Topics Blockchain
Bybit Learn
Bybit Learn
Jul 20, 2022

What Is a Replay Attack & How Does It Affect Blockchains?

While the cryptocurrency market has proven to be resilient and long-lasting, investing in it still comes with ample risks because of asset volatility, as well as the potential for hacking. One potential method that hackers can use to get into blockchains and essentially steal coins from other wallets involves replay attacks. These primarily take place while a hard fork is being implemented, which makes them relatively rare. This guide goes into further detail about replay attacks and how they can affect crypto platforms.

What Is a Replay Attack?

A replay attack uses malicious apps to delay or intercept data transmission that occurs over a network. This information can then be processed and repeated numerous times to effectively duplicate transactions.

Replay attacks exploit the need for the original data to be validated. This validation request is typically sent by an authorized user. Even though a replay attack is directly targeting the network, its security protocols will view a replay attack as a standard transmission of data.

During the transmission, the hacker will delay or intercept the data natively, which lets them perform the attack in a timely manner without needing to decrypt anything. Even though it's relatively easy for hackers to perform replay attacks, there are several techniques that networks can use to strengthen security and keep these attacks at bay.

How Does a Replay Attack Work In Crypto?

Replay attacks become possible when blockchains are altering or making upgrades to their protocols, a process that's known as a hard fork. While a hard fork is taking place, both versions of the protocol continue to be worked on, which means that any transaction considered to be valid on the previous version will be valid on the new ledger as well.

When a hacker implements a replay attack, they can use the hard fork to simulate transactions on the previous version, after which the same amount of funds can be transferred to a wallet an additional time. Replay attacks can be performed a countless number of times unless stopped by the network.

Why Are Hard Forks Used?

Hard forks occur relatively regularly with blockchain technology. They result from a network's protocol updated in order to make invalid transactions or blocks valid. Hard forks can only occur if every user or node is upgraded to the newest version of the software.

It's common for a fork to take place when the community for a specific cryptocurrency is no longer satisfied with certain features and functionalities that the currency offers. As users are being moved to the new version of the blockchain, anyone who holds tokens on the legacy version will still be given tokens for the new version.

Legacy blockchains commonly have considerably less features than the new versions. For this reason, many users upgrade to the new version in a short period of time. Bitcoin has gone through numerous forks over the years, which have resulted in the creation of other digital currencies, such as Bitcoin Gold and Bitcoin Cash.

When a notable change occurs to Bitcoin's blockchain, two branches of its blockchain are created (to follow the previous version and new version). Since Bitcoin software is being upgraded, the mining procedures are also upgraded. In the event that a user moves over to the new version, all transactions from the previous version of the software are rejected.

The very first Bitcoin fork involved Bitcoin XT, first created in 2014. Of all the Bitcoin hard forks in history, the most successful of these forks resulted in Bitcoin Cash, which is currently among the largest digital currencies when looking at market cap.

As for Ethereum, its network experienced a hard fork into two separate blockchains in 2016. The two blockchains became known as Ethereum Classic and Ethereum. At the moment, Ethereum Classic is its own cryptocurrency, with completely different goals.

How Does a Replay Attack Affect the Crypto World?

A wide range of problems can arise from a replay attack. Even though it's relatively easy for a network to defend against these attacks, the effects they can have on the crypto world are substantial. Keep in mind that replay attacks aren't considered to be serious cyber security attacks, since they’re limited in scope and there are many methods for preventing them.

Even though a hacker can perform fraudulent transmissions with a replay attack, they can't fully access the data while the transmission is ongoing since doing so would cause the network to reject the transmission. On the other hand, users and networks alike can experience considerable losses when replay attacks occur.

In more traditional markets, a replay attack can allow a hacker to gain access to certain information on a network for the purpose of copying transactions or relaying validated information. While replay attacks have been commonly used with credit cards, they can also be performed on blockchains.

When a blockchain fork occurs, its ledger and protocol will be effectively split, which means that two completely separate protocols govern two books. There's even the possibility for a fork to create new cryptocurrencies, as with Ethereum and Bitcoin. If someone is sent some cryptocurrency tokens from another individual via the blockchain, the first person could then move over to the separate blockchain before replicating the transaction, which would allow them to send the same number of crypto units to their account.

Are Blockchains Susceptible To a Replay Attack?

Blockchains are most susceptible to replay attacks immediately after a hard fork occurs. However, there are limitations to what a hacker can do once they've performed this attack. When a replay attack occurs, the hacker effectively takes the place of another user's identity, after which they can obtain this user's network access credentials. From here, the hacker will be able to view every action the user has taken in the past. With this information in hand, fraudulent transmissions can begin.

When performed to its fullest potential, a replay attack can involve a denial of services, which will lead to the legacy blockchain losing some of its computing power. When the power starts to drop, space opens up for more than 50% of the attack. At this point, completely new transactions can be made without issue.

Regardless of how a hacker performs a replay attack, there are possible limitations. For instance, the data that the hacker gains access to can't be changed in any way. If a change occurs, the transmission will be rejected. As such, hackers are only able to repeat past actions.

How to Prevent a Replay Attack

Even though replay attacks can cause networks and users to lose a considerable sum of money, there are many ways to prevent these attacks from occurring in the first place. Replay attacks almost always occur because of hard forks. As such, many blockchains will put additional security protocols in place when one of these forks is set to take place.

It's also possible for users to implement security measures for their wallets. For instance, users can prevent coin transfers from taking place until a specific number of blocks have been reached in the new version of the blockchain. By taking this approach, the network will be unable to verify replay attacks. Similarly, users can also choose to add time stamps to data transmission and cache repeated messages such that they will be cut off after it becomes repetitive for a specific number of times. This will minimize the chances an attacker has to replay messages consecutively in a short amount of time and prevent the attack from happening. 

The two most common methods for stopping these attacks include strong replay protection and opt-in replay protection.

Strong Replay Protection

Strong replay protection involves a bookmark being placed in the new ledger that's created after a hard fork occurs. With this bookmark in place, any transaction that's made on that version of the blockchain becomes invalid. This type of protection was added to Bitcoin Cash when it first formed from Bitcoin. The bookmark allowed nodes in Bitcoin Cash to differentiate transactions that had occurred on standard Bitcoin from those occurring on Bitcoin Cash.

Opt-in Replay Protection

Opt-in replay protection is primarily used when a hard fork occurs following a cryptocurrency's ledger update, as opposed to its being split in two. Once this protection is implemented, users must make manual changes to transactions to ensure that they won't be replayed.

The Bottom Line

Replay attacks can occur whenever a cryptocurrency experiences a hard fork. However, it's not the most common type of cybersecurity attack for cryptocurrencies. Since it can only be performed when a fork occurs, it has limited uses. There are plenty of preventive measures that users and networks can take to prevent or mitigate these attacks, which include adding timestamp to messages and positioning bookmarks in the new ledger.