Zcash Foundation Releases Zebra 4.5.1 to Fix Consensus-Critical Security Flaw
The Zcash Foundation issued an emergency Zebra 4.5.1 update after a consensus-critical bug in sigop counting for P2SH transactions, highlighting ongoing infrastructure risks for network stability.
ZEC
Fact Check
The Zcash Foundation's own advisory at zfnd.org/zebra-4-5-1-security-fixes/ confirms the precise version (4.5.1), date (June 1, 2026), consensus-critical severity, and the P2SH sigop counting bug (GHSA-2prc-cj5x-4443). Crypto.news and Odaily independently corroborate the release and its nature as an emergency consensus fix tied to ongoing infrastructure stability concerns.
Summary
The Zcash Foundation released Zebra 4.5.1 as an emergency security update to address a consensus-critical flaw involving incorrect sigop counting in Pay-to-Script-Hash (P2SH) transactions. According to the source, the bug could have created consensus fork risk by causing nodes to disagree on transaction validity. The release also fixes an incomplete patch included in Zebra 4.5.0, which had been published the previous day. The new report adds that Zcash was trading around $572.12 following the rushed release.
Terms & Concepts
- consensus-critical: Describes a bug or rule that can affect whether all nodes agree on the valid state of the blockchain.
- sigop counting: The process of counting signature-checking operations in scripts to enforce validation limits and preserve consensus.
- Pay-to-Script-Hash (P2SH): A transaction format that sends funds to a script hash, with the full spending conditions provided when the funds are spent.