Zcash Foundation Rolls Out Zebra Patch to Resolve Critical Orchard Bug

The Zcash Foundation rolled out Zebra releases 4.5.3 and 5.0.0 to remediate a critical vulnerability affecting the Orchard Action circuit.

To contain the issue, Zebra 4.5.3 temporarily suspended Orchard functionality using a time-sensitive network upgrade activated at block 3,363,426 on the mainnet.

The fix was fully implemented in Zebra 5.0.0, where the NU6.2 protocol upgrade took effect at block 3,364,600, and Orchard was restored using a corrected circuit.

The Foundation said the vulnerability was detected before any known exploitation, with no evidence of unauthorized value creation. User privacy remained unaffected, and transactions on both the Sapling and transparent pools functioned normally throughout the process. Zebra node operators are encouraged to upgrade to version 5.0.0.

Source: Zcash Foundation