Bitcoin and Cryptocurrency Blog

Bitcoin: understanding replay attacks and hard forks

With the way things are going in the Bitcoin community, we could have 4 different types of Bitcoin by November and Bitcoin holders could be exposed to replay attacks. What are replay attacks and how can they be prevented?

Bitcoin has enjoyed an astronomic growth in the past two months even with the August 1 hard fork and the mid-August SegWit soft fork. The monster of all crypto coins traded at the $4,000 - $4,500 band for two weeks before hitting a new all-time high of $4,706 this week and shows no sign of stopping on its way to $5k. 

This volatility is due has been attributed to a feud between developers maintaining Bitcoin's network and miners who confirm transactions on the network. They are finding it hard to determine how to make the crypto currency scale. Scaling would result in faster and cheaper transactions on the network. 

SegWit, a solution agreed by the dev community to solve this problem was a successful implementation of a user activated soft fork. We thought that would be the end of the scaling issue but we were wrong. Now, it looks like there will be more hard forks down the road as we approach the implementation of the concluding part of SegWit, SegWit2x, which is set for November 2017.

Some say SegWit2x which was agreed on by a monitory group in the so call New York Agreement could expose Bitcoin users to replay attacks.

What are replay attacks?

To understand replay attacks, one has to grasp how Bitcoin transactions work. 

Let's liken Bitcoin to a global ledger and Bitcoin transactions as bank cheques.The ledger records every bank cheques (Bitcoin transaction) and is public, hence everybody has access to it.  As a result, anybody interested in a certain transaction (bank cheque) can access that portion of the ledger to audit it or check its digital signature.  

Now, whenever a hard fork happens, the ledger splits into two. The two new ledgers will share the same transaction history until the hard fork happened but will be distinct thereafter. Also, every coin holder will have the same number of coins they had before the fork on the two new chains.  


So, what happens when you spend money on one of the ledgers?

When a transaction is made on one of the chains, let's say chain A, anybody can copy that transaction's digital signature (it's a public document) and add it to ledger B. Ledger B will think the signature is legitimate and will confirm the transaction. So, the exact amount you sent on chain A, will be sent to the same person on chain B, without your permission or authorization. 

This is a replay attack. It happens when a transaction on one chain is replayed on the other chain. 

In the case of Bitcoin cash, the digital signatures were incompatible because Bitcoin cash developers created a special mark on the cheque that shows that it was for the Bitcoin cash ledger and not the real Bitcoin.

If you are still with me and want to know more you can also check out this video 

How to prevent replay attacks

One way users can prevent replay attacks is by mixing coins. This is done by finding transactions on one chain that are not replayable on the other chain. And contrary to beliefs, these transactions exist.

Coinbase transactions, or the reward that miners get, which are created after the fork are actually different on the two chains. As a result, Coinbase's transactions are not replayable.

So, if you create a transaction that mixes with any of these non-replayable transactions, the result will be a new non-replayable transaction. Hence, transactions mixed with Coinbase transactions will themselves be non-replayable and the transactions mixed with Coinbase-mixed transactions will also be non-replayable, and so on.

This way, many transactions will be non-replayable and will propagate throughout the system. 

It's also likely that exchanges and merchants will offer mixing services to make things smoother. However, if you're more of a Bitcoin holder than a spender you don't have much to worry about. You're only open to replay attacks if you spend money on one chain before mixing your coin.

Of course, you can just mix your coins once and keep them in cold storage. This way you can spend your money whenever you want without being exposed to replay attacks.

Upcoming Bitcoin hard forks

At the moment we have two distinct ledgers - Bitcoin and the bogus Bitcoin cash or B-Cash as some call it, but the upcoming SegWit2x hard fork is expected to cause more trouble and another ledger. 

Talk is that SegWit2x developers don't want to add replay protection to the ledger when it forks. That way, when the fork happens in November, replay attacks will be possible on the two ledgers (Bitcoin legacy and segwit2x Bitcoin).

These developers are saying Bitcoin Core developers should add replay protection to their ledger if they're that much concerned about it. 

Recently SegWit2x dev Jeff Garzik proposed that 2x may have a solution but that would opt-in.

Replay protection cannot be added to a ledger without a hard fork. So, if Bitcoin core developers eventually add replay protection to their ledger, there'll be a new hard fork, creating two different ledgers before the final SegWit2x hard fork. 

That way there'll be 3 ledgers- Bitcoin core, Bitcoin with replay protection and Segwit2x hard fork. 

However, core developers at the moment aren't interested in adding replay protection to the ledger as they believe 3 months is too short to make it happen. So we can expect the upcoming SegWit2x hard fork to be without the security feature. Hence replay attacks will be possible on the networks.

Some high-profile community members are not happy with the idea of SegWit2x and have started a campaign to stop its implementation under the hash tag #NO2X on twitter. The campaign is being championed by the preeminent daily crypto news channel; World Crypto Network

So, by November, we could have 4 different types of Bitcoin if developers add replay protection to the current ledger (Bitcoin Core, Bitcoin Core with replay protection, Segwit2x Bitcoin and Bitcoin Cash). If they don't we'll have just three. Which is the likely result, and the SegWit2x coin will suffer the same undignified fate as the doomed Bitcoin cash. 


How to prepare for the hard forks

November is still several months away, so one should pay attention to developments. Many things are still possible and nothing is for sure. The SegWit2x hard fork date may be shifted or developers might tweak the new ledger to prevent replay attacks or it may never happen. 

It'll also be wise to move one's coin from exchanges as the time draws near. And if you want to have coins on all the chains, ensure your wallet gives you access to your private keys. Wallets will issue statements on whether they will support a chain or not when it's time. 

So, how will the markets react to all this? Perhaps the disastrous experience of watching Bitcoin cash screw into the ground will deter the breakaway SegWit2x. One can only speculate. Expect volatility and excitement as the coins and stake holders battle for supremacy in the 2017 crypto war.  

This email address is being protected from spambots. You need JavaScript enabled to view it.