I’m pretty much setup to produce Windows and Linux builds, can do MAC build but never got the signing of the MAC build sorted so if anyone can help there we can have new binaries up pretty quick.
Fuzzybear
Sent from my HTC Desire using Tapatalk 2
[quote=“sigmike, post:10, topic:3691”]Someone crafted a signature to exploit a bug that caused the network to split. Basically there’s one side with Linux 32 bits and Windows 32 and 64 bits, and another side with Linux 64 bits. But Linux 64 bits may also be on the other side if they compiled from the source code and use OpenSSL 1.0.1k or above. The synchronized checkpoints are on the 64 bits Linux side. So if you’re on the other side you get the warning.
I wrote a quick fix in the “der_length_fix” branch in the peercoin repository. It’s not been reviewed yet so be careful. I don’t have the tools ready to build binaries.
The technical discussion is here: https://github.com/ppcoin/ppcoin/issues/100[/quote]
Great Thanks to you Sigmike. Peercoin is lucky to have you 
Yes, thank you sigmike!
Status update: sigmike has published v0.4.1 RC1 including fixes for both 32-bit nodes and for 64-bit nodes locally built with openssl 1.0.1k+ (Great job, sigmike!). We have agreed that the checkpointed blockchain fork is the supported fork. This is the blockchain fork that all linux 64 bits running official v0.4.0 builds accepted, which includes the transaction sent by the attacker, using a signature format not recognizable by v0.4.0 32 bit builds.
If you are running official linux 64-bit client, no further action is necessary. Other users should avoid sending transactions before upgrading client once the official builds become available.
Official windows build of v0.4.1 RC1 has been started. Once it is ready I will post another update.
[quote=“Sunny King, post:15, topic:3691”]Status update: sigmike has published v0.4.1 RC1 including fixes for both 32-bit nodes and for 64-bit nodes locally built with openssl 1.0.1k+ (Great job, sigmike!). We have agreed that the checkpointed blockchain fork is the supported fork. This is the blockchain fork that all linux 64 bits running official v0.4.0 builds accepted, which includes the transaction sent by the attacker, using a signature format not recognizable by v0.4.0 32 bit builds.
If you are running official linux 64-bit client, no further action is necessary. Other users should avoid sending transactions before upgrading client once the official builds become available.
Official windows build of v0.4.1 RC1 has been started. Once it is ready I will post another update.[/quote]
Thank You Sunny! You are the man. 
It’s a good thing to get the rare bug worked out before Peercoin has rocketed up in value.
Non-pressing question for Sigmike or Sunny:
Because Peercoin is BTC code compliant, does this mean Bitcoin is susceptible to this attack?
@NME this is not a new exploit, it was discovered Tue Jul 28 14:27:18 UTC 2015 by Pieter Wuile who also patched it before disclosing the vulnerability
Bitcoin avoided the problem by making a protocol change before the bug was disclosed. We can't do that anymore so we have to make a fix.
In bitcoin, this issue was solved with BIP66. Read here for more info:https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-July/009697.html
https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki
read all about it here https://github.com/ppcoin/ppcoin/issues/100
basically, it is kind of a noob attack imo, some scriptkiddy went through all the bitcoin commits/patches and tries to attack altcoins with it which haven’t patched the vulnerabilities yet
edit: maybe the question should be, are there still more known vulnerabilities like this that need to be patched?
I’ve sucessfully build “v0.4.1.0-g2c87899-beta” on my RPi 2.
No errors. Correct chain.
Update: Windows build of 0.4.1 RC1 is now available, which should allow windows node to get back to the supported blockchain fork.
http://sourceforge.net/projects/ppcoin/files/0.4.1%20RC1/ppcoin-0.4.1rc1-win32-setup.exe/download
sha256sum: c0fa41ad46ee6c27571a39e6bac4ef68d92f6e2b8c53919472ead98bc31c4bdb
Please always backup wallet before proceeding. Also note down your total balance/stake.
Uninstall version 0.4.0.
Install version 0.4.1 RC1.
Is it safe for users to transact using v0.4.1 RC1 or should we wait for upgrades at exchanges before going out with such a message?
Should be home in an hour ill do it then
Fuzzybear
Sent from my HTC Desire using Tapatalk 2
I can confirm that sha256sum of ppcoin-0.4.1rc1-win32-setup.exe is: c0fa41ad46ee6c27571a39e6bac4ef68d92f6e2b8c53919472ead98bc31c4bdb
Should be home in an hour ill do it then
Fuzzybear
Sent from my HTC Desire using Tapatalk 2[/quote]
Thanks 
Can someone post a updated peerunity build and [member=30983]peerchemist[/member] post updated peerbox ppcoind if it is affected please? Thanks.
Before attempting sending of transactions, you should first confirm you are on the right blockchain fork. You can do this in debug window console:
getcheckpoint
{
“synccheckpoint” : “000000000000000788eb52cb07e75fe19503b389f69342b6370a3ef43544e269”,
“height” : 204717,
“timestamp” : “2015-11-10 23:35:16 UTC”
}
getblockhash 204717
000000000000000788eb52cb07e75fe19503b389f69342b6370a3ef43544e269
If your checkpoint height is greater than 204717 you are on the right fork, and further confirm the blockhash of 204717 is above.
Test transaction sending with small amount first. For sending to exchange please first confirm with the exchange that it is accepting deposit, also test with small amount first.
That is correct.
Successful source build of 0.4.1 on 32-bit Linux. Up and running again on the correct blockchain. Kudos to the devs for the rapid response.
Before attempting sending of transactions, you should first confirm you are on the right blockchain fork. You can do this in debug window console:
getcheckpoint
{
“synccheckpoint” : “000000000000000788eb52cb07e75fe19503b389f69342b6370a3ef43544e269”,
“height” : 204717,
“timestamp” : “2015-11-10 23:35:16 UTC”
}
getblockhash 204717
000000000000000788eb52cb07e75fe19503b389f69342b6370a3ef43544e269
If your checkpoint height is greater than 204717 you are on the right fork, and further confirm the blockhash of 204717 is above.
Test transaction sending with small amount first. For sending to exchange please first confirm with the exchange that it is accepting deposit, also test with small amount first.[/quote]
This was a helpful reality-check after updating Windows wallets to v0.4.1 RC1 and a small test between updated wallets has started confirming. Thanks for the info and a big thumbs-up to the outstanding community effort that expedited the fix.
I am a newbie and just started 3 days ago with Peerunity, version 0.1.1 on Windows 10, 64-bit version installed I am also having the same invalid checkpoint.
Can any give me directions how I can solve the problem ?