What is a Replay Attack

Last updated: Mar 30, 2023
6 Min Read
AI Generated Summary

Part of the reason that the upcoming SegWit2X hardfork is so contentious is because it does not have protection against replay attacks. Many people are concerned about the prospect of a replay attack and how it could harm the integrity of the network.

During previous hardforks such as that of Bitcoin cash, there were replay protections that were put in place and hence there was no room for neferious individuals to attempt an attack.

Before we can look at what a replay attack is, we have to understand some of the fundamental technologies that underpin Bitcoin.

The Current Bitcion Blockchain

Bitcoin transactions take place on a public blockchain. This means that they are open for anyone to view as the transaction ID, recipient and sender address are broadcast to the network.

The ledger can also be downloaded in its entirty by those who wanted to analyse the transaction and audit them. They can also look at your particular transaction and note whether it was valid based on the private inputs.

When there is contention in the community about the current state of the technology as well as the way forward, then the idea of a fork is presented. A fork can either be a soft fork or a hard fork. In the case of a soft fork, old nodes on the network will still recognise the new blocks as valid. Hence, it is backwards compatible and only the majority of miners need upgrade to the new software.

However, when the changes apply to the actual block strucutre (such as block size), then this will be done via a hardfork. With a hardfork, all participants must upgrade to the new protocol as previously invalid blocks and transactions are now valid.

For those market participants that do not upgrade, they will continue with the legacy blockchain and those that have upgraded will start a new blockchain and cryptocurrncy. This is exactly what happened with the fork of the Bitcoin blockchain on 1st of August with Bitcoin Cash.

What is important to point out is that the two chains will look exactly the same just prior to the fork. However, after the fork new blocks are found and they will have different transactions with varying balances.

How Replay Attacks Work

How Replay Attacks WorkWhen there is a split in the chain on a hardfork, you will own exactly the same amount of coins on both chains. The problem with this comes in when you spend money on only one chain. What happens on the other chain?

Theoretically, if you spend money on one of the chains then someone else can use exactly the same credentials in that transaction including your signature and present this for inclusion on the other ledger. Therefore, someone else can spend your money on the other ledger as your signature is valid on both.

This does not mean that someone can send a different amount to another person with your funds on the other chain. The transaction has to replicate it exactly. However, it still does present some problems. The individual who is sending the same transaction request on the other ledger is staging a replay attack.

In the case of the Bitcoin cash hardfork, there was a replay protection in place. They placed a special piece of code that fully identified that the transaction was only related to Bitcoin cash. With this special identifying information, any Bitcoin node will reject this transaction as they recognise it is related to Bitcoin Cash only.

No Replay Protection for SegWit2X

Unfortunately, there will be no replay protection for the upcoming fork as the developers behind the SegWit2X upgrade have said that the Bitcoin core team should implement it if they are concerned about it.

The problem with this argument is that there is not enough time for core to implement these changes. Replay protection schemes are themselves hardforks and implementing any sort of replay protection now will result in three different blockchains. There will be the SegWit2X fork, the Bitcoin legacy and Bitcoin legacy with replay protection.

This is part of the reason that the Bitcoin core developers and other notable people such as Charlie Lee are against SegWit2X. If there was more time to prepare for the hardfork then replay protection could have been built in.

Protect yourself from Replay Attacks

If you are a Bitcoin investor and you don't transact that often with Bitcion then you should hold off on sending any money after the fork until more clarity is given.

However, if you really need to transact and you want to disentangle your accounts on the two ledgers then you could consider mixing services. With this, you will a transaction on either chain that can't be replayed. There are a particular class of transaction which can do this.

These transactions are either the rewards that miners get (as they are new funds) or Coinbase transactions which are mixed. With these Coinbase transactions, your transaction may be mixed with another non replayable transaction.

Looking Forward

Although the upcoming hardfork does not have replay protection, this should not be a massive concern if you are a Bitcoin "Hodler". You are not regularly spending your coins and hence have the time to monitor how things tend to develop.

As we saw from the Bitcoin cash saga, there was a lot of FUD (Fear Uncertainty and Destruction) that was spread before the fork around what could happen to Bitcoin. Yet, the fork seemed to have proceeded effortlessly and it led to a rally in the price of Bitcoin.

Editorial Team

The Coin Bureau Editorial Team are your dedicated guides through the dynamic world of cryptocurrency. With a passion for educating the masses on blockchain technology and a commitment to unbiased, shill-free content, we unravel the complexities of the industry through in-depth research. We aim to empower the crypto community with the knowledge needed to navigate the crypto landscape successfully and safely, equipping our community with the knowledge and understanding they need to navigate this new digital frontier. 

Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.

Previous article
What is NEO (Antshares)?
next article
ICO Due Diligence – What to Look For in an Investment