Author

Topic: BCH and BTC - Still a danger of replay attacks? (Read 874 times)

legendary
Activity: 1624
Merit: 2481
November 15, 2017, 11:17:06 AM
#12
Even without replay protection you can first easily split your coins before starting sending/"claiming" any coins.
Its not like replay attacks are kinda destroying btc. Neither its a danger which comes hidden.
"Replay attack" basically is just to rebroadcast your transaction on the other chain. If you start splitting your coins you start with sending
your more valuable coins (btc in this case) to an address you (and only you) have control of. From now on your BTC are safe. And only this TX can be
rebroadcasted (which is kind of senseless for an attacker to send your bch to an address you own).
AFterwards you can start importing your private keys into an BCH wallet.
To not get confused by an "attacker", who is aming for chaos, you then send your BCH to a new address.

Afterwards there is no more risk to an "replay attack".
That's not exactly true in ALL fork situations... it works with BCH because they implemented full 2-way replay protection... but imagine if S2X had gone ahead with no replay protection... you try this and send your coins to yourself thinking, great, now I'm safe... and then send those "split" coins to someone else... Thief then just rebroadcasts the whole chain of transactions (ie. BOTH transactions you've made) and boom, your coins are now gone.

It isn't just a simple case of "send to yourself", it is a LOT more complicated than that... you need to start generating transactions that use inputs which don't exist on the other chain to make it impossible for that transaction to be valid on the other chain. The "easiest" way to achieve that is to get hold of coins that come from a "coinbase" transaction (ie. the block reward, NOT the exchange with the same name)


I think you got to explain this a little more.
If i have my coins (after a fork) sitting on the  address A1 , considering there is no replay protection, if i do the following:

1) Send more valuable coins from A1 to A2.
2) Send "forked" coins from A1 to A3.

At this point there are no inputs, which are also available on the other chain. Therefore if i send some coins from A2 to the potential thief,
he can't just rebroadcast this transaction simply because there are no inputs to spend on the other chain.

Am i missing something here?
HCP
legendary
Activity: 2086
Merit: 4363
Even without replay protection you can first easily split your coins before starting sending/"claiming" any coins.
Its not like replay attacks are kinda destroying btc. Neither its a danger which comes hidden.
"Replay attack" basically is just to rebroadcast your transaction on the other chain. If you start splitting your coins you start with sending
your more valuable coins (btc in this case) to an address you (and only you) have control of. From now on your BTC are safe. And only this TX can be
rebroadcasted (which is kind of senseless for an attacker to send your bch to an address you own).
AFterwards you can start importing your private keys into an BCH wallet.
To not get confused by an "attacker", who is aming for chaos, you then send your BCH to a new address.

Afterwards there is no more risk to an "replay attack".
That's not exactly true in ALL fork situations... it works with BCH because they implemented full 2-way replay protection... but imagine if S2X had gone ahead with no replay protection... you try this and send your coins to yourself thinking, great, now I'm safe... and then send those "split" coins to someone else... Thief then just rebroadcasts the whole chain of transactions (ie. BOTH transactions you've made) and boom, your coins are now gone.

It isn't just a simple case of "send to yourself", it is a LOT more complicated than that... you need to start generating transactions that use inputs which don't exist on the other chain to make it impossible for that transaction to be valid on the other chain. The "easiest" way to achieve that is to get hold of coins that come from a "coinbase" transaction (ie. the block reward, NOT the exchange with the same name)

Splitting coins when there is no replay protection is NOT for the uninformed or technically challenged... it is complicated and exposes you to potential loss of coins on both sides of the fork.

In the case of BCH (and other forks with replay protection)... moving your BTC is not "splitting" them... they're automatically split because of the replay protection. What you're doing is just putting them onto different private keys, so that if the fork wallet you use is "evil" and steals your seed/keys... only your fork coins are at risk.


