Something strange is happening today in the ppc network.
all ppcoind calls are reporting an error
-ppcoind getbalance
error: {“code”:-2,“message”:“Safe mode: WARNING: Invalid checkpoint found! Displayed transactions may not be correct! You may need to upgrade, or notify developers of the issue.”}
I also got this message this morning (EST) when I was minting:
WARNING: Invalid checkpoint found! Displayed transactions may not be correct! You may need to upgrade, or notify developers of the issue.
-install peerunity somewhere else and resync the blockchain.
-startup with the wallet.dat replaced or import the priv key of PJMHDx5DN2sFfhS8r7pEGM2kzeENpiMijL
For these kind of things I have several (linux) clones in virtualbox. Once in a while the blockchain get corrupt and a backup clone comes in very handy
Installed Linux Mint on my Mini Thermaltake Q PC last night and downloaded the PeerUnity wallet and it is doing the same thang the wheel is spinning on the bottom right but dont think the block is updating at all. Eeeekkkk :’( :omg: ??? :-/ :))
…Update- Blockchain is downloading will see what it does when it is 100% downloaded
According to my logs, the problem started between 2015-11-09 08:30 UTC and 2015-11-09 09:00 UTC with the transaction 2d00a7349e5d281406a9e78c3af5d14dd0b3df2dedbc61c08e02e909797c6ecf.
So the problem should be somewhere between these versions but there are only 2 commits that were introduced in between.
I don’t think that openssl update could cause this.
Someone crafted a signature to exploit a bug that caused the network to split. Basically there’s one side with Linux 32 bits and Windows 32 and 64 bits, and another side with Linux 64 bits. But Linux 64 bits may also be on the other side if they compiled from the source code and use OpenSSL 1.0.1k or above. The synchronized checkpoints are on the 64 bits Linux side. So if you’re on the other side you get the warning.
I wrote a quick fix in the “der_length_fix” branch in the peercoin repository. It’s not been reviewed yet so be careful. I don’t have the tools ready to build binaries.
[quote=“willy, post:9, topic:3691”]Seeing this problem as well with
peerunity “version” : “v0.1.2.0-g89ca26e”,
but only on one of two machines (the other runs the same peerunity version), which is very odd.[/quote]
Just to add: The machine on the wrong chain has peerunity compiled from source.
Machine two, which is working on the “correct” chain, uses the official peerunity binaries.
I’m pretty much setup to produce Windows and Linux builds, can do MAC build but never got the signing of the MAC build sorted so if anyone can help there we can have new binaries up pretty quick.
[quote=“sigmike, post:10, topic:3691”]Someone crafted a signature to exploit a bug that caused the network to split. Basically there’s one side with Linux 32 bits and Windows 32 and 64 bits, and another side with Linux 64 bits. But Linux 64 bits may also be on the other side if they compiled from the source code and use OpenSSL 1.0.1k or above. The synchronized checkpoints are on the 64 bits Linux side. So if you’re on the other side you get the warning.
I wrote a quick fix in the “der_length_fix” branch in the peercoin repository. It’s not been reviewed yet so be careful. I don’t have the tools ready to build binaries.
Status update: sigmike has published v0.4.1 RC1 including fixes for both 32-bit nodes and for 64-bit nodes locally built with openssl 1.0.1k+ (Great job, sigmike!). We have agreed that the checkpointed blockchain fork is the supported fork. This is the blockchain fork that all linux 64 bits running official v0.4.0 builds accepted, which includes the transaction sent by the attacker, using a signature format not recognizable by v0.4.0 32 bit builds.
If you are running official linux 64-bit client, no further action is necessary. Other users should avoid sending transactions before upgrading client once the official builds become available.
Official windows build of v0.4.1 RC1 has been started. Once it is ready I will post another update.
[quote=“Sunny King, post:15, topic:3691”]Status update: sigmike has published v0.4.1 RC1 including fixes for both 32-bit nodes and for 64-bit nodes locally built with openssl 1.0.1k+ (Great job, sigmike!). We have agreed that the checkpointed blockchain fork is the supported fork. This is the blockchain fork that all linux 64 bits running official v0.4.0 builds accepted, which includes the transaction sent by the attacker, using a signature format not recognizable by v0.4.0 32 bit builds.
If you are running official linux 64-bit client, no further action is necessary. Other users should avoid sending transactions before upgrading client once the official builds become available.
Official windows build of v0.4.1 RC1 has been started. Once it is ready I will post another update.[/quote]
Thank You Sunny! You are the man. It’s a good thing to get the rare bug worked out before Peercoin has rocketed up in value.
Non-pressing question for Sigmike or Sunny:
Because Peercoin is BTC code compliant, does this mean Bitcoin is susceptible to this attack?
basically, it is kind of a noob attack imo, some scriptkiddy went through all the bitcoin commits/patches and tries to attack altcoins with it which haven’t patched the vulnerabilities yet
edit: maybe the question should be, are there still more known vulnerabilities like this that need to be patched?