pivx_social_bg-1080x675.jpg

Nov 8, 2017From the Dev Team

Dear PIVX Community, We are fully aware of the recently mentioned libzerocoin exploit.

"The exploiter was able to create multiple proofs for a single mint and create multiple serials, which he/she then converted to PIV. The exploit that has occurred was located in the base code of the libzerocoin library, which is used by many different coins, and not in the PIVX code specifically. NO users funds have been lost. Exchanges have been notified. You can keep using your $PIVX 3.0.4 wallet in the meantime and we will be releasing a multi-release patch to rectify the issue.  Also – Zerocoin is temporarily disabled until it is completely fixed.  We’re sorry for the inconvenience, but this is for your security and stability of the network.”

~ The PIVX Dev Team

*CALL TO ARMS! ESPECIALLY FOR THOSE WHO STAKE CURRENTLY*

A new exploit was found in the original libzerocoin source code which led to a vulnerability in zPIV minting.
Please see official announcement on the exploit situation here: https://pivx.org/from-the-dev-team/

To address this issue, we need every desktop wallet user’s help to reorg to the good chain without the exploit.
– If you are able to do this now, it would really help the network & block any new exploit attempts.
– If you prefer to wait for our final wallet release, then it is recommended to close your wallet for now.
– Your coins are 100% safe. But zPIV mint/spend will be temporarily disabled to stop any new exploits.
– We hope to have a final wallet out in the coming days once we get the network / wallet secure.

*HOW TO*

NOTE: If you do not wish to participate in the temp release – close your wallet and wait for an official release.

0. Stop / Close your current wallet.

1. Download and update to this new exploit patched `pre-release 3.0.99` (vtemp_dev) wallet.
https://github.com/PIVX-Project/PIVX/releases/tag/vtemp_dev (please take a read of its release notes also)

2. Edit your `pivx.conf` file and append following lines to the bottom of it.
See this for pivx.conf location: https://pivx.freshdesk.com/support/solutions/articles/30000004664

enablezeromint=0
addnode=24.10.252.146
addnode=67.188.76.36
addnode=70.189.238.111
addnode=104.200.67.38
addnode=74.118.192.18
banscore=10000
bantime=5

3. Delete the `peers.dat` file. (in same location as pivx.conf)

4. Launch your wallet. Wait for it to sync up.

5. Now check if you are on the right chain. Instruction: https://pivx.freshdesk.com/solution/articles/30000004667

6. If you are not on the same block:hash as the presstab block explorer, then perform a reindex.
Qt Wallet = Tools -> Wallet Repair -> Rebuild Index (this can take many minutes to complete)
Linux = Close wallet. Start the wallet with `-reindex=1` (e.g. `./pivxd -reindex=1`)

6. If it looks good, then unlock for staking if you normally stake your coins.
`It is safe to stake with this pre-release wallet. It just has a generic warning.`

Thank you!

announcement