Release Zebra v1.0.0-beta.2 (#3132)

Zebra's latest beta continues implementing zero-knowledge proof and note commitment tree validation. In this release, we have finished implementing transaction header, transaction amount, and Zebra-specific NU5 validation. (NU5 mainnet validation is waiting on an `orchard` crate update, and some consensus parameter updates.) We also fix a number of security issues that could pose a local denial of service risk, or make it easier for an attacker to make a node follow a false chain. As of this release, Zebra will automatically download and cache the Sprout and Sapling Groth16 circuit parameters. The cache uses around 1 GB of disk space. These cached parameters are shared across all Zebra and `zcashd` instances run by the same user. See CHANGELOG.md for the full list of changes in this release.
2021-12-03 06:54:14 +10:00 · 2021-12-03 06:54:14 +10:00 · 022808d028
parent a92c431c03
commit 022808d028
14 changed files with 81 additions and 45 deletions
--- a/.github/PULL_REQUEST_TEMPLATE/release-checklist.md
+++ b/.github/PULL_REQUEST_TEMPLATE/release-checklist.md
@ -92,7 +92,7 @@ Also check for crates that depend on crates that have changed. They should get a

 - [ ] After any changes, test that the `cargo install` command in works. Use
      e.g. `cargo install --locked --path zebrad`.
-      
+
 ## README

 As we resolve various outstanding known issues and implement new functionality with each release, we should double check the README for any necessary updates.
@ -100,9 +100,9 @@ As we resolve various outstanding known issues and implement new functionality w
 We should check and update if necessary:

 - [ ] The "Beta Release" section
- [ ] The "Known Issues" section 
+- [ ] The "Known Issues" section

-to ensure that any items that are resolved in the latest release are no longer listed in the README. 
+to ensure that any items that are resolved in the latest release are no longer listed in the README.

 ## Change Log

@ -135,8 +135,8 @@ From "Keep a Changelog":
 - [ ] Check for any PRs that have been merged since you created the draft PR to update `CHANGELOG.md` and push any updates if necessary
 - [ ] Mark the PR to update `CHANGELOG.md` as "Ready for Review"
 - [ ] Once the changelog PR has been approved and merged, update the draft release with the final changelog
- [ ] Set the release title to `Zebra ` followed by the version tag, for example: `Zebra 1.0.0-alpha.0` 
- [ ] Set the tag name to the version tag, for example: `1.0.0-alpha.0`
+- [ ] Set the release title to `Zebra ` followed by the version tag, for example: `Zebra 1.0.0-alpha.0`
+- [ ] Set the tag name to the version tag, for example: `v1.0.0-alpha.0`
 - [ ] Set the release to target the `main` branch
 - [ ] Mark the release as 'pre-release' (until we are no longer alpha/beta)

--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,6 +4,53 @@ All notable changes to Zebra are documented in this file.

 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org).

+## [Zebra 1.0.0-beta.2](https://github.com/ZcashFoundation/zebra/releases/tag/v1.0.0-beta.2) - 2021-12-03
+
+Zebra's latest beta continues implementing zero-knowledge proof and note commitment tree validation. In this release, we have finished implementing transaction header, transaction amount, and Zebra-specific NU5 validation. (NU5 mainnet validation is waiting on an `orchard` crate update, and some consensus parameter updates.)
+
+We also fix a number of security issues that could pose a local denial of service risk, or make it easier for an attacker to make a node follow a false chain.
+
+As of this release, Zebra will automatically download and cache the Sprout and Sapling Groth16 circuit parameters. The cache uses around 1 GB of disk space. These cached parameters are shared across all Zebra and `zcashd` instances run by the same user.
+
+## Added
+
+### Network Upgrade 5
+
+- Validate orchard anchors (#3084)
+
+### Groth16 Circuit Parameters
+
+- Automatically download and cache Zcash Sapling and Sprout parameters (#3057, #3085)
+- Stop linking the Sapling parameters into the `zebrad` and Zebra test executables (#3057)
+
+### Proof & Anchor Verification
+
+- Use prepared verifying key for non-batch Sapling Groth16 verification (#3092)
+- Validate sapling anchors⚓ (#3084)
+- Add Sprout anchors to `zebra-state` (#3100)
+
+### Transaction Amount & Header Validation
+
+- Validate miner transaction fees (#3067, #3093)
+- Validate transaction lock times (#3060)
+- Validate transaction expiry height (#3082, #3103)
+
+### Dashboards
+
+- Add transaction-verification.json Grafana dashboard (#3122)
+
+## Fixed
+
+- Shut down channels and tasks on PeerSet Drop (#3078)
+- Re-order Zebra startup, so slow services are launched last (#3091)
+- Fix slow Zebra startup times, to reduce CI failures (#3104)
+- Speed up CI, and split unrelated and conflicting CI jobs (#3077)
+
+## Security
+
+- Stop closing connections on unexpected messages, Credit: Equilibrium (#3120, #3131)
+- Stop routing inventory requests by peer address (#3090)
+
 ## [Zebra 1.0.0-beta.1](https://github.com/ZcashFoundation/zebra/releases/tag/v1.0.0-beta.1) - 2021-11-19

 Zebra's latest beta implements a number of consensus rules which will be needed for Zebra to fully validate all of the Zcash network consensus rules, including those which will activate with NU5.
--- a/Cargo.lock
+++ b/Cargo.lock
@ -3618,7 +3618,7 @@ dependencies = [

 [[package]]
 name = "tower-batch"
-version = "0.2.17"
+version = "0.2.18"
 dependencies = [
 "color-eyre",
 "ed25519-zebra",
@ -4286,7 +4286,7 @@ dependencies = [

 [[package]]
 name = "zebra-chain"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 dependencies = [
 "aes",
 "bech32",
@ -4344,7 +4344,7 @@ version = "1.0.0-beta.0"

 [[package]]
 name = "zebra-consensus"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 dependencies = [
 "bellman",
 "blake2b_simd",
@ -4386,7 +4386,7 @@ dependencies = [

 [[package]]
 name = "zebra-network"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 dependencies = [
 "bitflags",
 "byteorder",
@ -4421,7 +4421,7 @@ version = "1.0.0-beta.0"

 [[package]]
 name = "zebra-script"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 dependencies = [
 "displaydoc",
 "hex",
@ -4434,7 +4434,7 @@ dependencies = [

 [[package]]
 name = "zebra-state"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 dependencies = [
 "bincode",
 "chrono",
@ -4468,7 +4468,7 @@ dependencies = [

 [[package]]
 name = "zebra-test"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 dependencies = [
 "color-eyre",
 "futures",
@ -4491,7 +4491,7 @@ dependencies = [

 [[package]]
 name = "zebra-utils"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 dependencies = [
 "color-eyre",
 "hex",
@ -4506,7 +4506,7 @@ dependencies = [

 [[package]]
 name = "zebrad"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 dependencies = [
 "abscissa_core",
 "atty",
--- a/README.md
+++ b/README.md
@ -78,30 +78,16 @@ Every few weeks, we release a new Zebra beta [release](https://github.com/ZcashF
 Zebra's network stack is interoperable with `zcashd`,
 and Zebra implements all the features required to reach Zcash network consensus.

-The goals of the beta release series are for Zebra to act as a fully validating Zcash node for
-all applicable consensus rules as of NU5 activation.
+The goals of the beta release series are for Zebra to act as a fully validating Zcash node,
+for all active consensus rules as of NU5 activation.

 Currently, Zebra does not validate the following Zcash consensus rules:

-#### NU5
-
- Full validation of Orchard transactions from NU5 onwards
-   - Validation of Orchard anchors (root of the Orchard note commitment tree)
-
-#### NU4 - Canopy
- Validation of coinbase miner subsidy and miner fees
-
 #### NU1 - Sapling
- Validation of Sapling anchors (root of the Sapling note commitment tree)
 - Validation of Sprout JoinSplit-on-Groth16 proofs

-#### NU0 - Overwinter
- ZIP-203: Transaction Expiry consensus rules
-
 #### Sprout
 - Validation of Sprout anchors (root of the Sprout note commitment tree)
- Validation of transaction lock times
- Validating updates of the Sprout note commitment tree

