It would seem you can only set the listener for the DNSCrypt-Proxy as an IPv4 address (0.0.0.0:5353 or if you don't want to get in the way of mDNS 0.0.0.0:5355 and if you wanted to set it to localhost 127.0.0.1:5355) but you cannot set for example :::5355 (any IPv6 address assigned to an OPNSense Interface) or even ::1:5355 (IPv6 localhost).
If you try to add an IPv6 address to the listener list, it will fail the service. Only once you remove the IPv6 address will the DNSCrypt-Proxy server start and run.
Is there a reason for this? Further, does Unbound handle the traffic the DNSCrypt-Proxy would? If so, should I just forward Outbound 853 for DNSCrypt and 443 for Known DoH to Unbound's port 53?