Skip to content

Issues: zcash/zcash

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
163 Open 415 Closed
163 Open 415 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Update Security.md to reflect Zebra node as an alternate implementation C-process Category: Process improvements D-decentralization Design issue: Decentralization I-SECURITY Problems and improvements related to security. use case
#6761 opened Sep 17, 2023 by nighthawk24
Check that Sapling tree is not full when connecting blocks A-consensus Area: Consensus rules I-SECURITY Problems and improvements related to security.
#6693 opened Jun 2, 2023 by ebfull
qa/zcash/test-depends-sources-mirror.py does not check file contents A-dependencies Area: Dependencies A-testing Area: Tests and testing infrastructure I-SECURITY Problems and improvements related to security.
#6438 opened Feb 16, 2023 by daira Post 5.10.0
1
Check all of the signatures of extern "C" functions A-rust-ffi Area: The Rust FFI in the librustzcash library. I-SECURITY Problems and improvements related to security.
#6386 opened Jan 30, 2023 by daira Post 5.10.0
@daira
Document dependency on unhashed terminfo database A-documentation Area: Documentation A-zcashd-wallet-tool Area: zcashd wallet backup tool I-SECURITY Problems and improvements related to security.
#6350 opened Jan 15, 2023 by daira
Ensure that data operand-independant timing bits are set on x86-64 and ARM A-crypto Area: Cryptography I-performance Problems and improvements with respect to performance I-SECURITY Problems and improvements related to security.
#6130 opened Aug 21, 2022 by daira
Post-quantum privacy for Zcash A-consensus Area: Consensus rules A-crypto Area: Cryptography C-future-proofing Category: Changes that minimise the effects of shocks and stresses of future events. C-research Category: Engineering notes in support of design choices D-forward-secrecy-vs-recoverability Design issue: Forward secrecy vs recoverability I-performance Problems and improvements with respect to performance I-privacy Problems and improvements related to privacy. I-SECURITY Problems and improvements related to security. M-requires-zip This change would need to be specified in a ZIP. protocol spec special to Daira Threat Model
#6121 opened Aug 18, 2022 by daira
3
"2FA" for Shielded Transactions A-consensus Area: Consensus rules A-crypto Area: Cryptography I-SECURITY Problems and improvements related to security. M-requires-nu A network upgrade is required to implement this. special to Taylor use case
#6050 opened Jul 4, 2022 by defuse
1
Make the error messages about security policy violations in z_sendmany more helpful A-wallet Area: Wallet I-SECURITY Problems and improvements related to security. usability
#5703 opened Mar 18, 2022 by daira
2
Enable stack canaries for Rust code, when supported on stable I-SECURITY Problems and improvements related to security.
#5668 opened Mar 13, 2022 by daira
2
[zcashd-wallet-tool] Zeroize the buffer used to read the recovery phrase I-SECURITY Problems and improvements related to security.
#5650 opened Mar 9, 2022 by daira Quick-win security improvements
@daira
security_warnings.html should discuss quality-of-randomness issues I-SECURITY Problems and improvements related to security.
#5292 opened Sep 9, 2021 by daira
Initial peer connections are sequential and misbehaving peers may block connections to next-in-the-list peers I-SECURITY Problems and improvements related to security.
#5259 opened Jul 26, 2021 by defuse
4
Repair libfuzzer support A-build Area: Build system A-fuzzer Area: The fuzzers and fuzzing infrastructure. I-SECURITY Problems and improvements related to security.
#5231 opened Jun 20, 2021 by daira
1
Formal verification of the abstract cryptographic protocol A-crypto Area: Cryptography I-SECURITY Problems and improvements related to security.
#5049 opened Apr 4, 2021 by defuse
4
zcutil/bin/db_* utilities are not security-hardened A-build Area: Build system I-SECURITY Problems and improvements related to security. use case
#4796 opened Oct 17, 2020 by daira
Use SetProcessWorkingSetSize when initializing Win32LockedPageAllocator I-SECURITY Problems and improvements related to security. memory management O-windows Operating system: Windows
#4750 opened Sep 26, 2020 by str4d
Rework crate dependency handling in updatecheck.py A-dependencies Area: Dependencies I-SECURITY Problems and improvements related to security. L-rust Involves Rust code.
#4726 opened Sep 15, 2020 by str4d
Enable "hardened runtime" in macOS builds I-SECURITY Problems and improvements related to security. O-macos Operating system: macOS
#4671 opened Aug 14, 2020 by daira
Add link to responsible_disclosure.md in security-warnings.md and in zcash-docs A-documentation Area: Documentation I-SECURITY Problems and improvements related to security. use case
#4664 opened Aug 13, 2020 by therealyingtong
@therealyingtong
Fix broken reference counting of CNode objects C-bug Category: This is a bug I-SECURITY Problems and improvements related to security. S-fix-next Status: Consider fixing this soon.
#4577 opened Jun 18, 2020 by defuse
2
Unspendable balance via extreme amounts of dust I-dos Problems and improvements with respect to Denial-of-Service. I-SECURITY Problems and improvements related to security.
#4538 opened May 21, 2020 by defuse
1
Use change memos for note-to-self and rescan optimization. A-light-clients Area: Light clients A-rust-ffi Area: The Rust FFI in the librustzcash library. A-wallet Area: Wallet A-wallet-change Area: Change handling within the wallet A-wallet-database Area: Wallet database and serialization External Encoding F-memo-field Feature: Memo field F-selective-disclosure Feature: Selective disclosure of shielded transaction details. I-performance Problems and improvements with respect to performance I-SECURITY Problems and improvements related to security. M-going-fully-shielded This advances our objective of deprecating t-addresses and going fully-shielded. note selection and shielded tx construction SPV support usability use case user interface Zcash codebase
#4473 opened Apr 24, 2020 by nathan-at-least
1
Refactor network code to allow fuzzing on a snapshot of the state as well as network input A-fuzzer Area: The fuzzers and fuzzing infrastructure. I-error-handling Problems and improvements related to error handling I-protocol-fragility Problems and improvements with respect to protocol fragility. I-SECURITY Problems and improvements related to security. thread safety
#4367 opened Feb 20, 2020 by daira
Note merging as a defence against input arity correlation attacks A-wallet Area: Wallet A-wallet-change Area: Change handling within the wallet I-performance Problems and improvements with respect to performance I-privacy Problems and improvements related to privacy. I-SECURITY Problems and improvements related to security. note selection and shielded tx construction special to Daira usability
#4332 opened Feb 7, 2020 by daira
18
ProTip! What’s not been updated in a month: updated:<2024-11-28.