Replay Protection in Bitcoin and Why it is needed

Replay Protection is in the news recently due to Segwit2x developers’ consistent refusal of adding it to the Segwit2x code. Replay protection is a special kind of protection that protects transactions to be copied between two Hard Forks of the same blockchain which is also referred to as a Replay Attack.

What is a Hard Fork?

In a blockchain, the code for validation of transactions is consistent throughout all the computers validating that blockchain. If a transaction contains some new code that isn’t present in the validation formula of the other computers that are validating the blocks, it is rejected. When some new code is added to the software for the blockchain, it needs to be backwards compatible so that the computers running the old code of the software can validate the transactions with new code. If it isn’t compatible with the old code, it creates a fork in the blockchain which means that computers with new code will validate the transaction while the ones with old code will reject the block which contains the transaction. This breaks the consistency in the blockchain and creates two different blockchains. This is known as Hard Fork. Two different chains means that you will have your coins on both the blockchain but they will be completely independent of each other. If you send some coins from your address to other address on one chain, you will still have the same amount of coins on the other chain and the transaction will never occur on the other chain.

What is a Replay Attack?

A Replay Attack is an attack in which the transaction from a different chain can be copied on the other chain. Since the signature are same on both the chain, the other chain will validate the transaction. For example, If you send some btc to an address on the Segwit2x chain, the same transaction can be replayed and copied to the bitcoin legacy chain.  So if you send some coins from your address to some other address on one chain, someone can copy your signature and force the same transaction on the other chain. This means that you will lose your coins on the other chain that you didn’t intend to send.

What is Replay Protection?

Replay protection provides protection from the replay attacks. Replay protection adds some sort of code in the transactions on the new chain which makes them invalid on the legacy chain. This means that even if someone copies the signature of your transaction from the new chain, it will be rejected on the old chain since it will not be validated. Replay protection is a non backward compatible change which means that an existing blockchain cannot add Replay Protection without hard forking which means that it is the responsibility of the new chain to add replay protection code.

Alternative to Replay Protection

While it is best to have replay protection in the new fork, there is an alternative if the developers of the new chain refuse to add replay protection. The coinbase transaction, i.e, the transaction consisting of new coins that are minted on the blockchain is safe from replay attacks since those coins didn’t exist on the old chain. The old coins can be mixed with the new coins via a mixing service to make them replay attack safe.

Conclusion

It is always the responsibility of the new hard fork to add replay protection to their code as the legacy software cannot add it due to it being backwards incompatible. Since, Segwit2x developers’ has refused to add the replay protection, it would be dangerous for exchanges to list both blockchains on their servers due to them being the most profitable target for the replay attacks. This will force them to setup a mixing service which will take time and force them switch the wallets off for some time.

 

Read Jimmy Song‘s post on Replay Attacks for more information.

 

What do you think about segwit2x developers’ decision to not add replay protection to their code?

Please follow and like us:
RSS
Follow by Email
Facebook
Google+
https://blockchaind.net/replay-protection-bitcoin-needed/
SHARE
LinkedIn

Shivam Chawla

I am a Full Stack Developer and a part time Crypto Trader. I have been connected with cryptocurrencies since 2013.

Leave a Reply