Replay Attack
A replay attack occurs when an attacker captures a valid blockchain transaction and rebroadcasts it to execute multiple times, often exploiting chain forks for double-spending.
What Is a Replay Attack?
A Replay Attack is a security threat in blockchain networks. Attackers capture a valid, signed transaction from one chain. They then rebroadcast it on the same or a forked chain to execute it multiple times.
It works by exploiting transaction validity across chains. During a hard fork, like Bitcoin to Bitcoin Cash, the same private key signs transactions for both. An attacker broadcasts a spend on one chain, then replays it on the other. This leads to double-spending without new signatures. Blockchains without replay protection, such as unique chain IDs or nonces, remain vulnerable.
Replay attacks matter because they undermine blockchain immutability and user funds. Victims lose assets to unauthorized duplicates. Exchanges and wallets implement protections like forcing users to move funds post-fork.
Key characteristics include:
- Targets signed transactions without altering them.
- Common during chain splits without safeguards.
- Mitigated by replay protection mechanisms, such as BIP-301 for Bitcoin forks.
Synonyms: transaction replay.
A fork is a blockchain split into two chains due to protocol changes or disagreements. Hard forks create permanent divergences; soft forks are backward-compatible.
Read full definitionBitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.
Read full definitionReal-World Examples
Example 1: Bitcoin Cash Hard Fork (2017)
Bitcoin forked into Bitcoin (BTC) and Bitcoin Cash (BCH). Users signed transactions with the same private keys for both chains. Attackers captured a valid BTC spend transaction and rebroadcast it on BCH. This double-spent funds without new signatures.
- Victim sends 1 BTC on BTC chain.
- Attacker replays the signed transaction on BCH.
- Victim loses equivalent BCH value.
Exchanges urged users to move funds first for protection.
Example 2: Ethereum Chain ID Protection
Ethereum uses EIP-155 to prevent replays. Transactions include a chain ID. A mainnet transaction fails on a fork like Ethereum Classic because the ID mismatches.
- User signs tx for Ethereum mainnet (chain ID 1).
- Attacker tries replay on testnet (chain ID 5).
- Network rejects due to invalid chain ID.
This stops unauthorized replays across forks.
Example 3: Wallet During Fork Event
A user holds funds on a chain before a contentious hard fork. They send a transaction on the original chain. Without replay protection, an attacker replays it on the new chain, draining funds there.
- Wallet broadcasts tx:
"from": "0xabc...", "value": "1 ETH"on chain A. - Attacker copies and sends to chain B.
- Both chains process the spend.
Wallets now add fork-specific signatures or nonces.
Bitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.
Read full definitionA fork is a blockchain split into two chains due to protocol changes or disagreements. Hard forks create permanent divergences; soft forks are backward-compatible.
Read full definitionEthereum is a decentralized blockchain platform that enables smart contracts and decentralized applications (dApps). Its native cryptocurrency is Ether (ETH).
Read full definitionMainnet is the primary blockchain network where actual transactions occur, as opposed to testnets. It represents the live, functioning version of a blockchain.
Read full definitionA testnet is a blockchain network used for testing and development, where developers can experiment without using real cryptocurrency. Examples include Goerli and Sepolia.
Read full definitionReady to Choose a Secure Wallet?
Use our tools to find the right hardware wallet for your needs.