 #### Other
 - Undocumented rules derived from Bitcoin
@ -122,7 +108,7 @@ for your platform:
 2. Install Zebra's build dependencies:
     - **libclang:** the `libclang`, `libclang-dev`, `llvm`, or `llvm-dev` packages, depending on your package manager
     - **clang** or another C++ compiler: `g++`, `Xcode`, or `MSVC`
-3. Run `cargo install --locked --git https://github.com/ZcashFoundation/zebra --tag v1.0.0-beta.1 zebrad`
+3. Run `cargo install --locked --git https://github.com/ZcashFoundation/zebra --tag v1.0.0-beta.2 zebrad`
 4. Run `zebrad start` (see [Running Zebra](user/run.md) for more information)

 If you're interested in testing out `zebrad` please feel free, but keep in mind
@ -139,9 +125,13 @@ The recommended requirements for compiling and running `zebrad` are:
 - 100+ Mbps network connections

 We continuously test that our builds and tests pass on:
- Windows Server 2019
- macOS Big Sur 11.0
- Ubuntu 18.04 / the latest LTS
+
+The *latest* [GitHub Runners](https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources) for:
+- Windows Server
+- macOS
+- Ubuntu
+
+Docker:
 - Debian Buster

 Zebra's tests can take over an hour, depending on your machine.
@ -196,7 +186,6 @@ See our [roadmap](#future-work) for details.
 ## Known Issues

 There are a few bugs in Zebra that we're still working on fixing:
- [When Zebra receives an unexpected network message from a peer, it disconnects from that peer #2107](https://github.com/ZcashFoundation/zebra/issues/2107)
 - [Zebra's address book can use all available memory #1873](https://github.com/ZcashFoundation/zebra/issues/1873)
 - [Zebra does not evict pre-upgrade peers from the peer set across a network upgrade #706](https://github.com/ZcashFoundation/zebra/issues/706)
 - [Zebra accepts non-minimal height encodings #2226](https://github.com/ZcashFoundation/zebra/issues/2226)
--- a/tower-batch/Cargo.toml
+++ b/tower-batch/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "tower-batch"
-version = "0.2.17"
+version = "0.2.18"
 authors = ["Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT"
 edition = "2018"
--- a/zebra-chain/Cargo.toml
+++ b/zebra-chain/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "zebra-chain"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 authors = ["Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT OR Apache-2.0"
 edition = "2018"
--- a/zebra-consensus/Cargo.toml
+++ b/zebra-consensus/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "zebra-consensus"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 authors = ["Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT OR Apache-2.0"
 edition = "2018"
--- a/zebra-network/Cargo.toml
+++ b/zebra-network/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "zebra-network"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 authors = ["Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT OR Apache-2.0"
 edition = "2018"
--- a/zebra-network/src/constants.rs
+++ b/zebra-network/src/constants.rs
@ -153,7 +153,7 @@ pub const TIMESTAMP_TRUNCATION_SECONDS: u32 = 30 * 60;
 /// [BIP 14]: https://github.com/bitcoin/bips/blob/master/bip-0014.mediawiki
 //
 // TODO: generate this from crate metadata (#2375)
-pub const USER_AGENT: &str = "/Zebra:1.0.0-beta.1/";
+pub const USER_AGENT: &str = "/Zebra:1.0.0-beta.2/";

 /// The Zcash network protocol version implemented by this crate, and advertised
 /// during connection setup.
--- a/zebra-script/Cargo.toml
+++ b/zebra-script/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "zebra-script"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 authors = ["Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT OR Apache-2.0"
 edition = "2018"
--- a/zebra-state/Cargo.toml
+++ b/zebra-state/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "zebra-state"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 authors = ["Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT OR Apache-2.0"
 edition = "2018"
--- a/zebra-test/Cargo.toml
+++ b/zebra-test/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "zebra-test"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 authors = ["Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT OR Apache-2.0"
 edition = "2018"
--- a/zebra-utils/Cargo.toml
+++ b/zebra-utils/Cargo.toml
@ -2,7 +2,7 @@
 name = "zebra-utils"
 authors = ["Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT OR Apache-2.0"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 edition = "2018"
 # Prevent accidental publication of this utility crate.
 publish = false
--- a/zebrad/Cargo.toml
+++ b/zebrad/Cargo.toml
@ -2,7 +2,7 @@
 name = "zebrad"
 authors = ["Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT OR Apache-2.0"
-version = "1.0.0-beta.1"
+version = "1.0.0-beta.2"
 edition = "2018"
 repository = "https://github.com/ZcashFoundation/zebra"
 # make `cargo run` use `zebrad` by default