@tiker or @User1397367406, maybe you want to tell everybody something about how we got the blockchain to survive to the recent attack?
Well, we stopped the planet from spinning, then reversed the spinning direction to go back in time... wait, that was a Superman movie...
We found that the forked nodes agreed on all of the blocks up to a certain block height which was 277934.
We shut down a node once it deleted the forked blocks back to 277934.
We shut down a second node and deleted the block chain db.
The first node was brought up on an isolated network in a way that peers couldn't connect to it and it wouldn't attempt to connect out to anyone.
The second node was started up with a similar configuration but altered so that it would connect to the first isolated node.
Once the second node had downloaded the block chain from the first node (to verify it would be accepted by a new node) the two nodes started forging on their own disconnected from network under attack.
Transactions that were sent on the network under attack were not confirmed because of the attack.
Those transactions were copied and re-broadcasted on the isolated network and confirmed. (The ones that were noticed at least with 1440 minute deadlines.)
After a few days, the other NAS forgers (that joined the XMPP chat room posted earlier) compared block chains from the different forked nodes and the isolated node.
After some testing with the different forks, seeing what worked and didn't, checking account balances, transactions sent during the attack, etc. it was decided that the fork running on the isolated network was the best NAS fork to resume working with.
The other forgers modified their clients to join the isolated network hidden from the public network and nodes under attack and ran various tests (forging, transactions, etc.) to verify everything worked.
Once we determined that the isolated network was at a point safe enough to re-introduce to the rest of the public and safe from the attack, we shutdown the nodes together, reconfigured them and started them up together for the rest of the world to access.
That brings us to today.
The NAS forks that were created from the attack will report that forging stopped a few days ago. This is because the account which caused the problems was doing so with a balance lease that ended at a certain block height. None of the forging accounts are forging on that chain due to transactions not being confirmed, possible sync issues for new NAS nodes, etc.
Anyone who finds their node stuck at a point where it is not forging or accepting new blocks is on a fork which will not be resolved by the client automatically. If you are on one of these forks you can either restore a copy of your block chain from a backup taken before height 277934 (Apr. 5th ~14:00 GMT) or delete your node's database file and start over clean.
There is a public node "funkyvps3.funkymonkey.org" which can be added to the "wellKnownPeers" configuration option to get started. This node is on block chain fork that the other NAS forgers agreed on. This node also has the GUI interface open to the public at
http://funkyvps3.funkymonkey.org:7873 for anyone who wants to login and check things. This would be a good way to see if your local NAS nodes are on the same fork as the fork the rest of us agreed on.
Hopefully this sort of "attack" won't happen again. We have learned a few things from this experience.