. (#6980, #6993)
  • Close new peer connections from the same IP and port, rather than replacing the older connection (#6980)
  • Reduce inbound service overloads and add a timeout (#6950)
  • Stop panicking when handling inbound connection handshakes (#6984)

Added

  • Make the maximum number of connections per IP configurable (#7013)
  • Make it easier to modify Zebra's config inside the Docker image (#7045)
  • Print a Zebra logo and welcome text if stderr is terminal (#6945, #7075, #7095, #7102)

Changed

  • Move macOS to tier 3 support (#6965)
  • Install from crates.io in the README, rather than a git release tag (#6977)
  • Add extra timeout logging to peer TCP connections (#6969)

Fixed

  • Stop overwriting custom user configs inside Zebra's Docker image (#7045)
  • Stop Zebra using 100% CPU even when idle (#7103), thank you to james_katz for reporting this bug
  • Avoid potential hangs in the tokio async runtime (#7094)
  • Replace or add RPC content type header to support zcashd RPC examples (#6885)
  • Make zebra-network licensing clearer (#6995)

Configuration

  • Ignore error from loading config if running the 'generate' or 'download' commands (#7014)
  • Apply force_color to panic logs (#6997)

Logging & Error Handling

  • Log a zebra-network task cancel on shutdown, rather than panicking (#7078)
  • Fix incorrect function spans in some logs (#6923, #6995)
  • Replace a state validation chain length assertion with a NotReadyToBeCommitted error (#7072)

Experimental Feature Fixes

  • Add an elasticsearch feature to block serialize to fix experimental build failures (#6709)
  • Prevent progress bar from panicking by disabling limits that are never reached (#6940)

Contributors

Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @conradoplg, @dconnolly, @dimxy from komodo, james_katz, @oxarbitrage, @teor2345, @upbqdn, and the Ziggurat team.

Contributors

conradoplg, dconnolly, and 5 other contributors
Assets 2
Loading