While cryptocurrency and blockchain are typically secure, there are a few loopholes that can be exploited by unsavory individuals and fraudsters looking to make a quick buck. One of these is known as replay attacks.
These are similar to something called middle man attacks, where hackers can repeat or replay the messages or transactions executed on the blockchain. This typically results in something called a double spending transaction where a certain amount designated for one function is used for another transaction.
Think of this as using the same amount of money to pay for two things that are equally priced. For example, using the same $20 to buy a $20 meal and a $20 drink.
This replay attack is pretty commonplace in cryptos and typically happens when there are hard forks. This is why smart developers and crypto communities always call for replay protection protocols during hard forks.
Doesn’t mean though that the crypto founders and those executing hard fork protocols will listen and implement it. In fact, it is often at the discretion of the founders of the legacy cryptocurrency to implement it or not.
While hard forks aren’t very common, the reality is they happen enough times for the protection to be important. Whatever the case, as long as cryptocurrencies exist, hard forks will be a pretty common thing, seeing as it can help with everything from scalability issues to security measures.
Before we jump into explaining and breaking down replay attacks, it is important for you have a rudimentary understanding and knowledge of how transactions are executed on crypto platforms. For this, we’ll use the bitcoin cryptocurrency as an example.
How Distributed Ledgers And Hard Forks Work
If you’ve been researching cryptocurrency, chances are you would have heard of the term distributed ledger. Distributed ledgers are transaction data that are spread across all the nodes on the bitcoin network. It can be thought of as an advanced database that allows for everyone to have a copy of the ledger which feeds into its decentralized nature.
This means therefore, that every single transactions is replicated and stored on all nodes. Think of it as a one to many broadcast setup.
Every single node –computing equipment- that’s connected to the bitcoin network for instance, has the full details of every transaction that has ever been made on the bitcoin network. As a result, no matter what happens to one node, you will always have that information readily available because it’s all over the blockchain.
And because the bitcoin ledger is a transparent one, you can actually see the originating and destination wallet addresses in every transaction. This is all possible thanks to the bitcoin protocol, the software that runs the entire bitcoin network, making sure that everything works as efficiently as they should.
With this software running on every node, it is almost impossible to take down the bitcoin network. You would have to target every single node –of which there are currently millions of them- to take down the network.
Barring major issues, most crypto platforms can run as is for a long as possible. However, there are times when for whatever reasons, some folks or a team decide to use the same platform, but create their own protocol or software.
This is what happened in the bitcoin, bitcoin cash scenario. Bitcoin cash is a hard fork of bitcoin and uses an entirely different software and protocol, which makes it a new and different protocol. Bitcoin cash is supposedly an upgraded cryptocurrency that solves most of the legacy cryptos’ problems. This split in software or protocol often creates two entirely different ledgers.
The legacy ledgers will remain intact, while the new one will start and use its own often different ledger. So, transactions on the legacy ledger doesn’t appear on the new fork, and vice versa.
However, because the hard fork is running on the old protocol, it might be possible for hackers and shifty developers to replicate the transactions made on the legacy platform, on the new one, essentially creating a situation in which one transaction is cloned and replicated on the new platform.
This is what is known as a replay attacks. This often happens because when bitcoin for instance, went through the hard fork that’s now bitcoin cash, every legacy member also received an equivalent amount of their bitcoin in bitcoin cash.
For example, if Mark had 100 bitcoins before the fork, he automatically got 100 bitcoin cash tokens after the fork. Therein lies the origins of replay attack.
When those coins were duplicated, resulting in most holders enjoying the equivalent amount of bitcoin in bitcoin cash without losing their bitcoin, it created a duplication problem. With this duplication problem, it was easy for anyone with the digital signature of a transaction to clone the transaction on the bitcoin cash platform.
This created a dilemma of sorts that ended up compromising the network and causing honest users to potentially lose their tokens. Replay attacks essentially take advantage of the vulnerability created by hard forks, and use that to enrich a few people who know how to manipulate the results to suit them.
The result therefore, is that they can easily spend your own token, no thanks to the glitch. Of course, they would have to know the exact amount you sent, address it was sent to and the transaction’s signature. While this is quite difficult, some unscrupulous individuals have found a way around this, compromising many accounts in the process.
With this information, they can essentially duplicate the process on the new platform, resulting in significant losses for the target accounts. This is considered potential major limitation if not dealt with directly and sincerely.
So, What Can You Do?
As blockchain continues to disrupt major industries and business sectors, until there’s a replay attack protection in place, the very first thing you want to do as a crypto holder is to simply not spend your cryptocurrency. We know it’s a crazy option, but that’s the best approach to securing your cryptocurrency stash.
If not, you stand a huge risk of losing them. It’s sad, but that’s the ultimate solution. Sure, you could risk spending your cryptos, and nothing would happen. But, do you really want to take that risk? It’s your call really.
So, if you’re holding a crypto that’s about to undergo a hard fork, just move everything to your wallet, until all the dust settles or a replay attack protection protocol is in place and you can safely spend them.