Replay Attack

The attack exploits the validity of a signed message outside its intended context. An attacker intercepts a legitimate transaction (e.g., a payment) and re-broadcasts it to the network. Because the digital signature remains cryptographically valid, the network processes it again, potentially causing duplicate actions like double-spending.

A major risk during chain splits or hard forks. A transaction signed and broadcast on the original chain (e.g., Ethereum) is also valid on the new forked chain (e.g., Ethereum Classic) if the transaction format and signature scheme are identical. Users can unknowingly have their actions duplicated on both chains, leading to asset loss.

• Example: The 2016 Ethereum/ETC hard fork required explicit replay protection.

Occurs when a blockchain undergoes a protocol upgrade. If the upgrade changes transaction semantics but not the signature format, old transactions could be replayed on the new network with unintended consequences. This is mitigated by implementing replay protection, such as adding a unique chain ID to the transaction signing process.

Technical measures to make transactions chain-specific.

• Unique Chain ID: Incorporated into the transaction data before signing (EIP-155 on Ethereum).
• Protection Contracts: Smart contracts that track used transaction nonces or hashes.
• Opt-In Splits: Forks can implement one-way or two-way protection to prevent cross-chain replay.

The transaction nonce—a sequential count for an account's transactions—provides basic replay protection within a single chain. A re-submitted transaction with the same nonce will be rejected as already processed. However, nonces do not protect against cross-chain replays after a fork, as the account state (including nonce) is typically copied to the new chain.

A different but related vulnerability where a transaction's signature can be altered without invalidating it, creating a different transaction ID (txid) for the same logical transaction. While not a classic replay attack, it can be used to create a different but valid transaction that might be re-broadcast, complicating tracking. Fixed in Bitcoin by SegWit and in Ethereum through specific signature formats.

A replay attack is the unauthorized rebroadcasting of a previously valid and signed transaction on a network. Since blockchain transactions are cryptographically signed messages, an attacker can copy a legitimate transaction from one context (e.g., a fork) and replay it in another, causing unintended duplicate state changes, such as a double spend.

This is the most common blockchain replay vector. When a chain undergoes a hard fork, two parallel networks with identical transaction history temporarily exist. A transaction broadcast on one chain is valid on the other, allowing an attacker to replay it. Notable examples include the Ethereum and Ethereum Classic fork and the Bitcoin and Bitcoin Cash fork, where specific replay protection had to be implemented.

Protocols implement defenses to make transactions chain-specific:

• Unique Chain ID: Ethereum's EIP-155 adds a chainId to the transaction signature, binding it to a specific network.
• OP_RETURN Markers: Some Bitcoin forks used outputs with unique data to invalidate replays.
• Nonce Mismanagement: Ensuring transaction nonces are managed correctly per account and network prevents simple copying.

Bridges connecting different blockchains are susceptible to sophisticated replay attacks. An attacker might intercept a valid proof of a deposit on one chain and replay it on the destination chain's bridge contract before the legitimate claim, attempting to steal funds. This underscores the need for robust, time-bound attestation mechanisms in bridge design.

Users transacting around a fork must wait for explicit replay protection or use tools that manually add protection. Wallets must correctly implement signing with the chainId. Failure to do so can lead to users unintentionally replaying transactions, resulting in asset loss on an unintended chain.

• Double Spend: The primary financial outcome of a successful replay attack.
• Chain ID: A core Ethereum parameter preventing cross-network replays.
• Nonce: A per-account sequence number preventing transaction reordering and replay on the same chain.
• Hard Fork: A protocol change that often creates the preconditions for replay attacks.

A divergence in a blockchain's transaction history, creating two separate chains. A hard fork is a non-backward-compatible upgrade. A soft fork is backward-compatible. Replay attacks are a critical consideration during contentious hard forks (e.g., Ethereum/ETC, Bitcoin/BCH), where the same transaction format exists on both new chains initially.

A sequentially incrementing number assigned to each transaction from a specific account. It prevents double-spending and transaction reordering within the same chain. However, it does not inherently protect against cross-chain replay attacks between forked networks, as the nonce sequence may be valid on both chains.

Deliberate protocol changes implemented during a fork to make transactions on one chain invalid on the other. Common methods include:

• Strong Protection: Changing the transaction format or signature scheme.
• Weak Protection: Adding a marker (like a specific OP_RETURN output in Bitcoin) that must be present. The absence of replay protection was a major issue in the 2016 Ethereum/ETC split.

A vulnerability where a transaction's cryptographic signature can be altered without invalidating it, creating a different transaction ID for the same intent. While distinct from a replay attack, it was historically exploited in conjunction with replay-like behaviors on Bitcoin before fixes like Segregated Witness (SegWit). Both issues undermine transaction uniqueness.

The initial parameters defined at the launch of a blockchain or a new fork. For a new forked chain to be immune to replay attacks from its parent, its genesis block and chain configuration (including Chain ID, consensus rules, and state) must be sufficiently distinct. This ensures cryptographic and logical separation from day one.