In this case, having some technical knowledge is pretty much essential for the safety of your coins, because you have to trust that the Electron Cash (or some other software that you choose to download) is safe.  While it is open source, it's signed by anonymous developers, so a malicious version could theoretically be introduced.  That's why it could potentially be risky to install it on an airgapped PC.
Isn't that the whole point of the Airgapped PC... it doesn't just stop things getting IN... it stops things getting OUT as well?
hero member
Activity: 1792
Merit: 534
Leading Crypto Sports Betting & Casino Platform
Bitcoin can bw hard sometimes. Talk about mass adoption…
I think you meant to say "Cryptocurrency is hard" Wink
Dealing with BCH is currently the responsibility of all Bitcoin users who don't want to lose about 15-20% of their funds.  It's pretty much essential for a Bitcoin user to make a conscious decision of what do with it.  So it is about Bitcoin being hard to deal with.

In this case, having some technical knowledge is pretty much essential for the safety of your coins, because you have to trust that the Electron Cash (or some other software that you choose to download) is safe.  While it is open source, it's signed by anonymous developers, so a malicious version could theoretically be introduced.  That's why it could potentially be risky to install it on an airgapped PC.
…and yes, a hardware wallet is on the way. But still: backups…
Notably, the backups for a hardware wallet are quite convenient to store, and you can also do it in safe places like bank deposit boxes.

I could split the BCH in my TREZOR within a couple of minutes - almost anything in that wallet is very user-friendly.  How convenient Bitcoin is largely depends on the user's circumstances.




hero member
Activity: 994
Merit: 513
Even without replay protection you can first easily split your coins before starting sending/"claiming" any coins.
Its not like replay attacks are kinda destroying btc. Neither its a danger which comes hidden.
"Replay attack" basically is just to rebroadcast your transaction on the other chain. If you start splitting your coins you start with sending
your more valuable coins (btc in this case) to an address you (and only you) have control of. From now on your BTC are safe. And only this TX can be
rebroadcasted (which is kind of senseless for an attacker to send your bch to an address you own). AFterwards you can start importing your private keys into an BCH wallet.
To not get confused by an "attacker", who is aming for chaos, you then send your BCH to a new address.

Afterwards there is no more risk to an "replay attack".

Thanks for your input. Yes, I am aware that I can split my coins, but since I have them in "kinda" cold storage, I don't want to move my BTC first. However, I think there's no way around it, at least no way that won't make me feel like I'm risking way too much money for my taste.
legendary
Activity: 1624
Merit: 2481
Even without replay protection you can first easily split your coins before starting sending/"claiming" any coins.
Its not like replay attacks are kinda destroying btc. Neither its a danger which comes hidden.
"Replay attack" basically is just to rebroadcast your transaction on the other chain. If you start splitting your coins you start with sending
your more valuable coins (btc in this case) to an address you (and only you) have control of. From now on your BTC are safe. And only this TX can be
rebroadcasted (which is kind of senseless for an attacker to send your bch to an address you own). AFterwards you can start importing your private keys into an BCH wallet.
To not get confused by an "attacker", who is aming for chaos, you then send your BCH to a new address.

Afterwards there is no more risk to an "replay attack".
sr. member
Activity: 392
Merit: 250
Bitcoin can bw hard sometimes. Talk about mass adoption…
I think you meant to say "Cryptocurrency is hard" Wink

Bitcoin isn't hard... If you just want to continue to use Bitcoin, you don't have to do anything special... just go about your business... it's easy. Tongue

It's all the other altcoins that are causing issues... and pretty much, the only people who find it hard are those who simply aren't interested in learning anything and just want to dump whatever today's new shitcoin is for "free money" Roll Eyes



Handling two computers because you are paranoid _is_ hard sometimes, regardless of the currency you're using. That's my point. What if the computer crashes? Ok, backups. What if the house burns down? Ok, geographically distributed backups. What if someone steals one of them and tries to get to your stuff? Ok, encrypted backups. With a unique, long and complicated password that you use nowhere else. Are you sure you're going to remember it after years, when you finally need it for some reason?

We are talking a lot about how Bitcoin will end the power of banks, but honestly, I'm afraid Bitcoins mass adoption will start the moment banks start to offer regular folks to handle their keys and transactions for them.

