News linked to both this project and an event.
: The Zcash Foundation has released version 4.5.0 of its node client, Zebra. This update includes multiple security fixes, addressing a critical consensus vulnerability and several high-severity Denial of Service (DoS) issues. All node operators are strongly urged to upgrade immediately.Key fixes in this release include a sigop counting error in P2SH script parsing (which could cause a consensus fork with zcashd), a logic flaw in NU5 block validation caching, a crash risk related to transparent address balance overflow, along with multiple crash and resource exhaustion vulnerabilities in RPC interfaces and mempool processing. The Foundation stated that some vulnerabilities could be exploited by malicious nodes, leading to node stalls, restart loops, or even permanent stoppage.Additionally, this version adds support for ZIP-213 (enabling shielded coinbase outputs to Sapling) and optimizes network performance and security boundaries. This includes limiting resource allocation during the pre-handshake phase, fixing risks related to multi-threaded queue abuse, and enhancing the misbehavior scoring mechanism.The Zcash Foundation stated that this update addresses over 80 security reports from the ZCG Vulnerability Disclosure Program (spanning April to May 2026), covering multiple layers including consensus security, memory management, RPC processing, and the P2P network attack surface. Officials emphasized that there is no alternative to this upgrade; upgrading is the only way to ensure nodes do not experience a chain split and remain secure.
According to The Defiant, the Ethereum Foundation’s Kohaku Initiative has released an SDK for integrating privacy protocols into Ethereum wallets. A functional 4337 mempool relay supporting private transactions is now available in version v0.0.1-alpha.21 of the kohaku-eth/railgun integration. This SDK aims to integrate shielded-pool protocols—such as Railgun, Tornado Cash, and Privacy Pools—directly into wallet interfaces, reducing reliance on centralized relay infrastructure. Kohaku has also demonstrated a CLI-based wallet and is advancing integration with production-grade wallets like Ambire, while simultaneously developing post-quantum accounts, multisig support, and hardware wallet compatibility.