This release features a security fix for unbounded memory use in zebra-network, introduces the "progress-bar" feature, and continues to address audit findings.
Security
- Limit the number of leftover nonces in the self-connection nonce set (#6534)
- Allow each initial peer to send one inbound request before disconnecting any peers (#6520)
- Limit the number of non-finalized chains tracked by Zebra (#6447)
- Update dependencies that only appear in the lock file (#6217)
Added
- Add confirmations to getrawtransaction method response (#6287)
- Add a config for writing logs to a file (#6449)
- Add an experimental terminal-based progress bar feature to Zebra, which is off by default (#6235)
- Create DockerHub image with mining enabled after each Zebra release (#6228)
Changed
- Increase ZIP-401 mempool cost thresholds for Orchard transactions (#6521)
- Suggest making sure the RPC endpoint is enabled for checkpointing (#6375)
- Refactor the handling of height differences (#6330)
- Upgrade shared dependencies to match
zcashd5.5.0 (#6536) - Lookup unspent UTXOs in non-finalized state before checking disk (#6513)
- Stop re-downloading blocks that are in non-finalized side chains (#6335)
Fixed
- Validate header versions when serializing blocks (#6475)
- Stop ignoring new transactions after the mempool is newly activated (#6448)
- Fix off-by-one error in DNS seed peer retries, and clarify logs (#6460)
- Check that mempool transactions are valid for the state's chain info in getblocktemplate (#6416)
- Remove transactions with immature transparent coinbase spends from the mempool and block templates (#6510)
- Disable issue URLs for a known shutdown panic in abscissa (#6486)
Contributors
Thank you to everyone who contributed to this release, we couldn't make Zebra without you:
@arya2, @dconnolly, @gustavovalverde, @oxarbitrage, @teor2345 and @upbqdn