Im not sure what superdoc is getting at in his explanation of the crack. Maybe I can make it a little more clear.

The ROM image is not checksummed up until 0x1000, from there the checksum covers just 1 meg, so anything after that can be changed at will.

The 0x40-0x1000 code is the code which reads the 'lockout chip' in the cart. The chip had been changed in the new starfox rom, therefore I switched the security code (0x40-0x1000) to be the same as the older roms.

It is very likely that the 0x40-0x1000 code is checksummed, but that the area has a 'fixed' checksum, so that they can change the code, and throw in some 'junk' bytes to fixup their csum result.

The real csumm is different, though. it starts at offset 0x10 in the image and is 4 words long. It is checked by the N64 init bootcode ( rom code) when you turn on the power. The next init is the lockout chip check, and if it doesnt successfully complete, the hardware will lock up.

Hope this is helpful.

Jovis