-
Notifications
You must be signed in to change notification settings - Fork 552
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Invalid checkpoint found! #100
Comments
Hi @kha0S, could you detail a bit more your analysis of what happened exactly? |
I can confirm Peercoin's blockchain was forked. You can verify it here:
The next blocks of bkchain.org and bitinfocharts.com are on two separate blockchains. Action must be taken rapidly to prevent double spending (i.e. if BTC-E and Shapeshift are on two separate forks, everyone will be able to double their money). |
Hi @mably. @Thireus has already explained. I can confirm also, that my pool (http://give-me-coins.com) has nodes on both forks. Payments have been disabled to prevent abuse. |
Some nodes are rejecting block 8350ac92844dfe4d8308d06fc4ecf379a98b0657f8b6435546f620888174adcc because they consider one of the included signatures is invalid. Other nodes (including the one propagating the sync checkpoints) have considered it valid. I'm not sure why this is happening. |
I was able to make a node accept the signature by applying this patch: 3320650 But it didn't work on some other nodes. The node where it worked has openssl > 1.0.1k. The other nodes have openssl < 1.0.1k. |
How severe is this? Should we make a statement calling attention to it for exchanges etc.? |
I've locked my pool payments. Exchanges should do the same... |
Looks like funds are locked on btc-e already. |
I dont see any actions locked on btc-e |
Deposits are not showing even after 6 confirmations, I've tested it. |
That should mean you are on a different fork thank btc-e, double spending should be possible. |
As reported by @glv2 and @sigmike the fork happened due to the transaction with id 2d00a7349e5d281406a9e78c3af5d14dd0b3df2dedbc61c08e02e909797c6ecf. I tried to verify it with Coinomi's bitcoinj and it fails because this BER signature uses a 5 byte length field: Notice that Now the problem is that OpenSSL has a bug where you cannot store 5 bytes in a Was this intentional? This transaction has 1 input and 1 output (this is rare), the amounts are suspiciously round (0.1 PPC input, 0.05 PPC output and 0.05PPC fee) and lastly why use In bitcoin, this issue was solved with BIP66. Read here for more info: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-July/009697.html |
Indeed someone certainly exploited the bug found by Pieter Wuille. The network is probably split between 64 bits Linux systems and 32 bits Linux + all Windows systems. Exchanges and other users should be warned. |
What about SK synchronized checkpointing? Looks like it was done on Linux 64. |
Probably. |
Thanks! I'll try the patch |
does it mean we have to sync the repo up to bitcoin core 0.10 in order to fix this? or should we just port signature bugfix into 0.5? |
so the linux x64 chain fork is the correct one? |
@sigmike are you in touch with @sunnyking about this issue? Is he working on a fix? |
Would the following be an appropriate warning to post on r/Peercoin?
Information and discussion at GitHub and PeercoinTalk (also see the chatbox). Update: Warning posted. |
@mably no, I sent him an email but I didn't get an answer yet. |
Here is the neutralized version of this transaction, just in case:
|
Just to clarify the block with the signature will be accepted as the valid chain going forward correct? Also why if the patch still needs to be applied to 64 bit nodes did the checkpointing node accept the block? Is it not running the latest stable release? |
I notified btc-e to lock PPC transactions. If anyone has contacts with other exchanges, please do the same. |
Tweeted a warning and mentioned some exchanges ( We have a list of exchanges at Peercoin.net in case someone's looking for one. |
I wrote a quick fix here: 4f3f5d8, in the |
Commit 3320650 is also required if you have OpenSSL 1.0.1k or above. It's included in the |
Thanks for the fix. However, I'm a bit confused on which chain is the correct one. Is it the one that has that transaction or the one that doesn't? |
@glv2 Thanks. That seems to work - it disconnected about 75 blocks before connecting 73. I'm on block 204686 now. |
i upgrade my wallet to v0.5.0ppc.rc1-beta and have installed openssl 1.0.1f |
v0.5.0ppc.rc1 doesn't include the fix. Use v0.4.1ppc.rc1. |
Updated recommendations (2015–11–15): Exchanges:
Users:
Please validate these instructions and let me know whether to change anything. See also r/Peercoin thread. Sunny King's Weekly Update #168. |
Windows build is available here: http://sourceforge.net/projects/ppcoin/files/0.4.1%20RC1/ppcoin-0.4.1rc1-win32-setup.exe/download
|
@sigmike Can you publish a SHA-256 hash here as SourceForge doesn't even serve over HTTPS? I produce this from two different locations:
Sunny King confirms the hash. |
I can confirm sha256sum: c0fa41ad46ee6c27571a39e6bac4ef68d92f6e2b8c53919472ead98bc31c4bdb |
Can someone merge this ASAP: super3/peercoin.net#239 |
Sunny King confirmed sha256sum here: https://www.peercointalk.org/index.php?topic=4312.msg41209#msg41209 |
What OpenSSL version should I use to build ppcoin or peerunity with? 1.0.1j? I seem to remember 1.0.1k or higher caused a problem with earlier versions of bitcoin. I'm not sure if it's related to this. |
The patch includes the fix for OpenSSL1.0.1k so any version should work. |
OK thanks. I just built peerunity 0.1.3 and I can confirm that it works for Linux 64-bit (Debian Jessie) with OpenSSL 1.0.1k. |
will this fix be merged into the latest version? Any ideas when? |
Peerunity v0.1.3-RC1 is available for all platforms. You can download builds here: |
Hmm, I think that Peerunity RC thinks my wallet is corrupt: Peerunity version v0.1.3.0-gd4fb03b () DBFlush(false) I didn't get this on the link @glv2 posted regarding the 0.1.3 tree with just the fix. I'll investigate more tomorrow. |
I think I'm going to have to leave PPC disabled. I still get the Peerunity v0.1.3-RC1 complaining both about the wallet being corrupted and it not being able to load blkindex. This happens even when using the wallet from the original Peerunity (not the tree linked to by @glv2 ). There seems to be something quite wrong with this RC. |
@gigatux Have you checked if the BerkeleyDB version you compiled Peerunity v0.1.3-RC1 with is identical to the BerkeleyDB version of your previous Peerunity? |
@glv2 Very good point. Although it's linked to the same library, when compiling it used later BerkeleyDB include headers (as I have to use a later DB for dogecoin on the same server). I've dropped it back down to the older DB headers, recompiled and the release candidate is now working just fine. Sorry for the confusion everyone! I'll just do a brief sanity check of the commits and then make this live on Bittylicious again. |
The fix is not complete. A signature contains three encoded lengths, but the patch covers only one of them. |
New patch by sigmike: #116 |
Another patch by sigmike: #117 |
Hi!
I just received on the pool (peercoin.econing.com) a strange error never happens again:
It 's an error when rpc does some calls (getblock, listsinceblock, listaccounts)
Error: {"code":-2,"message":"Safe mode: WARNING: Invalid checkpoint found! Displayed transactions may not be correct! You may need to upgrade, or notify developers of the issue."}
thanks
The text was updated successfully, but these errors were encountered: