Goldman Sachs-Backed Circle Issues Statement On Preventing Replay Attacks Post-BCH Hard Fork
A Quick Look At Replay Attacks
The dust has settled and the peace has been signed off on. The story that was the civil war of Bitcoin Cash[BCH] is now over. The tumultuous period that followed the hard fork of BCH presented opportunities and challenges for many of the exchanges. The biggest challenge faced was about protecting their customers against replay attacks. This was a major problem as, for nearly 2 weeks post fork, the development team of the SV chain had not implemented any replay protection.
Replay attack sounds like the work of someone with nefarious intentions. While this might be possible, it is generally improbable. Usually, this happens due to a simple misunderstanding after a hard fork. It is quite simply, the confusion that surrounds the event might cause a node to listen for and accept transactions not meant for it, leading to a loss of funds for token holders.
What Is It?
In the case of Bitcoin Cash, before the hard fork, all its nodes were actively listening for any Bitcoin Cash transactions. On being made aware of a new one, it would proceed to verify the authenticity of the sender. This is done via a mathematical test and if found to be valid, it notifies other nodes in the network and queues the transaction be added to the blockchain.
However, immediately following the hard fork, some node operators upgraded to one fork or the other while a few suspended operations altogether. This caused a situation where one node on one of the chains processed a transaction that was intended for the other chain. This was purely because it seemed valid due to the calculations and thus got communicated it to the network. This means a holder might have wanted to transfer a Bitcoin ABC to another person but ended up replaying it on the second chain; consequently, the latter received not only a Bitcoin ABC but also a bitcoin SV.
Why Does It Happen?
This is better explained with an example. Say a person owns 10 Bitcoin cash; this means they actually own multiple portions of bitcoin cash that add up to 10 Bitcoin cash, also known as outputs. These are transmitted around the network, with authentication provided by the holders private key. When a hard fork happens the same private key can still be used to move the outputs; thus validating those outputs on both chains. Now if and when multiple outputs are being moved, both the chains will do the mathematical test to validate the transaction. Since the digital signature is valid on both chains, the output will get replicated to both chains.
How To Stop It?
While a replay attack occurs because of identical outputs on different chains, those chains are mined separately, and this is the solution. After the fork, new unique outputs are introduced via coinbase rewards. These are unique to the chain and are thus instrumental in avoiding any replay attacks. Any coinbase reward of newly created coins would contain unique outputs that don’t exist on the other chain. Thus the other chains node wouldn't interfere with that transaction.
This is what Poloniex did. Immediately after the fork, it collected a small set of post-fork outputs and when a request was made, it would add in at least 1 post-fork output. This simple trick enabled it to operate with confidence.
While Replay attacks are not a common issue, the aftermath of the BCH split still generated a lot of confusion around the topic. While this simple solution did save a lot of hassle, the entire saga did not help the overall market mood.