This post was originally shared on the ZenCash Blog.
Zcash recently reported a vulnerability that also affects Horizen. The vulnerability has to do with a potential error in the displayed amount of available funds in shielded sprout addresses, which can be incorrectly shown in the zend wallet application.
This affects users of the Zen Daemon application, which is anybody using a full node wallet.
Potentially Affected Applications by Horizen:
- Swing wallet
- Sphere by Horizen app operating in full node mode
- Other applications running a full node using shielded addresses
Zcash has already published a fix for this issue. The fix will be integrated into the next zend upgrade, which is 2.0.17, scheduled for release before the next zend deprecation date in April. Desktop wallets will be updated to include the new 2.0.17 binaries as well.
Horizen’s 2.0.17 release, implemented as a soft fork upgrade, will also include updates for a transaction count quadratic scaling issue and a minor adjustment to the 51% defense algorithm.
To read more from ZenCash follow this link.