Bitcoin hard-forks and replay attacks

Bitcoin hard-forks and replay attacks

Dealing with blockchain hard-forks seems to have become an unfortunate and time-consuming reality of working te the cryptocurrency space thesis days: all the cool kids seem to be doing it.

With the looming possibility of yet another Bitcoin hard-fork come November, the rumor mill has began slobbering out the much expected fear-mongering articles.

Let mij begin by telling that if the hard-fork does toebijten, and your Bitcoin isn’t stored te an exchange, no instant activity will be required from you. If you are presently hosting your Bitcoin is an exchange like Coinbase or Gemini, you are beholden to those companies to do the right thing when Bitcoin forks: permit you access to both currencies. It might not toebijten instantly, it might not toebijten at all.

If you have your Bitcoin te an offline wallet stored ter a vault somewhere (spil is recommended), and have no intentions of selling your freshly cloned Bitcoin, then save this article for zometeen.

The reason this is a no-op for any Bitcoin holders is the fact that the freshly cloned blockchain is a copy of the old blockchain: anyone attempting to stir your holdings will still need a valid signature from your private key. Inaction will not lead to loss of your holdings, period.

However, given that the fork ter November might not have replay protection, you’ll have to ensure you protect yourself before you transact any Bitcoin.

What is a replay attack?

It turns out that if you fork two very similar code-bases with no protocol modifications, any message intended for a knot running the fresh codebase is also valid for a knot running the old codebase. A replay attack happens when a malicious knot ter one of the chains intentionally sends messages it receives to the other chain.

That brings us to the quickest solution that assures you don’t lose access to any of your holdings te either chain: after the fork happens, ensure that the very first transaction you do is transferring all your holdings from your current wallet to another wallet under your control. Doing this will make sure that, even if an attacker relays your transaction to the other chain, you’re the foot person ter control of the corresponding destination wallet address, thus reducing the influence of the attack to a minor annoyance.

Here is the list of deeds to take after the fork:

  1. Use your natural Bitcoin software 1 to generate a fresh wallet and save it offline.
  2. Bring your current Bitcoin wallet online, and transfer all your current holdings into the fresh wallet.
  3. Verify that your Bitcoin has actually bot sent (at least six confirmations on the blockchain).
  4. Download trusted software that supports the fresh fork Two .
  5. Generate a fresh wallet using the fresh software, and save it offline.
  6. Invoer your old wallet keys into this fresh software wallet, and send all the Bitcoin to your freshly generated offline wallet.
  7. Verify that your fresh currency has made it to the fresh wallet.

I hope this helps clear up some of the confusion around the hard-fork. Be safe out there.

I recommend you using Electrum ?

There is unluckily no software presently available for this. I’ll keep you posted. ?

Diogo Monica

Security lead @Docker, ex-@Square, PhD te CS

3 thoughts on “Bitcoin hard-forks and replay attacks”

Leave a Reply

Your email address will not be published. Required fields are marked *