Fun

Replay Attack in crypto

lhorgic - 2024-06-27 18:52:15



|![1000256998.jpg](https://cdn.steemitimages.com/DQmZtLVsFqDJMPcEN932eGBo53ryhLNyNR8o79Y4a8cap2E/1000256998.jpg)|
|---------|

|
[freepik](https://www.freepik.com/premium-photo/james-webb-space-telescope-white-background-3d-rendering_21833369.htm#fromView=search&page=1&position=6&uuid=918d305b-56dc-4053-941a-340d92d847eb)
|
|---------|

Hi friends,I hope you're keeping well and getting the best out of the week. Once again, welcome to my blog, I trust you've been getting enough value from the content I dispense here. And yes! I brought you another interesting topic just as seen in the capture for this post.

As usual am gonna simplify this topic to the best of my ability, making it comprehensive enough for even a novice to grasp. So let's get into it right away guys. Let's talk about Replay Attack guys!

|
**Introduction**
|
|----------|

As I go future into my quest for knowledge I keep discovering new stuffs especially in the line of Blockchain and crypto attacks and scams even in the cyber space. I've found out that there seem to be no end to these dubious act, new means are being deviced everyday as long as there are vulnerability and loop holes in this space.

The attack we want to talk about today is not new though and at the same time, it's not a common attack, interestingly, it's deemed to be one of the simplest attack in the crypto and cyber space as a whole. Anyways I would be taking you on this journey, as I open your eyes to this attack. Let's get in guys!.

|
**What is Replay Attack**
|
|-----------|

A reply attack is an attack carried out by a cyber criminal or hacker who successfully intercepts or get in the way of a message sent across a secured network. Here he chooses to delay and later resend the same message but this time to misdirect the receiver into doing his biddings.

In simple terms, he parades himself as the original sender of the message after intercepting the message and of course have maliciously resent the message for his personal gain. I think I need to also mention that these messages are usually encrypted since it's transmitted over a secured network but you know what?


|![1000256999.jpg](https://cdn.steemitimages.com/DQmUkGYp8CcQ9ksG7RmJQKinQevwXbP3S1QVpEQfLT7dNyZ/1000256999.jpg)|
|----------|

|
[freepik](https://www.freepik.com/free-photo/indian-hacker-wear-mask-using-laptop-empty-white-room_9314243.htm#fromView=search&page=1&position=4&uuid=918d305b-56dc-4053-941a-340d92d847eb)
|
|---------|


This has never hindered these malicious folks, they do not even need to decode the message, all they do is capture the message in it full detail while on transit with full authorization from the sender and then, resend it, this time, he is resending it by masquerading as the real sender even without being detected by the network.

This kind of attack is majorly used to perform unauthorized and duplicate transaction which of course is fraudulent because they are clearly impersonating the original sender.

|
**How this attack is done in the crypto space**
|
|--------|

A replay Attack is usual carried out on forked chain, it very prevalent in this kind of situation. They leverage on the fact that since there is fork, a hard fork to be precise, then we have two blockchain sharing the same transaction history
Now what the attacker does is this, he eavesdrop or intercept a valid authorized transaction made on one of the Blockchain and then replay (broadcast) it on the other chain.

What then happens is that the transaction has been highjacked. The chain where this impersonator has replayed it will confirm this transaction since it's a forked chain it will be confirmed on both chain, meaning the real initiator of the transaction would have to loose on both chain because someone got in the way of the transaction.

And it could also be done form another angle where the attacker leverages on the flaw of the forked chain by initiating a transaction on one as the real initiator and then get an undue gain from both Blockchain as we would see in a typical example I will be sharing below shortly.


|
**A Real World example in the Crypto Space**
|
|---------|

One typical example is the case of Ethereum during it early days in 2016 when it forked and became two chain. It was an hard fork that created two coin. The original Ethereum network had to change it name to Ethereum Classic (ETC) while the new one had the name Ethereum (ETH).

At this stage, any valid transaction done on either chain was also valid on the other chain because of the structure as at that time. This was what people later exploited. It happened that when people noticed they began playing this trick... when they withdraw ETH, they get an additional ETC and they kept on replaying this act repeatedly on the network. This same thing also happened with BTC and BCH in 2017

|
**Preventive Measures**
|
|-----------|

• **Opt-in Replay protection:** this technique ensures that replay of attack is curbed as transaction on one chain becomes invalid on the other unlike how it operates before where both chain confirmation a transaction.

• **Transaction Tagging:** this techniques is solely to guide against a reply such that every transaction has a unique identifier which helps ensure that a transaction can only be carried out on the intended chain and no other.


|![1000257003.jpg](https://cdn.steemitimages.com/DQmShkvQsACDiw3FAEA6smMu5PUzUhEhstzhjFvvKoZ1TLw/1000257003.jpg)|
|---------|

|
[freepik](https://www.freepik.com/free-photo/close-up-hands-holding-tablet_19925272.htm#fromView=search&page=1&position=8&uuid=fbc6a183-8a2d-48eb-b57d-1f35ba205756)
|
|---------|



• **Timestamping:** this is also a way to prevent this replay attack such that transaction can only be valid within a specific timeframe after which it would become invalid say 3 mins. This would curb the act because there is a time frame attached for a particular transaction.


**Bottom Line**
|
|---------|

I believe by now we know what an a spear Reply Attack is and it negative contributions to the smooth running of a Blockchain network. I trust you've gotten so much from this piece. As my usual custom is, I would always encourage that you DYOR to be sure of every financial step you would want to take as I won't be liable for any form of loss encountered by you.

Feel free to share with me your thoughts in the comment section. Thanks for your time once again. Gracias!

-------------

**Disclaimer: This post is made as an education and not investment advice. Digital asset prices are subject to change. All forms of crypto investment have a high risk. I am not a financial advisor, before jumping to any conclusions in this matter please do your own research and consult a financial advisor.**

----------

Regards
@lhorgic♥️

-----------


Reference