spot_img
HomeEthereumWhat is Replay Attack? Possible impacts on your Ethereum NFTs & precaution

What is Replay Attack? Possible impacts on your Ethereum NFTs & precaution

The second largest blockchain Ethereum is now weeks away from the long-awaiting merge. The upcoming update marks the complete transition of the blockchain from proof-of-work (PoW) to proof-of-stake (PoS). It is unarguably one of the biggest milestones to happen in the cryptocurrency space, given that Ethereum is among the largest and most pioneering PoW blockchains. 

Many Ethereum users, holders, and crypto enthusiasts are excited about the merge in September, as it will potentially improve the overall scalability of the network, among other relevant functions. Amidst the euphoria, there have been arguments and speculations on the possible fundamental and technical implications of the upcoming merge to the beacon chain. 

One of the most discussed outcomes of the event is Replay Attack. In this article, we explain what a Replay attack means and how you can secure your NFTs. 

What is a Replay attack?

A Replay attack is commonly referred to as a man-in-the-middle attack. It happens when a hacker or malicious actor secretly connects, intercepts, and tweaks data on a secure network so that the data/transaction is delayed or repeated to the detriment of the originator. Replay attacks can also happen in the blockchain space, especially during chain splits or hard forks. 

After the merge, there would be two functioning chains/copies of the Ethereum blockchain – and Ethereum PoS (new chain) and Ethereum PoW (old chain). Due to these chain splits, assets on the current Ethereum network, including non-fungible tokens, will be duplicated to the PoS chain. This means the NFTs you currently hold will be duplicated, which consequently opens up the chances of a Replay attack. 

How?

Assuming the would-be old Ethereum PoW thrives with miners’ support and new ChainID, transactions from the PoW chain can be replicated or replayed on the new Ethereum PoS blockchain, which is risky and can result in loss of assets.

“If you send 100 ETHPoW on the POW chain from your wallet to a friend, then your friend could broadcast the same transaction in the POS chain and send himself 100 original ETH to his same wallet,” a DeFi expert narrated. 

10/12

Replay attacks ⚠️

How would a replay attack work?

If you send 100 ETHPoW on the POW chain from your wallet to a friend, then your friend could broadcast the same transaction in the POS chain and send himself 100 original ETH to his same wallet

This is dangerous

— olimpio ⚡️ (@OlimpioCrypto) August 11, 2022

NFTs are also vulnerable to such an attack. The transaction attributes of a duplicated NFT on the Ethereum PoW can be replayed on the PoS chain, enabling the malicious actor to claim the main asset on the Ethereum PoS network. Replay attacks on Ethereum assets could wreak havoc in the crypto market, although many experts speculate that the chances are slim based on predictions that EthPoW may not survive long.

The best bet will be to mitigate your exposure to such an attack if you are currently holding an Ethereum asset. 

Precaution to possible Ethereum Replay attacks

Here are some of the ways you can mitigate the chances of getting Replay attacks and protect your assets on both PoS and PoW Ethereum blockchains

Use different wallets for PoW and PoS

The possibility of getting Replay attacked is much higher if you leave or trade the assets – duplicated NFTs or tokens – in a single wallet. You need to create and use different wallets for each chains. 

Create two wallets (B) and (C). Transfer all your assets from the main wallet (A) to wallet B just before the merge.After the merge, you can transfer all assets from wallet “B” to the main wallet (A) for the PoS chain.Then, transfer all PoW assets from wallet “B” to “C,” the latter becomes your primary wallet for trading on the PoW chain. 

The idea is to not have/use the assets in one wallet. 

… i.e. ensure that wallet “A” has all your POS assets, and wallet “C” has all your POW assets.

5) Continue using wallet “A” ONLY on POS, and wallet “C” ONLY on POW.

No replay attacks will be possible from this point on, b/c wallet “A” is empty on POW, and “C” is empty on POS.

— Elerium115 (@elerium115) August 13, 2022

Another option to preventing Replay attacks would be messing up the transaction nounces, which might be technical.

12/12

Replay attacks ⚠️

To mitigate replay attack risks you could:

• mess up txn nonces
• send your assets in the POS to another wallet
• make txns with very low gas so they fail in the other chain

Read the post extensively if you plan to transact: https://t.co/Z0lAK3BSVp pic.twitter.com/QOd50Qefbn

— olimpio ⚡️ (@OlimpioCrypto) August 11, 2022

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments