Zcash has just released a network update that has a number of improvements and bug fixes.
One of the most important bug fixes in 1.0.2 has to do with a wallet bug in zcashd that would prevent users from sending to multiple (private) z_addresses at one time.
All miners, users and pools are advised to update to 1.0.2 as soon as possible.
Zcash Blog
New Release: 1.0.2
Nathan Wilcox and Jay Graber | Nov 07, 2016
Today we’re announcing the release of Zcash 1.0.2 which fixes a bug that prevented creating transactions to multiple shielded recipient addresses. This is an implementation bug in the zcashd wallet which does not impact the consensus protocol. The list of changes included in this release:We’re encouraging all users and miners to update to this new version. See our download page and the 1.0 User Guidefor more information. For a more complete list of changes, see our 1.0.2 github milestone. To follow our progress, watch the GitHub project and join the forum.
- We fixed a bug to ensure that JoinSplit transactions to multiple z-addresses will succeed. (#1790)
- We changed z_sendmany to check if the size of a transaction for a given number of outputs will be valid. (#1808)
- We fixed a bug that could crash the miner when it was interrupted. (#1778)
- Community contributors helped improve our documentation. (#1765, #1763)
BACKGROUND
JoinSplits encapsulate zero-knowledge value transfer and have two private inputs and two private outputs. Multiple JoinSplits may be chained into a single transaction in order to spend more than two private inputs and/or send to more than two private outputs. The order of inputs and outputs can be a subtle information leak to private recipients (see #778). A patch to fix this information leak (#1561) in our 1.0.0-rc2 release randomizes the input and output orderings, but in doing so failed to permute the necessary commitment witnesses in the same manner as the private inputs. In this release we’ve temporarily disabled input/output order randomization (#1790).
