What is a replay attack?
Replay is also called replay and playback. That is, a message or data is resent to the receiver once and the receiver accepts the message or data. When this action is established, the receiver cannot be valid. Identified that the data has been received, this will be a replay vulnerability.
The replay attack is mainly after the forked chain has been forked, because the two parties after the separation also share the information before the separation, so after the separation, the same transaction can be done on both sides. For example, there is a cake shop A but it is divided into a cake shop B and a cake shop C because of different ideas. After the separation, the two companies have the same customer information and transaction information, and the system uses the same verification payment message system. Operating customers and transactions does not exchange information with each other.
Now that Alice took the payment message to the waiter at Cake Shop B, the waiter at Cake Shop C confirmed the message with the computer and gave the cake to Alice. After getting Alice and taking the same payment message to the waiter of Cake Shop C, the waiter of Cake Shop C confirmed the message with the computer and then gave the cake to Alice, so Alice got two cakes. If Cake Shop B and Cake Shop C can have By confirming the payment message, there will be no replay vulnerabilities, no vulnerabilities, no chance of being attacked, and no loss of cake.
After the fork in the blockchain, you can do replay attacks. Take Bitcoin (BTC) and Bitconnect (BCC) as examples. BCC is forked from BTC, but both are in all basic functions. The same is true, only BCC increases the block size than BTC. At this time, Alice bought 10BTC from B. Alice handed the transaction message to the BTC miner to get 10BTC, but Alice copied the transaction message to the BCC miner, so that the miner put it in the BTC after verifying the signature. In BCC, Alice will get 10BTC and 10BCC .
Case study: Ethereum Replay Attack
The best case for replay attacks is when Ethereum hard forks. Ethereum hard forks appear two chains of ETH and ETC. The transaction data structure on the two chains is exactly the same, so a transaction is valid on ETH, then it will be accepted on ETC, and vice versa. . Because everyone at the time thought that ETC would not exist anymore, so no one realized before the fork that the two chains would cause mutual replay problems. Later, many miners continued to maintain the ETC chain, and it was found that transactions on the ETH chain continued to replay the ETC chain and remained effective.
Almost all exchanges did not find this problem when Ethereum forked. At this time, as long as someone withdraw ETH coins from the exchange, it is possible to get the same amount of ETC coins. Many people use this vulnerability to constantly charge and withdraw coins (ETH) on the exchange to obtain additional ETC. Cloud coins, BTC-e and other exchanges that said they were replayed and were defrauded of almost all ETCs.