…and yes, a hardware wallet is on the way. But still: backups…

Unfortunately I think you're right here. Anyone who thinks Bitcoin as it stands is accessible to the general public has obviously not spent much time with the general public.

Hell, anecdotally I would say computer ownership, or at least computer use, has gone down significantly with the advent of smartphones and such. I would love crypto to drive that back up but I can't see it happening - more likely people will look for easy ways such as less secure mobile wallets or just using the same old bankers to store their valuable shit as you say.
hero member
Activity: 994
Merit: 513
Bitcoin can bw hard sometimes. Talk about mass adoption…
I think you meant to say "Cryptocurrency is hard" Wink

Bitcoin isn't hard... If you just want to continue to use Bitcoin, you don't have to do anything special... just go about your business... it's easy. Tongue

It's all the other altcoins that are causing issues... and pretty much, the only people who find it hard are those who simply aren't interested in learning anything and just want to dump whatever today's new shitcoin is for "free money" Roll Eyes



Handling two computers because you are paranoid _is_ hard sometimes, regardless of the currency you're using. That's my point. What if the computer crashes? Ok, backups. What if the house burns down? Ok, geographically distributed backups. What if someone steals one of them and tries to get to your stuff? Ok, encrypted backups. With a unique, long and complicated password that you use nowhere else. Are you sure you're going to remember it after years, when you finally need it for some reason?

We are talking a lot about how Bitcoin will end the power of banks, but honestly, I'm afraid Bitcoins mass adoption will start the moment banks start to offer regular folks to handle their keys and transactions for them.

…and yes, a hardware wallet is on the way. But still: backups…
HCP
legendary
Activity: 2086
Merit: 4363
Bitcoin can bw hard sometimes. Talk about mass adoption…
I think you meant to say "Cryptocurrency is hard" Wink

Bitcoin isn't hard... If you just want to continue to use Bitcoin, you don't have to do anything special... just go about your business... it's easy. Tongue

It's all the other altcoins that are causing issues... and pretty much, the only people who find it hard are those who simply aren't interested in learning anything and just want to dump whatever today's new shitcoin is for "free money" Roll Eyes

legendary
Activity: 2758
Merit: 6830
Thanks Smiley

Hmm, the last point got me thinking, though… The coins are in a wallet on an airgapped computer, so I would have to either expose the key regardless, or install electron cash on that computer… Sigh. Bitcoin can bw hard sometimes. Talk about mass adoption…
You don't need to expose your keys. Electron Cash is a Electrum fork, so they both work exactly the same way. I guess that you can download the wallet, move it to a flashdrive and install in your airgapped computer. Then just do what you would do with any Bitcoin transaction: create a raw transaction, move it to the offline pc, sign it and broadcast it with your online pc.
hero member
Activity: 994
Merit: 513
No. BCH network uses full 2-way replay protection... a BCH transaction is NOT valid on BTC network... and BTC transaction is NOT valid on BCH network.

All you're at danger of is a BCH wallet potentially stealing/exposing your seed/private keys which would put your BTC at risk. Having said that, I'm not aware of anyone who used the "OFFICIAL" Electron Cash client having their wallet, seed or private keys compromised.

Thanks Smiley

Hmm, the last point got me thinking, though… The coins are in a wallet on an airgapped computer, so I would have to either expose the key regardless, or install electron cash on that computer… Sigh. Bitcoin can bw hard sometimes. Talk about mass adoption…
HCP
legendary
Activity: 2086
Merit: 4363
No. BCH network uses full 2-way replay protection... a BCH transaction is NOT valid on BTC network... and BTC transaction is NOT valid on BCH network.

All you're at danger of is a BCH wallet potentially stealing/exposing your seed/private keys which would put your BTC at risk. Having said that, I'm not aware of anyone who used the "OFFICIAL" Electron Cash client having their wallet, seed or private keys compromised.
hero member
Activity: 994
Merit: 513
Hello,

I'm still sitting on some BCH from the split. I don't really want to move the BTC to a new address to be ultrasafe, but BCH is kinda high now, so it looks like a good opportunity to get rid of it.

Using electron cash, is there still a danger of replay attacks?
Jump to: