update checkpoints

Two critical vulnerabilities allowed an attacker to flood the DragonX chain
with minimum-difficulty blocks starting at height 2879907:

1. ContextualCheckBlockHeader only validated nBits for HUSH3 mainnet
   (gated behind `if (ishush3)`), never for HAC/smart chains. An attacker
   could submit blocks claiming any difficulty and the node accepted them.
   Add nBits validation for all non-HUSH3 smart chains, gated above
   daaForkHeight (default 450000) to maintain consensus with early chain
   history that was mined by a different binary.

2. The rebrand commit (85c8d7f7d) commented out the `return false` block
   in CheckProofOfWork that rejects blocks whose hash does not meet the
   claimed target. This made PoW validation a no-op — any hash passed.
   Restore the rejection block and add RANDOMX_VALIDATION height-gated
   logic so blocks after the activation height are always validated even
   during initial block loading.

Vulnerability #1 was inherited from the upstream hush3 codebase.
Vulnerability #2 was introduced by the DragonX rebrand.

.gitignore

@@ -171,4 +171,7 @@ release-linux/
 release/
 src/dragonxd
 src/dragonx-cli
-src/dragonx-tx
+src/dragonx-tx
+src/dragonxd.exe
+src/dragonx-cli.exe
+src/dragonx-tx.exe

src/chainparams.cpp

@@ -5638,18 +5638,9 @@ void *chainparams_commandline() {
                     (2836000,     uint256S("0x00000000004f1a5b9b0fad39c6751db29b99bfcb045181b6077d791ee0cf91f2"))
                     (2837000,     uint256S("0x000000000027c61ed8745c18d6b00edec9414e30dd880d92d598a6a0ce0fc238"))
                     (2838000,     uint256S("0x00000000010947813b04f02da1166a07ba213369ec83695f4d8a6270c57f1141"))
-                    (2839000,     uint256S("0x01aa99bfd837b9795b2f067a253792e32c5b24e5beeac52d7dc8e5772e346ec2"))
+                    ,(int64_t)  1770622731, // time of last checkpointed block
-                    (2840000,     uint256S("0x00000f097b50c4d50cf046ccc3cc3e34f189b61a1a564685cfd713fc2ffd52b6"))
+                    (int64_t) 2940000,      // total txs
-                    (2841000,     uint256S("0x00028a1d142a6cd7db7f6d6b18dd7c0ec1084bb09b03d4eda2476efc77f5d58c"))
+                    (double)  4576        // txs in the last day before block 2838000
-                    (2842000,     uint256S("0x0005cd49b00a8afa60ce1b88d9964dae60024f2e65a071e5ca1ea1f25770014d"))
-                    (2843000,     uint256S("0x0003bff7b5424419a8eeece89b8ea9b55f7169f28890f1b70641da3ea6fd14f9"))
-                    (2844000,     uint256S("0x00001813233d048530ca6bb8f07ce51f5d77dd0f68caaab74982e6655c931315"))
-                    (2845000,     uint256S("0x000070bd390b117f5c4675a5658a58a4853c687b77553742c89bddff67565da9"))
-                    (2846000,     uint256S("0x0000c92668956d600a532e8039ac5a8c25d916ec7d66221f89813a75c4eedc41"))
-                    (2847000,     uint256S("0x0001480bacbd427672a16552928a384362742c4454e97baabe1c5a7c9e15b745"))
-                    ,(int64_t)  1772014532, // time of last checkpointed block
-                    (int64_t) 2952051,      // total txs
-                    (double)  4576        // txs in the last day before block 2847871
 
                     };
         } else {

src/main.cpp

@@ -5140,6 +5140,26 @@ bool ContextualCheckBlockHeader(const CBlockHeader& block, CValidationState& sta
         }
     }
 
+    // Check Proof-of-Work difficulty for smart chains (HACs)
+    // Without this check, an attacker can submit blocks with arbitrary nBits
+    // (e.g., powLimit / diff=1) and they will be accepted, allowing the chain
+    // to be flooded with minimum-difficulty blocks.
+    // Only enforce above daaForkHeight to avoid consensus mismatch with early
+    // chain blocks that were mined by a different binary version.
+    if (!ishush3 && SMART_CHAIN_SYMBOL[0] != 0 && nHeight > daaForkHeight) {
+        unsigned int nNextWork = GetNextWorkRequired(pindexPrev, &block, consensusParams);
+        if (fDebug) {
+            LogPrintf("%s: HAC nbits height=%d expected=%lu actual=%lu\n",
+                      __func__, nHeight, (unsigned long)nNextWork, (unsigned long)block.nBits);
+        }
+        if (block.nBits != nNextWork) {
+            return state.DoS(100,
+                error("%s: Incorrect diffbits for %s at height %d: expected %lu got %lu",
+                      __func__, SMART_CHAIN_SYMBOL, nHeight, (unsigned long)nNextWork, (unsigned long)block.nBits),
+                REJECT_INVALID, "bad-diffbits");
+        }
+    }
+
     // Check timestamp against prev
     if (ASSETCHAINS_ADAPTIVEPOW <= 0 || nHeight < 30) {
         if (block.GetBlockTime() <= pindexPrev->GetMedianTimePast() )

src/netaddress.cpp

@@ -28,6 +28,7 @@
 #include <tuple>
 
 constexpr uint64_t CNetAddr::V1_SERIALIZATION_SIZE;
+constexpr uint64_t CNetAddr::MAX_ADDRV2_SIZE;
 
 /** check whether a given address is in a network we can probably connect to */
 bool CNetAddr::IsReachableNetwork() {

src/pow.cpp

@@ -863,10 +863,17 @@ bool CheckProofOfWork(const CBlockHeader &blkHeader, uint8_t *pubkey33, int32_t
     // Check proof of work matches claimed amount
     if ( UintToArith256(hash = blkHeader.GetHash()) > bnTarget )
     {
-        if ( HUSH_LOADINGBLOCKS != 0 )
+        // During initial block loading/sync, skip PoW validation for blocks
-            return true;
+        // before RandomX validation height. After activation, always validate
+        // to prevent injection of blocks with fake PoW.
+        if ( HUSH_LOADINGBLOCKS != 0 ) {
+            if (ASSETCHAINS_ALGO == ASSETCHAINS_RANDOMX && ASSETCHAINS_RANDOMX_VALIDATION > 0 && height >= ASSETCHAINS_RANDOMX_VALIDATION) {
+                // Fall through to reject the block — do NOT skip validation after activation
+            } else {
+                return true;
+            }
+        }
 
-        /*
         if ( SMART_CHAIN_SYMBOL[0] != 0 || height > 792000 )
         {
             if ( Params().NetworkIDString() != "regtest" )
@@ -886,7 +893,6 @@ bool CheckProofOfWork(const CBlockHeader &blkHeader, uint8_t *pubkey33, int32_t
             }
             return false;
         }
-        */
     }
     /*for (i=31; i>=0; i--)
      fprintf(stderr,"%02x",((uint8_t *)&hash)[i]);