Author

Topic: An introduction to Replay Attacks (Read 159 times)

newbie
Activity: 41
Merit: 0
October 30, 2017, 01:53:15 AM
#1
What is a replay attack?

https://cdn-images-1.medium.com/max/1600/1*UrrIHWhRuKD6b7o5uto5lQ.png

Bitcoin Gold was successfully launched last week, but there are still many technical issues. If you still remember our previous article, the most critical one is the lack of replay protection. Do note that the coming Bitcoin SegWit2x hard fork in November also doesn’t possess such protection. Anyway, that’s why this week we are going to talk about how a replay attack works and what we should do to protect our funds.

So how does a replay attack works?

https://cdn-images-1.medium.com/max/1600/1*jO5AJL1ZTDmjsZcyFIjGhA.png

A hard fork on a blockchain is essentially creating a new incompatible blockchain which shares the same history with the legacy one, but has different blocks in the future. As they share the same history, if you hold some legacy coins during the fork time, you will also automatically gain the same amount of new coins. This distinctive feature opens rooms for a replay attack.

https://cdn-images-1.medium.com/max/1600/1*xpkJw1irfwQkKOooYp5DUg.png

Normally when you send out Bitcoin, you are signing a transaction with your private keys (therefore never disclose your private keys to anyone) and broadcast that transaction to the blockchain. After a hard fork, both of your coins are stored on the same address, which means that they are controlled by the same private keys.

Without a replay protection, when you, say send out 1 Bitcoin from the legacy chain, the transaction is also valid on the forked chain with the same amount of new coins and same recipient. Someone else can make use of this and send out your new coins without your agreement. This is the same case for the opposite direction: when you send out the new coins, you are potentially also sending out your Bitcoin!

What we should do to protect our funds?

Basically wait for the implementation of replay protections. The previous Bitcoin Cash hard fork achieve this by modifying the signing mechanism so that we can distinguish the transactions from different chains. Bitcoin Gold claimed to implement the protection before launching, but the issue is still not resolved up till now.

While there are tricks to safely send out Bitcoin without a replay protection, like adding a small amount or coin mixing, this article is mainly for beginners and we do not recommend users without much experience to risk trying them as a single mistake can be disastrous. Instead, keeping the coins on your wallet and wait for further updates from the Bitcoin Gold team is the safest choice.

We at Cryptomover will keep following the latest updates and split the coins for our customers as soon as possible. As we stated, any new coins from hard forks will be part of your portfolio and we do not intend to charge anything from them. Please do remember to follow us for further updates!

The article is extracted from our medium blog post.
Jump to: